Total Noob question....sorry for that.

[yanivas]

Hi all,


I'm currently a level below noob in all this Hacking world- but I'm totally in love.
I just started to discover all the wireless network hacking (testing....) - but i don't
really understand what is the next stage after i hacked (the testing network) -
i mean how can i access the complete file system of windows (for example) ?
or how can i get some control over the computer that connected to the network...?


i will appreciate a lot any reference to further studies...

[lucid]

Well, it all depends what you want to do. Say you've gained access to said network, the next thing you will probably want to do is some recon and enumeration. You want to know what devices are on the network, and what services they are running, what ports are opened etc.

[b0whunter]

Acquire basic hacking skills and basically follow Eric S. Raymond's advice and you will be on your way to answer your own post/question : http://www.catb.org/esr/faqs/hacker-howto.html

[yanivas]

can i get a specific reference in order to acquire this basic hacking skills ?
I'm not afraid form sit down and study - but i don't know what to look for...
As i said i very to interesting in learning how can "take control" over computers once i "hacked" to a network that the computer connected.


I truly don't intend to anything evil... i'ts just the side of hacking that i'm interested instead of hacking to website for example.

[b0whunter]

Well here are what I consider basic hacking skills:

1) Learn how to program: This is a fundamental hacking skill.

To be a hacker is not simply to know how to use a computer, but you must be able to "talk to it". The language you pick is not the important part, its the way you think and use it, in creative ways to solve challenges you set. And thats not thought in books or school (most hackers are self-thought too). Python is an extremely good language to start with. Its cleanly designed, one of the easiest to learn for a beginner while still being a very powerful and flexible language. Point is, just pick one to start and learn it well, then expand. Learn assembly early on, you will be thankful you did.

2)Get a unix-based system - Linux:

Learn how to install it, run it, customize it, not just use it. Anybody can use a computer nowadays. Some people will say its possible to learn hacking on windows, while being true, its not the most efficient way. Windows systems are binary-distributed, you cant read the code nor modify it, generally speaking. Also,unix is the system of the internet. Yes you can use windows to "go on the internet" but understanding it without understanding unix is making it unjustifiably harder. It might not make sense what im saying now, but you'll understand a little more when you start network programming. Everything is based on the BSD sockets model of network programming, winsocks too.

3) What Ithink you're looking for:

Compromising/exploiting systems, networks, without hacking. Like pentesting for example. You can form pentesters quickly to use a suite of tools to perform security audits. (I'm not saying all pentesters have no knowledge in hacking just that you can form them quickly to fill in position in the security industry.)

If that's the case, here are the basic requirements to start "pentesting":

Check the syllabus of this class, its the basics one should know:
http://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf


You dont need to pay for the course, just check what it covers and google tutorials on the subject. You might even find the course's ebook online, who knows. If you're not interested in website hacking, just skip those chapters.


Other than that, and you can also do it from a windows OS, is using the metasploit framework. In your case, you will be particularly interested in the post-exploitation from what I understand:
http://www.offensive-security.com/metasploit-unleashed/MSF_Post_Exploitation


There is also a book on the subject:
http://www.amazon.ca/Metasploit-The-Penetration-Testers-Guide/dp/159327288X

[yanivas]

wow.... Thank you very much for the very detailed answer- you gave me some work with Google for several weeks easy.


Just for the recored i did started learing Python in the last couple of weeks


about linux- is there any specific version\disterbution that recormmended to area i want to focus on ?


Can you give example for some set of tools to perform security audits that i can start
to Google on?

[lucid]

about linux- is there any specific version\disterbution that recormmended to area i want to focus on ?

Whichever one you're most comfortable with.

Can you give example for some set of tools to perform security audits that i can start
to Google on?

You can find all kinds of tools and there uses.... using google. There's countless tools out there, take your pick.

[yanivas]

I'll do all the "Googling" i just need a key-words if you can give some direction - because i really not know even with what words to begin with, honestly.
I really not laze, just need a little direction....

[lucid]

You've already gotten tons of direction. I mean come on, you want to do a port scan of the network after breaking in. Well, looks like you might want to google for some port scanners, or network mappers(hint, hint). You want to sniff connections on a network, google packet sniffers.

[yanivas]

You've already gotten tons of direction. I mean come on, you want to do a port scan of the network after breaking in. Well, looks like you might want to google for some port scanners, or network mappers(hint, hint). You want to sniff connections on a network, google packet sniffers.

Thank you... that what i was looking for!!


Thanks to everybody for the answers, and the moral support,