8

I'm a decent programmer, fluent in several languages.

Python, Ruby, JavaScript, Haskell, and Scheme are my favorites. I'm currently adding Perl to the mix.

I haven't done much "low-level" programming. I've screwed around at the logic gate level and built a few basic chips, but I've never programmed in assembly. While I can program in C, I don't do so often enough to be comfortable with the language.

By day, I'm a web developer, so I'm familiar with some of the basic exploits that are used to break websites.

With my "qualifications" out of the way, I'm looking for some good hacking resources for someone in my position. I'm not looking to get certified or anything, I'd just like to be able to hack.

I do all of the exercises in SICP every year... Is there a "SICP like" book for security?

Any other resources would be appreciated. Also, if anyone could suggest an appropriate "curriculum" for someone in my shoes, it would be appreciated.

Edit:

I should make this question more specific. I'd like to learn the tools and techniques of the trade that "actual" hackers use. I'm not particularly interested in "writing secure code." I figure I should be able to figure out how to do that if I can hack.

  • 2
    Even after your edit, the questions is still a bit vague. What is an actual hacker? You used the penetration-test tag so I can only assume you mean penetration-tester. What is your goal: a position as a penetration-tester? – this.josh Oct 26 '11 at 23:28
  • Add learn ASM as well to all the answers below, it depends on the kind of hacking you plan to do. – ewanm89 Oct 27 '11 at 11:08
  • Full all out binary hacking would be to find vulnerability buffer overflow, integer overflow... Then inject ones own machine code into it after overflowing the variable. Using little tweaks to manage to get predictable memory mapping. – ewanm89 Oct 27 '11 at 11:11
  • Or there is SQLi and XSS/CSRF which is about breaking into databases and web applications at higher levels. – ewanm89 Oct 27 '11 at 11:12
  • You can only learn how to hack by becoming smarter then the guys who wrote the software. So if your current domain is web development you could start on web security. Get to know how browsers and servers process requests and responses. How is HTML parsed, how is Javascript bound by the same origin policy. Read up on several security measures taken by browsers and servers and find the weak spots. The more advanced you become the more up to date infrastructure you will be able to 'hack'. – Silver Dec 26 '15 at 13:12

8 Answers8

24

When you say "Hack" I'm personally wondering what sort of hacking you mean - it's a fairly varied skill with many different interpretations.

Firstly, by far and away the biggest domain going forward in security will be web. That means SQL injection, javascript bugs, browser bugs, studies of authentication schemes etc. So as others have mentioned, OWASP and the like are fantastic resources.

Not my particular favourite area though, so here's my guide to "things to know" if you want to start looking for vulnerabilities in compiled code on operating systems. One of the first things you'll begin to realise is that there is a lot to know - you are not going to become an uber cool h@x0r!11!! overnight, or actually if you do nothing else for the next 6 months but read up on all of this, top to bottom.

Programming knowledge

  • You need to know assembly. Contrary to popular belief it is not that hard - most assembly takes the form instruction register, register and translates directly to machine code. You need to know an assembler, such as NASM, YASM or GNU AS. There are two different syntaxes in assembler - AT&T and Intel. They're not that far apart.
  • You need to know your processor's instruction set. The Intel Software Manuals for IA-32 and Intel 64 are a great resource and explain every instruction you could ever need. AMD publish equivalents; since both AMD processors and Intel processors use the same x86 instruction sets, there are, mostly, a lot of commonalities.
  • Knowing a debugger and a disassembler will help you. GDB is the canonical debugger used on Linux platforms, WinDBG is one such debugger from windows. Other people like OllyDbg. In terms of disassemblers, many Linux ones are powered by objdump. I personally like objconv from this author. The tool in the field of disassemblers is IDA Pro, which provides much more than just disassembly.
  • Have an understanding of how to use hex notation and the various word sizes.

Program Internals knowledge

  • Know C. Know C++. Know the difference between C/C++; for example what effect a template keyword has. Know what name mangling is and why it exists. Know what C cannot do which assembly can.
  • Understand how your CPU represents data and which C types most closely represent a register.
  • Binary file formats: knowing how executables work is very important, especially what formats they exist in and how to manipulate them. You don't need to know the internals of the ELF, COFF or PE formats unless there's a really hairy exploit going on, but knowing how to extract symbols from these files and how data is laid out in them generally will give you an advantage.
  • Shared object loading. Understand how shared objects or DLLs work and load.
  • Understand the basic run time constructions of your program. Where is the "heap"? Where is the stack, what is on it and how does it work? Where is your vtable and how does that work?

Program Internals for other languages

Nobody said you'd be working with C/C++ programs, although if you're looking at traditional, OS software it probably is C/C++. That said, you may be interested in python or jvm bytecode and how each of these runtimes work. Or perhaps the CLR.

