.

An Ethical Hacker must have these skills...

<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Aug 04, 2008 4:29 pm

Re: An Ethical Hacker must have these skills...

Welcome to the forum, I would say an Ethical Hacker / InfoSec Professional really needs to have passion.

By this I mean is a general interest for IT Security and all that it encompases. The Security field is very varied with so many subject domains, but dont worry about becoming the guru of everything security. Personally I feel its important to have a high level understanding of all of these domains, but by no means be the master of all.

As you start looking at InfoSec you will find what it is that floats your boat, these maybe technical or soft related skill sets, but as long as you enjoy it and you have passion you can succed.

All the best on the journey.
<<

bruha666v

Newbie
Newbie

Posts: 7

Joined: Thu Aug 07, 2008 12:32 am

Post Thu Aug 07, 2008 1:11 am

Re: An Ethical Hacker must have these skills...

  Hi Guys!

  Im bruha666v from the philippines..im a computer science graduate and was exposed to "vb6" for four years. :-[

  I decided to take this course because i wanted to learn how make viruses and stufss but later found out that its wrong. so here i am trying to learn how to hack.

  But im really confused where to start and what to do.  Then a guy i met in a chat room who is also from the philippines challenged me to hack his site and would give me 20k if i do so.

  What i need to do is login as admin and just get 20 customer accounts and passwords from his customers database and send it to his email. The site is using php and the URL is:tipidweb.com.

  I believe this could help me start out.Hope you guys could help me out. Im not in for the money, i just wanna learn.

  Thanks!


 
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Thu Aug 07, 2008 3:22 am

Re: An Ethical Hacker must have these skills...

bruha666v wrote:But im really confused where to start and what to do.  Then a guy i met in a chat room who is also from the philippines challenged me to hack his site and would give me 20k if i do so.


You serious? Is that a closed offer or can anyone play? ;)

Any chance this guy is actually any way responsibl for the site in question?

First phase of any penentration engagement is to get a formal contract in place providing full authorisation for you to carry out the work, that way you don't get sued/imprisoned when someone changes their mind. Otherwise known as a CYA document.

I'd be very inclined to take this 'offer' with a pinch of salt...

(P.S. I've got $20million stuck in an offshore account, I could give you 10% if you help me transfer it into your country....)
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Thu Aug 07, 2008 4:43 am

Re: An Ethical Hacker must have these skills...

As RoleReversal says, I think you are buying into this to much.

One its in a chat room, and as on the Internet you can be anybody, I would ignore this guy.

If someone was to REALLY offer you work, it should be via more official means. Just because someone owns a website, its probably hosted by someone else and they would be responsible for authorising any Pen Testing, etc.

If you want to learn / practice pen testing, then have a search on this great forum for information on setting up a virtual lab, using live cds etc.
<<

bruha666v

Newbie
Newbie

Posts: 7

Joined: Thu Aug 07, 2008 12:32 am

Post Thu Aug 07, 2008 6:10 am

Re: An Ethical Hacker must have these skills...

Thansk for the reply RR and DP..

Well the guy actually owns the site and he brags about it being "unhackable" and he is manila right now maintaining the site. So im pretty sure its not a scam or watever. Anyway ill try to contact him again and get the "letter" as you told me RR.

Anyway, its been nice knowing you guys are out here helping other pipol out.

Ill update you guys as soon as i get in touch with him again.

Bruha666v
<<

bruha666v

Newbie
Newbie

Posts: 7

Joined: Thu Aug 07, 2008 12:32 am

Post Thu Aug 07, 2008 6:11 am

Re: An Ethical Hacker must have these skills...

Btw, have you guys checked the site?
<<

sgt_mjc

Sr. Member
Sr. Member

Posts: 294

Joined: Tue Feb 05, 2008 8:34 am

Location: AL

Post Thu Aug 07, 2008 8:28 am

Re: An Ethical Hacker must have these skills...

I did a little research on the site and found that it is hosted by GoDaddy.com. Now that mean that you bruha would need not only authorization form the site owner, but also from GoDaddy. I did my research at dnsstuff.com. Further research shows that this is a Philippine web service provider. Chances are that you are getting in over your head. I would say stay away.

By the way, what was this chat room contacts name?
Mike Conway
CISSP
CompTia Security +
C|EH
<<

oldgrue

Newbie
Newbie

Posts: 13

Joined: Thu Jul 31, 2008 11:28 am

Post Thu Aug 07, 2008 3:08 pm

Re: An Ethical Hacker must have these skills...

Critical Reasoning Skills.
Developed sense of paranoia.
<<

sgt_mjc

Sr. Member
Sr. Member

Posts: 294

Joined: Tue Feb 05, 2008 8:34 am

Location: AL

Post Thu Aug 07, 2008 4:00 pm

Re: An Ethical Hacker must have these skills...

exactly

I find myself researching emails from people I don't know just to figure out if they are legit or not. the spammers are getting better by having names on the emails, but they don't often match the name on the email. It cracks me up.
Mike Conway
CISSP
CompTia Security +
C|EH
<<

bruha666v

Newbie
Newbie

Posts: 7

Joined: Thu Aug 07, 2008 12:32 am

Post Thu Aug 07, 2008 11:36 pm

Re: An Ethical Hacker must have these skills...

