Results 1 to 6 of 6

Thread: what to learn

  1. #1
    Just burned his ISO
    Join Date
    Oct 2009
    Posts
    5

    Default what to learn

    Hello. Hacking is my favorite thing in the world. Unfortunately, the only real penetration I have done was from cracking wireless. I read the book on nmap (amazing read, by the way). Sadly, I can scan a network and get loads of useful information, but I don't know where to go from there. What are some good resources for exploits? And no, I do not want to be a script kiddie. I want to study these exploits in the hopes of making my own. (I know python, bash, and am learning c and c++.) As soon as I can scrape together 550 bucks I will take that offsec course.

    Also, the only way I can remotely associate with a network is through wireless cracking. How does one go about associating with remote wired APs?

  2. #2
    Senior Member MikeCa's Avatar
    Join Date
    Jan 2010
    Location
    DC
    Posts
    129

    Default

    I would recommend reading Metasploit Unleashed (Google it) and reading the code that makes up the plugins. That will give you lots of stuff to start googling.

    I don't understand what you mean by a remote wired AP. Aren't all remote AP's wired?

  3. #3
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    A good way to answer your question would be, how did you learn what you have learned so far.
    There is a ton of info here on the forums so start reading in the how-to and tutorial section.
    In addition welcome to the forums.
    There is even a video section that has, well videos that should contain tons of good info for you.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Quote Originally Posted by lefty View Post
    What are some good resources for exploits? And no, I do not want to be a script kiddie. I want to study these exploits in the hopes of making my own.
    There's some good info here: Buffer Overflows – backtrack

    Also might want to check out the Offsec class: http://www.offensive-security.com/pe...e-training.php

  5. #5
    Just burned his ISO
    Join Date
    Oct 2009
    Posts
    5

    Default

    Thanks for the quick replies. Mikec, I mean can one associate with a remote router when all you have is the IP address and open ports. I sort of considered wireless APs to be "remote," too, but maybe that word doesn't fit.

    Archangel, I've read books (and manpages) on linux, python, nmap, Hacking: the art of exploitation (didn't make perfect sense because I need to learn c). I've read a lot of forums, too. RE is my go-to hacking forum. Discovering BT and the BT community was huge (thankyou stumbleupon). I have been watching some videos, as well, although I get impatient because I could learn the same thing twice as fast if it were written. In a month I'll be taking a C class as well as a network protocol class.

    I've been messing with arpspoof, wireshark, ettercap, sslstrip, metasploit, nmap, aircrack-ng, kismet. Trying to decide which tools to check out next.

  6. #6
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by lefty View Post
    Archangel, I've read books (and manpages) on linux, python, nmap, Hacking: the art of exploitation (didn't make perfect sense because I need to learn c). I've read a lot of forums, too. RE is my go-to hacking forum. Discovering BT and the BT community was huge (thankyou stumbleupon). I have been watching some videos, as well, although I get impatient because I could learn the same thing twice as fast if it were written. In a month I'll be taking a C class as well as a network protocol class.

    I've been messing with arpspoof, wireshark, ettercap, sslstrip, metasploit, nmap, aircrack-ng, kismet. Trying to decide which tools to check out next.
    Then you are on the right track it looks like.
    Patience and persistence will pay off.
    Take a look at some of the various pentesting methodologies, these will provide a framework for you to use to work through the various "things" that happen or take place as part of pentesting.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •