What’s your favorite hacker movie?
Is it Iain Softley’s 1995 classic Hackers? Or what about War Games or maybe you couldn’t get enough of Bruce Willis in Live Free or Die Hard?
All these movies are great right? They all tell the story of some hapless organization that’s succumbed to the cunning computer concoctions of a malicious hacker. They shine the spotlight on savant software gurus who live, eat and breath binary. They underscore so called “Super Geeks” who are venerated by mortals and idolized by sycophants who wish they could kill networks with a few deft keystrokes.
Would you agree that there’s something about hackers that amazes us and strokes our curiosity?
What is a Hacker anyway?
There’s been much hand-wringing over whether the term “hacker” is malicious or not so let me settle the debate right now: a hacker is just someone who is curious about network security and who uses his or her skills to understand how it works. He usually does this by reverse engineering protocols or executing exploits in lab environments.
Conversely, a malicious hacker is the evil hacker we hear about in the media. These guys (and girls) are usually motived by fame, money or just entertainment and are the most nefarious kind of hacker.
To remove any ambiguity, I’ll use the phrase “malicious hacker” to refer to someone who deliberately uses advanced computer knowledge to debilitate networks.
Script Kiddies are Stupid
On a side note, a script kiddie is a travesty of a hacker.
To be curt: Script Kiddies are losers.
The hallmark of a Script Kiddie is that he downloads “hacking tools” and uses them without really understanding how they work. Being a script kiddie is a just a matter of Googling for software that lets you execute your sophomoric plans. Script Kiddies aren’t revered, in fact, most are lampooned by the hacking community because every knows they aren’t worthy of real respect.
That being said, you should still take Script Kiddies seriously because their ignorance is just as dangerous as someone with expert knowledge. A Script Kiddie can still topple a giant network with a few basic commands even if he doesn’t know what’s doing.
Introducing Kali Linux
In this guide, I’m going to introduce you to a set of digital forensic tools called Kali Linux. To keep you from being labeled a Script Kiddie, I’ll explain exactly what it does, how it works and teach you how to use these tools to test your own networks.
Kali Linux used to be called Backtrack and it’s funny because most people haven’t heard of Backtrack and Kali (including me). It wasn’t only until recently that I discovered them and started playing with them.
So before we get started I need to issue a disclaimer: Kali Linux is powerful. It’s extremely powerful.
You can use it to steal passwords, credit cards and other sensitive data or you can use it to help your friends, family and co-workers protect themselves from data thieves. The choice is yours. I’m giving you this information in the hope that you’ll use it for “White Hat” activities.
You can use a knife to ablate tumors or commit murder. Kali Linux is your knife so use it wisely.
Remember, if you do try to use it for illicit purposes, and you’re caught, there will be serious ramifications for your actions. Steep fines and jail time are common consequences for using tools like this for illicit purposes. My advice is to simply don’t do it.
Don’t do it.
Seriously. It’s not worth it.
Instead of using Kali Linux to commit cyber crimes ,use it to prevent cyber crimes. Use it to educate your peers, to position yourself as a leader; to help people protect their data. Always remember that you wouldn’t want someone to steal your passwords and credit cards so don’t do to others what you wouldn’t want them to do to you.
How companies use Kali Linux
The best place to use Kali Linux is a in control tests environment or on a private network (such as your home network). I’ll show you how to set this up in the next guide but for now I just want to give you a brief overview of how it works.
Most organizations hire an outside, objective, security firm (or firms) to execute controlled security breaches on their networks. The purpose it to verify the security posture of the company so it can take the necessary countermeasures to plug any security vulnerabilities in the organization. These “good hackers” are colloquially called “White Hat” hackers and are technically known as “Penetration Testers”. They commit a series of tests under the direction and guidelines of management. Then they document their findings and advise the IT staff on how to fortify network security.
I find that most companies today stand behind a false sense of security. This becomes apparent when an enterprise is hacked and then finds itself in a precarious position groveling with hackers, practically begging them not to release the crown jewels to the public.
Companies with intrusion detection systems (IDS), intrusion prevention systems (IPS), antimalware appliances and next generation firewalls might they they are relatively safe from these threats but everything changes when Penetration Testers expose latent vulnerabilities awaiting exploitation.
Kali Linux can bring people back to earth and show them that their quixotic opinions of their networks are rooted in fiction not fact.
Getting Started with Kali Linux
Alright, so are you ready to check this toolkit out?
In order for you to get good with Kali Linux (and not become a Script Kiddie) you need to do two things
- Understand Basic Networking
- Practice using the commands over and over and over again until you get bored of them
Getting started with Kali Linux is dangerously easy. It’s so easy that it’s scary.
You just go to kali.org and download the Kali Linux distribution to your computer as an ISO or VirtualBox image. Then you can burn the ISO to a DVD, copy it to a bootable USB drive or stage your attacks for a virtual machine.
I say it’s scary because anyone can cause grievous damage by walking up to a dormant computer in your house or work space, popping in the Kali Linux USB drive, booting up the computer and executing the Kali Linux environment.
With a little social engineering (sweet talk) you could probably walk right past security and into a secretaries chair. While she prattles about who dumped who on the Bachelor, you’re banging out commands in a black terminal windows and capturing passwords that are being remotely uploaded to your secure sever.
Assuming you’re good with Kali Linux you could own the network in minutes without anyone ever knowing. Now obviously it takes a lot of audacity to do this sort of thing. To brazenly walk into a company and boot a digital forensics toolset and hack the company while the secretary stepped away takes nerves of steal – but if your target has something of great value such as trade secrets or databases of unsalted password hashes, a motivated hacker might count the cost and go for it.
Kali Linux literally has hundreds of tools to cause bedlam on networks. You can easily setup rogue wireless access points by sending out Deauth attacks (which boots everyone off the Wi-Fi network) and then by cranking up your transmit power and advertising the same SSID from your laptop, you could lure all the disconnected hosts to associate with your computer.
Then with a few terse commands, you could siphon all traffic through your computer to the internet so basically all data passes through you before it arrives at the destination. Using something like Wireshark, you could sniff those packets and basically have access to anything you wanted. Including passwords, credit card numbers, social security numbers and anything – really anything.
Let’s do this!
In the next article (published tomorrow) I’ll show you how to install the Kali Linux penetration testing platform on your computer.
Get ready. It’s about to get good.