.

Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

<<

psyk0de

Newbie
Newbie

Posts: 11

Joined: Tue Aug 07, 2012 9:13 am

Post Wed Aug 08, 2012 2:01 pm

Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

Hello!
This is my second thread in this forum.  :o
xx Version 0.0.3 (Alpha 3) xx
xx Next Update: 0.0.4 (Alpha 4) Minor fixes ignored xx
I created this guide in order to help newbies start their lives in the InfoSec area.

Your ideas make this thread better. Don't forget to post them.
No time? A simple thanks to push this thread up is also of help!

Main Goal of this topic is giving the Best page to everyone on this forum or anywhere on the net who wants to start learning!
Remember... "Learning is Living."

TL;DR? Your problem dude!

Now, lets begin:

xx Introduction xx
So you think you can dance? This is a really hard way to go. You can do it much easier, but the easier it becomes the less you will be learning.
I personally believe that If you really want to learn something you should always take the hardest path to your goal.
Again, to make this thread better, I need your help. Please post your ideas and reviews on this guide so I can make it better.

xx Types of Hackers xx
We have three kinds of hackers out there in the world:
Image
White Hat - The good guys... I mean they call them the good guys... sometimes they are the bad guys... They are the ones who protect the services/websites from getting hacked.
Image
Gray Hat - White hat during the day... Black hat during the night... I mean this is the best way to describe them... They are not good and not bad.
Image
Black Hat - Wow, these are the bad guys. They make millions in a week but with a risk of not getting the time to use that money! Well, they hack systems, bank accounts and many other things which are fun for them or $$ is involved in them :D .

There are more groups, they will be added in the first beta.
==
Well you might think that Black Hat hackers are the most awesome groups out there... Tell you what... YEAH... but wait... NO!!!! Yes, it is fun... You make millions... But, But... You will think again when I introduce you to Bubba (A character from a book I was reading a few months ago.). Let's say it's not good for now. He will be added in the beta.
But there is one thing that all of the hackers share... and that's "Terminals with black background and green text!"
Anyways,  I will be helping you to become a h4x02!

xx LEVEL ONE: BECOME A PROGRAMMER xx
The first thing you should know when you want to become a hacker is a programming language. You might think ow yeah I know I know, I should learn PYTHON! I will smile and say No. Well Python is an awesome language to learn. Very easy. That's exactly why I am saying No to It. If you learn python now you can never become a 1337 h4x02. Why? To be a 1337 h4x02 you need to have complete knowledge on how Computers function and have complete knowledge on a certain OS (Linux, BSD etc.) it is only possible if you know the Ninja Language: Assembly . Python is a high-level programming language but Assembly is a low-level programming language. Wait what? low-level? Okay, take a look at this picture:
Image
Read these quotes:
A programming language such as C, FORTRAN, or Pascal that enables a programmer to write programs that are more or less independent of a particular type of computer. Such languages are considered high-level because they are closer to human languages and further from machine languages. In contrast, assembly languages are considered low-level because they are very close to machine languages.

The main advantage of high-level languages over low-level languages is that they are easier to read, write, and maintain. Ultimately, programs written in a high-level language must be translated into machine language by a compiler or interpreter.

The first high-level programming languages were designed in the 1950s. Now there are dozens of different languages, including Ada, Algol, BASIC, COBOL, C, C++, FORTRAN, LISP, Pascal, and Prolog.

And:
A programming language that is once removed from a computer's machine language. Machine languages consist entirely of numbers and are almost impossible for humans to read and write. Assembly languages have the same structure and set of commands as machine languages, but they enable a programmer to use names instead of numbers.

Each type of CPU has its own machine language and assembly language, so an assembly language program written for one type of CPU won't run on another. In the early days of programming, all programs were written in assembly language. Now, most programs are written in a high-level language such as FORTRAN or C. Programmers still use assembly language when speed is essential or when they need to perform an operation that isn't possible in a high-level language.

Okay... Now I hope you understand why I am telling you to learn it. No? Okay,
Assembly is a low-level language and it is very similar to the language that the computer is able to understand. If you get the ability to write in it, Any high-level programming language is a piece of cake for you.
xx LEVEL TWO: LEARN LINUX xx
The Second Thing to learn is Linux. Linux is an Operating System like MS Windows but it is totally Open-Source which means you have access to the code of the OS and you can Edit it and create your own version.
Where can I learn to do that?!!
This will get you started: http://lifehacker.com/5778882/getting-s ... lete-guide
But why Linux?
Look... You might think that Windows is great why should I move on to Linux?
Windows is great. But the main problem of Windows is that it's source is not available to us to edit it and hack it. Let's put it this way, Think that you're a 3-year-old kid. You are inside a small cage probably your own size. This cage gets smaller and smaller for you but there is no way out. You can't even break the cage and come out of it. Wait... you can... If you move on to Linux it is possible! In Linux you're a 3-year-old kid in space! No limits!
I recommend every newbie to use Ubuntu.