Thanks jm..

btw, he's in irc. Channel: bacolod | nick: panulay

anyway, this site has really opened me to new ideas and concepts that could help start.

Im backed out already knowing that this could get me into trouble. Thanks guys!

Hope you could help me out. I really want to know how to "hack". Not because i want to get into other peoples files o computers but i want to learn how to protect myself too knowing the vulnerabilities.

Thanks for the replies guys!


Bruha666v
<<

$w33p3R

Newbie
Newbie

Posts: 30

Joined: Fri Aug 08, 2008 10:39 pm

Post Sat Aug 09, 2008 12:42 am

Re: An Ethical Hacker must have these skills...

Back to the original topic;

I agree with one of the other posters in this thread...You have to start with the basics and work up if you ever intend to be proficient in your profession, in this case, working as an Ethical Hacker (Network Security).

My recommendations would be:

A++, Network+ - You don't necessarily have to have these certs, but having the knowledge that these certs test you on is essential to even start understanding how to hack.

Linux Is Your Friend - A basic understanding of Linux is pretty much essential in my opinion.  How can you hack something you don't understand anything about.  At least know the basic commands: rm, ps, top, cd, ls, chown, su, sudo, etc.  Staring at a Telnet/SSH prompt and not knowing what to type is hell...(Been there done that)  Plus, several great tools are only available in Linux.

Programming - At least some type of basic programming understanding...I started out back in the QBasic days...telling my age now...Anybody else remember that or am I the oldest fart on the board?  lol  Unless you want to be labeled that dirty word, "script kiddie", you best be able to write some of your own stuff or at least be able to modify others to suit your purpose.

Social Engineering - Yes, I would label this as a requirement for the ethical hacker and even a black hat hacker. (I know some will disagree)  There will be times when you are just not going to get in...the IT Department has done their job and done it well.  You must be able to go to the weakest link, the employee, vendor, etc. and be able to get the information you need to compromise their security.  You can't be just an all geek and number cruncher..you must have some social skills too.

This is just my opinion and we all know what opinions are like.  But, I honestly couldn't see someone succeeding as a hacker without these basic skills.  You might be able to run a script against a web site or company with very poor security, but when you come up against a company/web site that has done their homework, that is where it will take skill and patience when the pre-written scripts fail.

In this high speed internet / fast food society we live in, we always want the quickest way and take all the shortcuts we can.  But we must remember we are only cheating ourselves if we skip the basics.  Take your time and build a good foundation, then the advanced skills come a lot easier.
MCP, CEH
<<

bruha666v

Newbie
Newbie

Posts: 7

Joined: Thu Aug 07, 2008 12:32 am

Post Sun Aug 10, 2008 5:13 am

Re: An Ethical Hacker must have these skills...

Guys!

  Remember the guys i told you that owns the site > Tipidweb.com ?? well he told me that godaddy.com doesnt host his site...He has his own dedicated server in the us. and he's really bragging about it. He also told me that he uses the combination of different sql and php code and API combinations. I stopped messing with his site coz u guys told me to back off. Well thanks anyway...



 
<<

Amat3ur

Newbie
Newbie

Posts: 2

Joined: Tue Mar 25, 2008 9:03 pm

Post Mon Aug 11, 2008 8:49 am

Re: An Ethical Hacker must have these skills...

This is a great thread to look at, when you hit your first plateau.
Some great information :)
And unlike some of the others here, I wanna know how to get into others systems without a proggy(I dont buy the ole "I wanna learn to protect myself"  jazz!! lol.), I wanna know how to bounce off nodes to make detection that little more difficult, I wanna know how to mass inject a server, and tell Frank he'll be alright once he gives my favourite Milli Vanilli single back!! I wanna know what the heck Im talking about when Im talking it!! lol

Im not gonna try and mask what I want to learn, as it only hinders my own learning, and there's nothing better than learning something you wanna learn ;)
But I can say out of all honesty..  Its out of curiosity and fun that I have been interested.
I dont wanna be the next Phantom Menace online.
But would like to be able to know, what Im looking at, when its right infront of me.

Freedom of information, and Common sense, are 2 necessities greatly under utilised when starting off.
Understand these, and patience will be your virtue ;)

My 2 shillings worth ;D
<<

gascoin

Newbie
Newbie

Posts: 1

Joined: Fri Oct 31, 2008 3:28 pm

Post Fri Oct 31, 2008 3:50 pm

Re: An Ethical Hacker must have these skills...

Dengar13 wrote:Why not start out reading a book on hacking, like Hacking for Dummies, Hacking Exposed, any Kevin Mitnick book?  This could give you an overview of the fundamentals of hacking, and the Mitnick books have good stories, and history on hacking.

There are too many elements to consider on where to start.

Welcome by the way.



I am a newbie in hacking. I want you to be my mentor. Though much depends on me, I will be glad if you can help me through.
:)
<<

Lancewang

Newbie
Newbie

Posts: 1

Joined: Wed Dec 03, 2008 1:53 am

Post Wed Dec 03, 2008 2:15 am

Re: An Ethical Hacker must have these skills...




The only thing worse than training good employees and losing them
is NOT training your employees and keeping them
                                                          - Zig Ziglar 
this make sense:P
PreviousNext

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software