In /hmg/ we discuss pentesting, ctfs, exploits, and general being a hackerman

In /hmg/ we discuss pentesting, ctfs, exploits, and general being a hackerman.

Resources:

VM/CTFs:
overthewire.org/wargames/bandit/
>easy beginner bullshit

vulnhub.com/
>prebroken images to work on.

hackthebox.eu/
>super secret club

Tools:
kali.org/
>meme dragon distro but it just werks

metasploit.com/
>scriptkiddie starting point and swiss army knife

Tutorials/Guides:
abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob
>From zero to OSCP-hero rough outline

youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA
>IppSec, video guides for retired HTB VMs.

Certs:
eccouncil.org/programs/certified-ethical-hacker-ceh/
>CEH, only looks good a resume to non-technical in HR

offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
>OSCP, the big dick swinging exam, 24 hours to own 5 machines and a further 24 hours to write up a report detailing your methods.

Community:
IRC: #Jow Forumssec @ rizon.net
Discord: discord.gg/3Y7Mr52
Matrix/Riot: riot.im/app/#/group/ hmg:matrix.org

Attached: hackerman-terry.png (680x680, 754K)

Other urls found in this thread:

wiki.archlinux.org/index.php/Upside_Down_Ternet
twitter.com/SFWRedditVideos

What is everybody working on?

Any website oriented hacking books ? I want to specifically learn hacking websites.

Technically, youll be hacking servers.
I reccommend getting into some vulnhubs, because most of the security holes in vulnhubs are in the websites they are hosting.
I usually reccommend Rickdiculously easy, Quaoar, or metasploitable.
Ill have a look if i can find any good books.

I dont really know of any good books, but there are lots of websites that explain XSS and SQLi quite well. Maybe start looking into that type of thing.

The Web Application Hacker's Handbook

thanks

What makes Kali a meme? Is it because of pajeets?

It has more tools than most people know what to do with (or need). Plus it attracts skids. Oh and of course "meme dragon" logo

This If you cant install a regular distro and install whatever tools you use, then you should'nt be trying to hack shit

Is it any good?

Attached: download.jpg (195x258, 8K)

Does anyone have any tips on using radare?

I havent read it, but i did read black hat python, and it didnt actually provide any useful information. If you know python, and you have decided you want to crack a zip file, brutefore a ssh login, then you can just google what modules are suited to doing that. My advice is to just learn python, then decide what you want to use it for.

It simply saves time. That's it. An actual pentester does not have time to fix his Arch installation every few days or waste a few hours trying to install something. The worst part about Kali is the myriad of outdated tools and bloat.

do you guys do it just for fun or do you guys actually make money?
i can't imagine there being any real money in hacking except for really black hat stuff

You can go white hat and advertise yourself in the hopes a company will hire you to find security holes.
I dont make money off of this stuff at the moment, but i hope to turn it into a job a bit later.

I'm about to suscribe to pentester academy, is it worth it?

I havent used it, but i would assume its not worth it. The information is out there, if you are the type of person that needs to be spoon fed, then pentesting probably wont be for you. Just learn by doing vulnhubs, exploit-exercises, etc.

6 figure starting salaries for pentesters with just OSCP where I am atm

>python botnet

Its mainly just for my network, im too much of a bitch to try this in RL.

I also want to put botnet on ip cameras, I noticed by the firmware a bunch of them have busybox, on them. Maybe can do some sort of botnet on there, along with controlling what people see.

I wouldnt recommed writing a botnet in python, not many people have python installed so if you ever want to spread it, it wont be very successful. Im writing a botnet in go at the moment, its perfect for it.

If you are going to write a compiled botnet, make sure to fuzz it, so it cant be reverse engineered with gdb or radare.

>I also want to put botnet on ip cameras, I noticed by the firmware a bunch of them have busybox
that would be pretty cool. have you thought about using shodan to find good targets?

99% of "security" jobs are part of the new wave of SoC jobs. That is, watching a SEIM, and doing tier 1 helpdesk work.

Yep, I have been looking up on that site, that is when I discovered my testing camera
>dlink 5020l

had authentication bypass on web gui you have to be on the same network though.

Which is nice, if you happen to have a malicious firmware with a backdoor you can upload it with auth bypass

Anyways the reason why I went with python on the botnet is because it can run natively on windows without it needing to be installed, in RL situation my target would be windows machines.

>go

I will check it out, is it minimal language or bloated?

There are so many rediculously insecure machines you can find with shodan, i love it. My botnet is almost ready to go, and thats how im going to spread it when its ready.

>Anyways the reason why I went with python on the botnet is because it can run natively on windows without it needing to be installed, in RL situation my target would be windows machines.
How can python run natively without being installed? Are you compiling it, with py2exe or something? That can get really bloated.

>>go
>I will check it out, is it minimal language or bloated?
Its really quite minimal. Its actually quite a beautiful language, i dont know why more people dont use it. Its statically linked, so a go exe will run on any windows machine, and any ELF executable will run on any unix based system, so its great for cross platform development. The go routines are amazing for botnets, because you can have dos with thousands of threads all synced up with no hassle, and multiple threads looking for new connections on your botnet server. Its pretty much a really modern C++ mixed with some great elements from interpreted languages.