Books? <Will be added in 0.0.3c (I have to check my library)>
Now It's time to get wild!!

xx LEVEL THREE : DO IT THE HACKER'S WAY xx
BECOME A HACKER!!
Yeah! that's it! Wait... No. I'm jokin... keep on reading:
Now there are two things you should read now:
http://www.catb.org/esr/faqs/hacker-howto.html
http://securityreliks.securegossip.com/ ... eginnings/
Now...
You need to setup a small lab in your Computer.
Download VirtualBox.
Download These OSes and install them using VirtualBox:
Ubuntu 1x.xx (Latest version)
Ubuntu 10.10
CentOS
Windows XP
Windows 7
Set up your small lab using VirtualBox and the OSes mentioned above. Wait? You don't know how? Google them for god's sake!
And take a look at this:
http://blog.rootcon.org/2012/02/10-pent ... s-you.html
This list shows 10 of the Best Penetration Testing Linux Distributions you might want to use to hack. These Distros are geared with the best tools to help you hack.
Which one is the best? I think BackBox 2.05 Reason? Faster, No unnecessary tools.
But keep in mind that most of the people use BackTrack. Why? Ask them.

Okay, now you should get your hands on some free tutorial mats out there.
First thing to do is to hack your own Wireless Router. Google it. There are many videos availabe on Youtube.
After that learn Metasploit. You can use SecurityTube.net megaprimers to do so or search Metasploit Unleashed in google.
As Skyler said: "There is none. Thats okay. You need to learn to revel in the successes! Become a sponge and just absorb everything. When you read something you don’t understand, dont fret. Just remember it, let it serve as a placeholder, and learn about it when you can."
LEARN, LEARN, LEARN.


And Remember... GOOGLE IS YOUR FRIEND (At least for now!).

Well, this thing will get updated only if I see that it's useful to you. No feedback or anything from you, This thing will be deserted forever.

Changelog:
0.0.3 - Major Update 1
0.0.2c - Upcoming Updates Added , It took me around a day removed!
0.0.2c - Colors Fix , Grey Hat image resized , Thanks Part added
0.0.2b - Fixed some typing issues and many other things :)
0.0.2a - Added Introduction! OOYEAH!
0.0.2 - Post has a new structure.
0.0.1a - Introducing Colors! A new fun way of learning!

Thanks to:
shadowzero - Great Ideas for new versions


I hope you like this.
Please comment and tell me what you think.
Last edited by psyk0de on Wed Aug 08, 2012 6:07 pm, edited 1 time in total.
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Wed Aug 08, 2012 2:21 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

Hay really good post keep up the good work
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

psyk0de

Newbie
Newbie

Posts: 11

Joined: Tue Aug 07, 2012 9:13 am

Post Wed Aug 08, 2012 2:25 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

Hey! Thanks  ;D
Will change the structure of the guide soon.
<<

shadowzero

User avatar

Full Member
Full Member

Posts: 120

Joined: Sat Jun 02, 2012 10:03 pm

Post Wed Aug 08, 2012 3:00 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

I'll give you some constructive criticism. Please don't take it the wrong way, but look at it as a way to improve your tutorial and future tutorials that you write. I think it's admirable that you want to write a guide to help newbies out, but I believe it could use a bit of work.

First, your tutorial is all over the place. Basically everything you wrote could be condensed to:

1. learn programming
2. read books
3. setup virtual lab
4. use BackBox

However you don't actually provide any detailed information about anything. If I'm looking for a guide on how to write Android apps, and I find someting on the Internet that says "Ultimate Guide To Android Programming", and tells me nothing other than to use Google and buy a book to read, then what's the point of the guide?

If I were a newbie I wouldn't understand what you've written, therefore it's failed as a guide to newbies. What's Backtrack? What's Backbox? Why is it different? One has Flash and one doesn't? So what? Can't I install Flash on BackTrack? I should learn Assembly? Why? What can I do with it? Why is CEH better? Better than what? OSCP? SANS?

Then you talk about hacking a wireless router, but you're not going to show how it's done? So you're pointing me to another guide that does what yours doesn't?

In essence, you've created a contents page telling me, if you want to learn how to do ______, Google it.

I'm afraid that doesn't help newbies at all.

I suggest having a look at some of the other guides online, and learning from their structure and content. A thorough guide takes time, certainly more than a day to work on.

Finally, and this is just my own personal opinion, I suggest changing the title to something less script-kiddie-ish.

Again, please don't take my comments as an attack on your work. Good articles, papers, and books go through multiple drafts and reviews before they get published.

Good luck!
<<

psyk0de

Newbie
Newbie

Posts: 11

Joined: Tue Aug 07, 2012 9:13 am

Post Wed Aug 08, 2012 3:36 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

shadowzero wrote:I'll give you some constructive criticism. Please don't take it the wrong way, but look at it as a way to improve your tutorial and future tutorials that you write. I think it's admirable that you want to write a guide to help newbies out, but I believe it could use a bit of work.

Hey, Thanks. I totally understand it!

shadowzero wrote:However you don't actually provide any detailed information about anything. If I'm looking for a guide on how to write Android apps, and I find someting on the Internet that says "Ultimate Guide To Android Programming", and tells me nothing other than to use Google and buy a book to read, then what's the point of the guide?

