Hope the post title don’t annoy my wife :p . It shouldn’t I guess, as long as the love is for learning something very good.
The Start:
We all face dilemmas in a day to day life. Sometimes in personal life, sometimes in professional. In the later category, I was facing one from last many months. And worst part being in dilemma is sometimes you either end up doing nothing or you do both the things. What happens then is you end of thinking about two things and end up working on two as well. This delays your achievement, this reduces or rather diverts your focus frequently. Being someone who always ends up getting a lot of new ideas on daily basis regarding new things to learn, try and implement it sometimes becomes very tough to select one and finish it completely.
The dilemma I am talking about was with respect to the choice of new skillset to learn to advance professionally and to make the days count even better. It was between two things which are booming nowadays and probably they are here to stay- Automation and Ethical Hacking/Security Testing. I worked on both of these and have basic or intermediate knowledge of both. Or you can say I am logically clear on both. But to implement the ideas, solve the problems or make your logic work, you also need to have in depth of technical knowledge of the task at hand, you should know how to. And putting my efforts on both things was delaying my expertise on either.
The choice was finally made as I understood my natural inclination towards the unknown. I am curious by birth, like to explore. So Ethical Hacking was definitely my thing. It’s like an endless road, you can go on and on and on. I have just started on it and will try to share my experience here as I progress. Let’s see how it goes.
The pre-requisite:
It is not necessary to be from software and networking background to learn Ethical Hacking I think but it will definitely help. At least it helps me when I read stories of other hackers or incidents and can understand at least 70-80% of those technically. Again the area to test is so vast that even your preparations or pre-requisites differ according to your target. If you are going to test mobile devices, you will have to gain knowledge around that, if you are going to test web applications your preparations shall differ and so on. I will surely update about what exactly to do and from where to start once I reach some level.
If you ask me, I collected basic knowledge around networking, protocols like HTTP and https, Linux, HTML, javascript over years at my Job. That shall help I guess. Apart from that, I follow a lot of hackers on Twitter. Their stories, tweets, and interview are of great information. Reading their experience feels like watching a sci-fi/mystery movie. I love it. And yes, I am also reading The Web Application Hacker’s Handbook as my first book purely into Security Testing.
And yes, one more important thing. Did I mention that you should be having a Mentor? It is always necessary and helps a lot with anything in life. I am not saying you should have one for everything, but there should be someone whom you look up to when you do some good work in some field. It is applicable to life in general as well. I am lucky to have few. And here guess with whose help and guidance I am learning to hack? Santhosh Tuppad. If you don’t know him already(which is rare if you are into the testing world), you should read his bio and know about his work.
So far:
So far, I have tried exploiting few vulnerabilities in few featured of very popular products like Paytm, Facebook, Twitter, etc, of course, to return empty handed. I am starting right, so that should be just Ok. Those were just desperate attempts. But could anyone stop my learning from that experience? No one could. And yes, I am not really all empty, long back I could use one of Facebook’s paid feature without paying anything. Back then I didn’t know about Bug Bounty programs so I ended up using that feature few times and then writing to FB in some raw manner. Found another minor thing on Heroku recently but not yet sure how to exploit it further. Will see to it.
As far as my learning with Santhosh is considered, we started with a couple of challenges designed by him. I can’t talk about what the challenge was and what was the answer but I can definitely share my learning and approach.
Both the challenges were around Login page the and the goal was to get through.
Below is the summary of my experience solving them(Yes, I could solve them both and I know that was just tip of an iceberg.):
- Observe the URL of application carefully, see if it gives you any hint
- Check for file extension to see if you are lucky enough to precisely know which file is serving you content
- Try to understand the technologies/programming languages used, see if your coding knowledge help you there
- You should know how to view Page Source and how to use it for your understanding
- Sometimes you end up thinking a lot about every difficult and rare possibility and you miss on basic, simple, straightforward stuff. Always start from basics, unless you are very sure that it is not going to work. [This is how I solved the first challenge in 30 seconds]
- If you are an awesome human tester, a lot of your knowledge and approaches will help you in Hacking. Curiosity is key.
- As I started the second challenge, the first thing I learned is never to think one solution, one approach or tactic is going to work on multiple or all problems.
- In the world of cybersecurity, it would be a mistake to think that everything you know about a particular thing is actually everything about that thing. With me, it happened for space. White space.
- What I knew: Whitespace is a character or series of characters which can be entered using [spacebar] or [tab] key. The length of space will differ accordingly.
- What I didn’t know(fully): Different types of spaces
- You might have to debug, add breakpoints or just monitor the traffic. You got to know how to use browser developer tools.
- You can try tampering important data from developer tools or other browser extensions or tools and see if you get any different behavior. Tampering with internal status codes, flags, etc might give you surprising results.
- We talked about tools and programs and all but sometimes nothing works better than Pen and paper. Keep it handy always.
- As and when needed, google for hints or online tools which might help you with debugging your way through.
- Try URL tampering
- Try entering space in different possible ways
- Consider data encoding when interacting with Softwares
- Breaking and no-break space(https://en.wikipedia.org/wiki/Non-breaking_space)
- Input from dedicated number pad might create different result
- Learned about windows utility character map
Hope this helps someone somehow. Wish you luck and you(better) wish me luck 🙂
Ram
15 Apr 2017It is a good article to read.. Specially for Ethical lovers..