15
Advice from Cybersecurity Experts? (hexbear.net)
submitted 1 month ago by [email protected] to c/[email protected]
9 comments fedilink hide all child comments

This may sound like fedposting, so feel free not to respond. I'm asking if people knowledgeable about cybersecurity, penetration testing, etc. could help me learn either through advice or more personal guidance. I'm familiar with Maia Crimew's blog post, but as with most of this stuff it's just vague enough to be difficult for me to push off from. I am really good with computers when using them as intended, but going off the beaten path and finding flaws or footholds is where I struggle. If you have advice or want to guide more closely, you can leave a comment here, a DM, or you can get me on Matrix @cupcake-of-spice:matrix.org

The site hackthebox dot com has battlegrounds with two teams hacking each other's virtual machines while hardening their own. If anyone wants to start a team for that, I'd be up for joining, though at my current state I may not be so much help...

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 3 points 1 month ago

I just went back to Crimew's post and started looking at some of those.

[-] [email protected] 4 points 1 month ago

Word, I'm not familiar with Crimew but I think I just looked at the post you're referencing and there's some pretty good stuff mentioned. I cut my teeth on phrack back when it was still being passed around on BBSes. (There was an article in 43(?) on stealing a pbx that I got a real kick out of as a kid.) Google dorking is fun for basic exploits.

I would seriously recommend starting with understanding wifi hacking and then how Tor works and how to use it. Learn to anonymize yourself and cover your tracks before you do anything that needs it. Build yourself a pwnagotchi (or an esp32-based alt or a cheap pineapple), learn to use hashcat to crack wpa2 hashes, and then get on Tor from wifi you can't be tracked to. From there you can experiment with ways to bounce from random tor nodes to legit websites that are gonna block those nodes.

Keep in mind a lot of the open source mirrors for major websites, like invidious/xcancel, can serve as alternatives for the major corp websites when you're doing your research. Keep as much of your traffic in Tor as you can by using onion sites. Watch defcon and other conference talks for background in concepts that interest you.

Have fun!

[-] [email protected] 3 points 1 month ago

I've got some understanding of Tor. I've built a pwnagotchi in the past and used good ol' aircrack-ng, but always got stuck with a hash I can't crack. From what I've seen wpa2 doesn't go down easily. I have a lot of information, but not much in the way of organizing it usefully, but that's probably a symptom of having too little or too sparse information.

[-] [email protected] 2 points 1 month ago

Oh word. You're well on your way already. While there's plenty out there that can't be cracked in a reasonable time, I find that half the battle is knowing what to try based on the SSID format. Have you run across this table?

https://forums.hak5.org/topic/39403-table-of-wifi-password-standards/

For example, if spectrum is prevalent in your area, grab a copy of the spectrum-netgear wordlist.

https://github.com/andrewjlamarche/PSKracker/tree/master/dicts/netgear-spectrum

this will run through a combo of adjnoun and then 3 digits for each combo. takes about an hour on a 1050ti

hashcat.exe -m 2500 "C:\hashfile.pcap.hccapx" -a6 netgear-spectrum.txt ?d?d?d

I also always throw phone number combos of my local area codes at it. tbh, this is usually what does it if they've got a custom SSID.

hashcat.exe -m 2500 -a 3 -1 ?d "C:\hashfile.pcap.hccapx" 555?1?1?1?1?1?1?1

Honestly, I totally get it, I've got more fluff in my skull than brains. So it's very hard to keep in mind everything I should. I mostly just had some favorite techniques I relied on to do my basic exploration and then once I have a system I can set my sights on that's when I did research and built a plan of attack. I would say definitely check out those syngress books. In case I didn't express that well enough, they're basically hypothetical scenarios wrapped around actual techniques. Great for getting the juices flowing and thinking big picture and how different techniques can tie in to each other. Definitely read the hackback papers.

In minecraft, I would recommend really sitting down and thinking about what it is you're trying to do with these skills and then build up profiles of the types of organizations you would like to work with in the future. Check their job listings for software and hardware they use, try and build org charts to find out the people you would want to get in contact with, etc. From there, the jhaddix methodology is a great start. https://github.com/jhaddix/tbhm

this post was submitted on 25 May 2025
15 points (100.0% liked)

askchapo

23051 readers
132 users here now

Ask Hexbear is the place to ask and answer ~~thought-provoking~~ questions.

Rules:

  1. Posts must ask a question.

  2. If the question asked is serious, answer seriously.

  3. Questions where you want to learn more about socialism are allowed, but questions in bad faith are not.

  4. Try [email protected] if you're having questions about regarding moderation, site policy, the site itself, development, volunteering or the mod team.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]