Tag: security

Where To Hack?

Five years ago I got my first taste of a real IT job. I was teaching in China for an English boarding school in China and a new firewall needed to be installed. The manual was all in Chinese and the school didn’t want to bring in an outside technician to set it up. So I gave it a try and managed to get ACLs and other rules up and running. Soon after that, I would find myself securing the networks, cleaning USBs and recovering important financial data from a highly corrupted computer that no longer booted!

Needless to say, China got me interested in cyber security as a career field. In the following months after leaving China, I studied the basics and slowly grew my knowledge of security concepts and best practices. I learned a lot. Occasionally this information flowed out of my mouth like a glorious fountain when I did helpdesk and consulting work. Despite all of this knowledge I slowly realized that everything I have learned did not address the must crucial element to defending any point of information. I had absolutely no clue how to hack! Even if I did, I didn’t know where to hack…legally.

Sure I could go home, spin up a VM and try to attack but how would I even begin? I did find tutorials on hacking but there are so many exploits out there. Which ones do I want to try? Can I set up the victim machine properly so that the attack works? What if I wanted to try a different exploit? What will I need to do the configure the victim machine so that would work? Where does it end? I realized I would be spending more time configuring VMs than actually learning penetration techniques. Thus, I walked away…

Only to return a year later. I still wanted to know how to exploit systems. Places like ITProTV and Cybrary are good places to get some hands on training but it costs money which builds up over time. There are training seminars that cost thousands of dollars. Maybe on the job experience or going back to school is a good option to learn? These choices can limit who can get hands on ethical hacking training which seems to be the opposite of what the industry needs.

Fear not! It is not all gloom. If you are willing to self-study, there’s hope!

There are free sites online that offer hacking challenges from absolute newbie (me) to advanced (Hackerman?). I am going to go through some that I found pretty helpful even if some of these sites are already well-known.

Over The Wire

If your Linux skills aren’t great, OTW can help with the Bandit challenges. You’ll learn things like ssh, file traversal, netcat, and general command line usage. It is not hacking per se but knowing some basic Linux is a must for the field. I am sure that Windows or MacOSX are capable of performing hacking techniques. However, a lot of tools are designed for Linux and nine times out of ten a hacking tutorial is designed for a Linux environment. Give it a try!
https://overthewire.org/wargames/

Hack This!

Probably one of my favorite sites, HT! has challenges from webpage exploitation to steganography to cryptography. It is beginner friendly with a hint for almost all of the challenges and a forum where you can ask for help. It is also a great way to improve researching skills as you learn about different security concepts and how they can be exploited. The only downside is that you won’t actually be penetrating any VMs. Regardless, this site is a definite must!
https://www.hackthis.co.uk/

Hack This Site

Similar to HT!, HTS offers challenges from newbie to advanced in a similar categories. It also offers a forum and hints that point you in the direction you should go to learn about a concept. As before, you won’t be hacking into VMs but the experience hacking web apps should not be passed up. Another must!
https://www.hackthissite.org/

Hack The Box

Another favorite is HTB. HTB has different challenges much like before but it also has VMs just waiting to be hacked into! That’s right! Legal hacking! HTB is a step up from HT! and HTS. There are still challenges for newbies though newbie is a bit relative for this site. If you’re like me, I would recommend going through walkthroughs for retired challenges while attempting an active challenge. There is a monthly fee for access to retired challenges but it’s less than $15. The one catch is you have to hack your way into the site. If you feel up to the task, hop on, hack on.
https://www.hackthebox.eu/

Microcorruption

Although it is not hacking in the conventional sense, reverse engineering is a great way for to learn how to pick something apart and exploit it. MC is essentially an online game where you have to trick security locks to open and let in your operatives. The challenge here is that you will be working with assembly language and a simple debugger. It adds an extra twist to analyzing code and understanding what is happening. Relatively speaking, this site is accommodating for beginners.
https://microcorruption.com/login

There are a couple more sites and resources that can be helpful learning hacking with hands on experience that I do not have a lot of experience with but worth looking into.