If I were a newbie I wouldn't understand what you've written, therefore it's failed as a guide to newbies. What's Backtrack? What's Backbox? Why is it different? One has Flash and one doesn't? So what? Can't I install Flash on BackTrack? I should learn Assembly? Why? What can I do with it? Why is CEH better? Better than what? OSCP? SANS?

Thanks! Will add them in one of the alphas
The idea is also to give credit to other people who put time to write their own guides.
As you can see I added some links to the writer of the Jargon File and Skyler.
shadowzero wrote:Then you talk about hacking a wireless router, but you're not going to show how it's done? So you're pointing me to another guide that does what yours doesn't?

My point here is to encourage the reader to google things. When someone can do it much better than me, for example a youtube video, why should I create one myself when there is one available much better than mine?
And... If I mine everything from the Internet and put them here, then what is the reader gonna do? Read this and become a hacker? No. Some of the mining should be done by the reader. Some people googled and found this page. They can google more!
If I want to cover everything then I should make a 5,000 paged PDF File.
I am not saying NO to it, but the priority is low.
shadowzero wrote: I suggest having a look at some of the other guides online, and learning from their structure and content. A thorough guide takes time, certainly more than a day to work on.

Finally, and this is just my own personal opinion, I suggest changing the title to something less script-kiddie-ish.

Mate, why didn't you read the part that says 0.0.1 alpha 1?
Title is okay, I like it.
<<

ZeroOne

Jr. Member
Jr. Member

Posts: 59

Joined: Tue Apr 24, 2012 7:41 am

Post Wed Aug 08, 2012 5:57 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

Good post, but where did networking go  :o
<<

psyk0de

Newbie
Newbie

Posts: 11

Joined: Tue Aug 07, 2012 9:13 am

Post Wed Aug 08, 2012 6:18 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

ZeroOne wrote:Good post, but where did networking go  :o

Why should I include that?  ???
<<

ZeroOne

Jr. Member
Jr. Member

Posts: 59

Joined: Tue Apr 24, 2012 7:41 am

Post Wed Aug 08, 2012 6:45 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

psyk0de wrote:Why should I include that?  ???


Networking is essential, if not advanced basic.
<<

psyk0de

Newbie
Newbie

Posts: 11

Joined: Tue Aug 07, 2012 9:13 am

Post Wed Aug 08, 2012 7:11 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

ZeroOne wrote:Networking is essential, if not advanced basic.

I dunno... might add in one of the betas.
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Wed Aug 08, 2012 9:21 pm

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

A bit all over the place.  I agree with Shadowzero.  Needs a bit more structure.

As for networking, yes, very important to know the fundamentals of networking.  If one doesn't learn the basics of networking, it could be very difficult to write an exploit that will need to traverse a network without user intervention.  Also if you are shooting for teaching someone pen testing, then it becomes that much more important to know this.

If you are talking Hacker in the purest form, well all you need to get started is a desire to see how things work, how they can be broken and how they can be made better.  After all that is where it started, shoot one could say Thomas Edison was a hacker. 

As for the hats... grey hats are more about the curiosity.  They will hack things just to hack them but are not in it for any real personal gain.  They hack for the pure challenge of it all.  White hats, well they basically are given permission to hack something.  Black hats, yep, the bad guy, but they don't always make millions of dollars.  Some of them make very little and those that might make a good payday, may not live long enough to spend it.  Those that are probably doing well, you will never know about since that is what they are paid to do.  They develop methods that make it nearly impossible to detect them on your network.  They have a mission and they are the most patient.  They create custom malware on-the-fly in order to stay ahead of your defenses.  They know networking, they know hardware and they know how to code.  Or they are part of a team where someone else may be coding while another is dropping the payloads.

Other than that, it is good practice writing such material, but try to make it your own.  Throw in your own experiences, recommendations etc... For instance one thing I found while working through some of the courses, the material is not always updated and does not always match up to companion material.  You may need to do some additional research in order to make something work.  Don't take things at face value.  For example, I am reading through Practical Malware Analysis, some of the labs for Dynamic analysis require you to use certain pieces of software to monitor malware activity.  They reference FakeNET and ApateDNS, but they don't really explain how to use them.  So I improvised, I used ApateDNS to force a system to send DNS requests to my REMnux system running a fake DNS tool.  FakeNET would have been cooler to use but just couldn't find decent info in the small time I had to work the lab.

Keep at it, and don't rush the content.  Spend some time to research, try out some things you find and then add a bit of personal touch to the guide.
Certs: GCWN
(@)Dewser
<<

Novice hacker

Newbie
Newbie

Posts: 43

Joined: Sun Apr 08, 2012 6:45 am

Post Fri Aug 10, 2012 9:26 am

Re: Imma 1337 h4x02 : The super hard but most rewarding 1337 h4x02 guide!

I think the post is great and its great to see that you're helping out beginners like us    :)

So,

1) Keep up the good work!!!!! ( I appreciate it and I'm sure that there are many others)

2) I agree with many of the suggestions mentioned already so your tuts. might prove more useful if you followed some of the above ideas.

3) My personal suggestion would be to (in the next tut) give a bit more detail to your tuts. and provide lots of resources.

:D

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software