Program environment - Operating Systems I

  • Basics. You should know that there are permissions and what they mean. You should know who the administrator account is, what the default is and how you acquire administrator access normally (e.g. root vs Administrator group).
  • Program environment. You should know where and how config for programs and the OS is laid out. You should know how services run and as what user. How do programs run automatically/on boot? How is media loading handled?

System subversion - Operating Systems II

  • Know the difference between the various CPU Rings.
  • Know how drivers are loaded into the operating system and what they can do.
  • Have an accurate idea of how the OS handles permissions, resources, filesystems etc. Better if you know exactly how.
  • Know about mechanisms for intercepting system actions.
  • Understand how to perform shared object injection on your system (1, 2).
  • Know how various subsystems in both user and kernel space work and how to attack programs over these subsystems.
  • See here for OS internals.

Networking & Network Services

  • Knowing something about networking is important. What does a packet look like? What is the OSI stack? How do you inspect packets and network traffic; how do you connect to a network from your system?
  • Know common network services for your target platform, most commonly HTTP, SSH. Understand how they can be exploited.

Common exploits and their defences

Analysis tools


This list is probably incomplete and reflects a set of knowledge that should be helpful for understanding how reverse engineering works and how you go from there to finding vulnerabilities and exploiting them. I do not, myself, know absolutely everything in the above list inside out and I've been researching this stuff for a while. As I said, becoming good at this takes a lot of time, dedication and patience.

Once here, you can start to study applications and how they process data and begin to work out how exploits against them work, such as PDF/Flash/Java vulnerabilities.

9

We have a few questions on this topic already. Have a look at:

and a few others.

Rory Alsop
  • 61,474
  • 12
  • 117
  • 321
  • Also, here is a handy list of vulnerable applications to download and test, ISO files with vulnerable systems and online vulnerable web applications to test on: http://blog.taddong.com/2011/10/hacking-vulnerable-web-applications.html – Krzysztof Kotowicz Oct 29 '11 at 12:31
2

Metasploit comes to mind: http://www.rapid7.com/products/metasploit-express.jsp

I don't know about a curriculum, but it does give you a pretty broad base to hack around.

Steve
  • 15,215
  • 3
  • 38
  • 66
  • I'd seen metasploit. It seemed kind of script-kiddie-ish. I may check it out yet. It might be a good place to get started. –  Oct 26 '11 at 23:01
  • All the "real" hackers I know use Metasploit :) – Steve Oct 26 '11 at 23:18
  • 1
    @Josh - it may or may not be script-kiddieish.. you could always learn how to port and write exploits for metasploit. – tkit Oct 27 '11 at 07:34
  • @Josh - it does simplify the attack process, so in that respect, sure, it allows you to use a script rather than develop a new exploit every time, but for the vast majority of tests it is quick and simple (both black and white hats use it) so you can demonstrate exploits rapidly. – Rory Alsop Oct 29 '11 at 14:12
2

You didn't state what kind of "hacking" are you interested in but my guess is you would like to learn how to find and exploit weaknesses in stuff..

Since you're a web developer, I think The Open Web Application Security Project (OWASP) might be a good start for you. More specifically you might want to take a look at these two:

But the whole website is just one big gold mine with tons of useful information so.. make sure to check it out thoroughly, I believe it will give you further ideas.

tkit
  • 3,332
  • 6
  • 29
  • 36
1

A quick way to learn a bit about a few tools would be to do the offensive security - pentesting with backtrack course. You'll get to learn about quite a few tools and have an awesome playground to hack :)

It was fun .. you get to do it in your own time .. and it wasnt too expensive

http://www.offensive-security.com/online-information-security-training/penetration-testing-backtrack/

ash
  • 145
  • 1
0

You may want to try your skills and increase your information about hacking by trying missions on websites like :

And there are many more sites available on http://www.wechall.net/active_sites

dryairship
  • 109
  • 2
0

There are lot of hacking programs and tools available on the internet. Some are paid and some are free, but the most important thing is skills on how to use these programs and tools. I want to share some of them here which are most popular:

Top 12 Hacking Software For Windows Users:

schroeder
  • 125,553
  • 55
  • 289
  • 326
0

Hacking is a state of mind. It's not limited merely to computers or the internet or web applications, it's all around you. A hacker who sees a soda machine is thinking about how to get a free soda. A hacker who walks by valet parking is thinking about how she would social-engineer the valet into letting her boost someone's car. This is not to say that all hackers are disposed to really steal sodas or cars, but the activities can be fun to think about.

While I realize your question relates only to computer-related hacking, you won't get very far without having the right attitude.

Disclaimer: Some types of hacking are illegal and can lead to adverse consequences such as your being arrested, fired or sued. Hack only systems and things that you own, or that you have ironclad written permission to hack. For legal advice, consult a licensed attorney.

user35648
  • 905
  • 6
  • 8