I’m sure there are other wonderful resources out there that won’t break the budget and still give a bang for your buck. But you get what you don’t pay for. There will be little hand holding and the learning is largely up to you. But if you don’t give up and dedicate the time, the rewards are worth it!

BSides Idaho Falls – Day (n where n > 2)

I’m back home from from BSides Idaho Falls which was an amazing conference. I hope to go to more like it and back to Idaho Falls next year. Now that the initial excitement of the conference is a little more tame, why not write a “lessons learned” post? Since this blog is focused on cyber security and my personal journey in the field, I will mainly stick to those topics but want to clarify that this conference also affected me on a more personal level. With that said, here are my after-conference thoughts.

Participating in the Cloud Forensics training seminar had the largest impact on me. This course made me reconsider my career focus. From first hand experience with AWS, I can definitely say that setting up a cloud environment is both a blessing and a curse. Yes, it is ridiculously easy to spin up a machine and hop on it in a matter of minutes. The documentation of implementing different features is pretty reliable and its modularity makes it very powerful. At the same time, that modularity makes it easy to misconfigure the setup and can accidentally allow unwanted access to your resources. It’s not enough to setup an environment and load up all of your stuff on it. You need to work out the security settings and infrastructure which often seems to be overlooked when using cloud services. Remember, cloud services like AWS will protect their infrastructure. You have to protect your resources. Having a deeper understanding of cloud security in my back pocket will not only benefit me but it will allow me to help others navigate this relatively new territory.

A somewhat less career-focused benefit of this seminar is that it pointed out some skills I can improve on. During the CTF (Capture The Flag) challenge, I realized that I can learn a lot more about encryption. I already know the main concepts of encryption but I do not know of the numerous ciphers and techniques that can be used to encrypt data. I am aware of some but there are a lot more I can know! This is important to me since I currently inspect network traffic for breaches and occasionally see encrypted text that could be remote code executions. In the long run having this knowledge during investigations means less guessing and more knowing which in turns improves how I report suspicious or compromising activity. This fits firmly with my belief that in order to defend something, you need to know how to attack it.

The seminar was not the only thing that had an impact. The different villages inspired me to do more. For example, the tinkerer’s village renewed my interest in hardware and circuit boards. I doubt that I will ever make that my career focus but it is fun to play around with and to have a better understanding of how machines physically work. I have to see if I actually do have an Arduino board in my tiny collection of circuitry tools so I can access the microprocessor of my conference badge. The lockpick village was a reminder that my skills have seriously atrophied…not that they were really good to begin with. However, a high school kid gave some pointers that I have to try out on my sets at home. Kudos to that kid!

The career village was the one village I forced myself to go into and I’m glad I did. Much like networking with people, writing resumes does not come naturally to me. Also like networking with people, it is a needed skill with great benefits. I received advice on how to craft a resume for my industry which is quite different from all of the other resume workshops I ever attended and what to think about as I move forward with my career. So, I will be rewriting my resume to make it stand out even more for future positions.

Finally, the talks. Honestly, I did not see many talks this time but the ones I did see really inspired me to one day present a topic myself. I don’t know what I would present on but the idea is enticing. I’m thinking maybe something about cloud security. Or maybe how hacking has improved my defending skills? Or maybe I find an unknown exploit and present it after responsible disclosure and a patch has been released? I really don’t know at the moment but I do feel that one day I will be in front of an audience to give a presentation.

Going forward, I want to keep learning so that I may help others. That’s what started this blog in the first place. Finding a way to contribute and help others even if it is a small contribution. I plan to continue going to conferences like BSides that focus on cyber security and technology as a whole instead of ones that focus on a specific tool or product. There is nothing wrong with those conferences. I’m just not that into them at the moment. I like being able to switch from one area of security to a completely different one that does not explicitly endorse one tool over another. My view is that if I know my end goal or have an idea of what I want to do, I can research the tools along the way. And there are generally multiple tools that provide the same basic functions. It’s a matter of features/bugs. Anyway, I hope to continue contributing to this amazing community one way or another.