what to learn

[lefty]

Hello. Hacking is my favorite thing in the world. Unfortunately, the only real penetration I have done was from cracking wireless. I read the book on nmap (amazing read, by the way). Sadly, I can scan a network and get loads of useful information, but I don't know where to go from there. What are some good resources for exploits? And no, I do not want to be a script kiddie. I want to study these exploits in the hopes of making my own. (I know python, bash, and am learning c and c++.) As soon as I can scrape together 550 bucks I will take that offsec course.

Also, the only way I can remotely associate with a network is through wireless cracking. How does one go about associating with remote wired APs?

[MikeCa]

I would recommend reading Metasploit Unleashed (Google it) and reading the code that makes up the plugins. That will give you lots of stuff to start googling.

I don't understand what you mean by a remote wired AP. Aren't all remote AP's wired?

[Archangel-Amael]

A good way to answer your question would be, how did you learn what you have learned so far.
There is a ton of info here on the forums so start reading in the how-to and tutorial section.
In addition welcome to the forums.
There is even a video section that has, well videos that should contain tons of good info for you.

[Lincoln]

What are some good resources for exploits? And no, I do not want to be a script kiddie. I want to study these exploits in the hopes of making my own.

There's some good info here: Buffer Overflows – backtrack

Also might want to check out the Offsec class: http://www.offensive-security.com/pe...e-training.php

[lefty]

Thanks for the quick replies. Mikec, I mean can one associate with a remote router when all you have is the IP address and open ports. I sort of considered wireless APs to be "remote," too, but maybe that word doesn't fit.

Archangel, I've read books (and manpages) on linux, python, nmap, Hacking: the art of exploitation (didn't make perfect sense because I need to learn c). I've read a lot of forums, too. RE is my go-to hacking forum. Discovering BT and the BT community was huge (thankyou stumbleupon). I have been watching some videos, as well, although I get impatient because I could learn the same thing twice as fast if it were written. In a month I'll be taking a C class as well as a network protocol class.

I've been messing with arpspoof, wireshark, ettercap, sslstrip, metasploit, nmap, aircrack-ng, kismet. Trying to decide which tools to check out next.

[Archangel-Amael]

Archangel, I've read books (and manpages) on linux, python, nmap, Hacking: the art of exploitation (didn't make perfect sense because I need to learn c). I've read a lot of forums, too. RE is my go-to hacking forum. Discovering BT and the BT community was huge (thankyou stumbleupon). I have been watching some videos, as well, although I get impatient because I could learn the same thing twice as fast if it were written. In a month I'll be taking a C class as well as a network protocol class.

I've been messing with arpspoof, wireshark, ettercap, sslstrip, metasploit, nmap, aircrack-ng, kismet. Trying to decide which tools to check out next.

Then you are on the right track it looks like.
Patience and persistence will pay off.
Take a look at some of the various pentesting methodologies, these will provide a framework for you to use to work through the various "things" that happen or take place as part of pentesting.