Hi /hmg/
Picture this:
> be at dad's, he's kind of a redneck and party with his redneck friends every wee-kend
> BBQ, booze'n'shiets
> be me, IT guy getting some green at dad's almost each week-end
> having shitty laptop with dual boot Win7 and Mint, also a raspberry pi 3B
> in full control of the router where everybody gets wireless (there's no 4G nor 3G here)
> want to play shenanigans
> what do ?

So basically I want to learn how to do tricks / malicious things to people on the local network.
I want to do stuff from playing jokes like sending them to funny websites instead of what's they're trying to get, to getting their credit cards number or anything personal that could go through the local network.
So for the "light work" I could use wireshark but if I could use something a little more aggressive that would get me to learn more about security / pentesting that would be great !

If you want to redirect traffic you can always look into dns spoofing and arp poisoning. ethercap and driftnet are a good combo, driftnet captures all images sent on the network and sends them to you. ssl striping is probably another skill you want to get under your belt if you want to capture card numbers and stuff.

Do you have a good understanding of TCP traffic, ip's, and mac addresses?

I dont really know any sites/services that offer MitM challenges/services, but i guess you could always set one up with a vm and practice.

>dat pic

cringe

Fuck you, CIA nigger. Terry is the smartest programmer ever to have been born, sent on a mission from god to create a godly operating system for holy men to use.
In a thousand years there will be a new digital bible and everyone will prey to saint davis, the hater of CIA niggers.

Terry is a paranoid idiot who doesn't even have respect for his family.
He might be a passionate programmer, but he is not that much of a genius that it would redeem him form being mentally unstable and antisocial.

I dont disagree with you, but i still stand by my remarks.
mentally unstable = religious
havent you figured that out yet?

Basically you use py2exe, and just move the folder containing the exe on any machine, and it will run using what is needed within that folder Which I think mine was 2mb total included everything it needed.

>ELF
I see so many elf files when I RE firmwares for cameras. I might give go a try. No pun intended if there is one.

Agreed, I hate terry for sheer fact that he killed his pets and slapped, degrading one on his youtube channel, poor thing was scared for its life.

Im not sure the legistics, but i heard compiled python programs contain any modules used in the source code, making it bloated and impractical. may as well write it in C++ or go.

Most of the cameras ive seen on shodan run on linux, so i get why there would be so many ELF execuatables

>he killed his pets
story?

wiki.archlinux.org/index.php/Upside_Down_Ternet
or something similar.
this will only work with HTTP, not HTTPS, though. also, you need to do this at the router level (for example, if the router runs openwrt...)

There were videos of him talking between his parents house and neighbors house, and people would notice animal bones on the ground or something like that, I think that is what I read about. I remember watching the video where he had his dog in his room and he would slap it and smile, and degrade his dog. I cant find the video it probably actually got removed on youtube.

I want to get into pentesting. Tell me how to do it anons.

A hacker is someone who enjoys playful cleverness—not necessarily with computers. The programmers in the old MIT free software community of the 60s and 70s referred to themselves as hackers. Around 1980, journalists who discovered the hacker community mistakenly took the term to mean “security breaker.”

Please don't spread this mistake. People who break security are “crackers.”

Attached: 1505289302685.jpg (358x326, 25K)

Thank you my dudes !

that war has been long lost.
where I'm from, the word crack is even used equal to ace

Kali comes with more than just tools. There are other resources within the OS that are helpful in conjunction with those tools, e.g. wordlists.

I do pentesting for a living. I'm not going to waste company/client time setting up an OS and installing giant software suites when I can just install Kali in ten minutes.

you can run kali in a VM, or run it containerized/chrooted.
IMO, you shouldn't trust kali...

That's what I do. I usually have a client-provided machine, especially when they want me to bypass the security of actual endpoint was well like in a disgruntled employee engagement.

who will make BASIC for Temple?

learning c and doing simple crackmes

Reverse engineering tutorials.

I feel i'm fairly good at binary exploitation, reversing in CTFs. What are some real world targets I should start looking at (don't know fuzzing properly yet) that won't be too hard to find vulns/bugs in. Is there any middle ground with low hanging fruit in real world, or am I just practicing something that had huge impact a decade or two ago but is now just outdated?
How do i start making money doing this?

*btfos me*

Attached: file.png (84x107, 10K)

Fuck, I love Jow Forums and Jow Forums.

why

I can learn so much.

>The worst part about Kali is the myriad of outdated tools and bloat.
this.

No, you really can't. Not here. I've been here 13 years and the only thing Jow Forums taught me was how to memorize spec sheets.
Read a book.

Bump.

I'm making a 3d printed wrist based portable pentesting system like a cyberdeck but probably functional.

Even gonna add some physical pentest stuff to it.

What do you do then? Like, what distro do you use and where do you get tools? I'm looking to move from kali to a more useful kit.

Also what tools are outdated and how get better versions