Network security is a unique field of IT, and unlike many other IT fields, it seems almost hostile to anyone new and looking to learn about pentesting. I’ve heard several statements that boil down to “I want to learn how to be a pentester but I don’t know where to start.” If you’ve ever felt lost and overwhelmed when trying to learn more about network security, you’re not alone. I struggled at the beginning as well, largely because practical learning materials are hard to come by, and I didn’t know where to begin.
It’s okay to feel overwhelmed if you’re just starting to learn about pentesting. Let’s turn the information overload down a few notches and focus on carving out a tiny but solid foundation by learning one very essential pentesting skill: operating in a Linux command line environment. Most actual hacking is done within Linux, and a huge portion of it is done within the command line. This is because most hacking tools don’t have a graphical interface at all and can only be used via the command line.
Learning how to find your footing and maneuver within Linux is absolutely critical if you have ambitions of being a hacker. Plus, writing in the command line just looks really slick. If someone without a technical background sees you writing stuff in the command line, you instantly become a computer wizard in their eyes. Just don’t agree to the inevitable follow-up questions about fixing their printer.
If your only experience with operating systems has been Windows and Mac environments, being forced to throw out the graphical interface and the use of a mouse can seem daunting. Books about using the Linux command line are plentiful, but it feels like they’re about 800 pages long on average, which is 795 more pages than you need if you’re just getting started. Plus, who has time to read giant books these days? I don’t know about you, but covid has annihilated my attention span.
With all this in mind, let’s toss out the stuffy and boring ways to learn Linux and focus on something much more fun. But before we can get to that, we’re going to need a way to connect to servers via SSH. SSH stands for Secure Shell, which is a way for computers to remotely connect and interact with each other. In Linux terms, the command line is a shell. There are lots of different shells, but most systems default to using a shell called bash.
So, bash is the shell that you operate within while you’re using the command line and using SSH allows you to establish a shell connection to a remote system, which allows you to use the command line of the remote system. Think of it like remote desktop, but instead of the whole desktop GUI, you only have access to the command line on the remote machine.
If you’re using Windows and want to make SSH connections, some people will tell you to use PuTTY, and to them I present the following screenshot:
PuTTY sucks. Even Google says so, don’t @ me. It initially released in 1999 and was fair for its day, but technology has advanced such that we aren’t stuck with the clunky thing anymore.
I use MobaXterm when I need to make SSH connections from a Windows machine. You can download it here: https://mobaxterm.mobatek.net/
If you’re using a Mac and need to make an SSH connection, that functionality is already built in. Read about how to use SSH on a Mac here: https://osxdaily.com/2017/04/28/howto-ssh-client-mac/
Okay, now that we have our SSH client ready to go, let’s get started. The resource we’re going to use is a site called overthewire, which has several different learning paths. We’re going to be using the Bandit module, located here: https://overthewire.org/wargames/bandit/
Make sure you read the entire introductory page; it includes very vital information. The premise of the game is simple: find the password for the next machine on the list. We’re going to start on Level 0, which you can find on the left side of the page. The goal here is simple, all you have to do is connect to the target machine. Let’s do that in MobaXterm now.
Click the Session button in the top left of MobaXterm and select SSH from the following menu. The instructions for level 0 will tell you how to connect; let’s walk through it together. Your SSH settings in MobaXterm should look like this:
Once you click OK, the session will start. You’ll be prompted for the password, which is bandit0. Don’t fret if the text doesn’t show up on the screen as you type, the command line doesn’t show the characters that you type if you’re typing a password. Hit enter and watch as the banner message scrolls up. It might take a few seconds for you to get a command prompt, you’ll know you’re good to go when you see something like this:
Now that you’re logged in, back on the overthewire site, click on Level 0 -> Level 1 to see what you need to do in order to find the password for the next machine. I suggest you copy the passwords for each machine you solve to a text file so you can always pick up where you left off. Once you have the password for the next box, close the session by typing “logout” and open a new session on the next machine.
I’ve walked you through how to connect, so the rest is up to you. Make sure you read all the text on each page and be prepared to do some googling for the commands that the pages mention. It may not seem like it, but this is real-world hacking experience! Exploring a system for interesting files that may contain tasty passwords is something I spend a lot of time doing during my assessments.
Next time we’ll go over the basics of Cross-Site Scripting attacks, one of the most common and dangerous types of vulnerabilities pentesters look for. Until then, happy hacking!