Becoming a hacker can be an exciting and rewarding six-figure job. Any product that uses digital technology is a potential target to be hacked – that means not just computers and phones but also your car, thermostats, garage door openers, smart coffee machines, and any other smart home device. That…
Becoming a hacker can be an exciting and rewarding six-figure job. Any product that uses digital technology is a potential target to be hacked – that means not just computers and phones but also your car, thermostats, garage door openers, smart coffee machines, and any other smart home device.
That is why ethical/white hat hackers (the good guys) are so valuable and can extend services to ANY industry. Everyone needs to keep their companies, software, and products secure and ethical hackers will find the weak points and deliver them to the companies so they can fix the issues.
But how exactly do you become a hacker? And what skills should you be focused on learning right now?
In this article, I’m going to do my best to answer these questions and give you a path you can follow to become a hacker!
1. Learn essential hacking skills
You’re going to need to learn some new skills before you’re successful at hacking. In the first part of this article, I have identified 6 skills I consider to be essential before you start hacking.
1.1 Understand the law before you hack anything!
Before you do any hacking you must understand the laws and what systems will be falling under attack. For example, if you wanted to test a DDoS (distributed denial of service) attack, you wouldn’t want to launch the attack against your friend’s website EVEN IF they gave you permission.
Why do you ask? Because their website is probably hosted by another hosting provider and your attack would also hit their servers. Even worse, if they are using shared hosting, your DDoS would also affect the other sites on that server.
So to keep yourself out of legal trouble make sure you understand what you are attacking and what will be impacted BEFORE you launch any type of hacking even if you consider it ethical. The best way to stay safe in the beginning is to run your tests inside of your own IT labs hosted on your own hardware or use IT labs that are provided to you and where you have explicit permissions to run the attacks.
1.2. Learn a hacker mindset
Hackers love to learn how things work. And they live by the “trust but verify” motto. You can tell a hacker how something is supposed to work, but they will always try to get a different result. Hackers are fine working with a lot of unknowns and are willing to just “figure it out” without needing to be told step-by-step instructions.
When you become a hacker, nobody publishes a “step-by-step” on how to hack their system so it’s up to you to fill in the blanks with your own technical knowledge.
1.3. Learn commonly used Operating Systems
According to these stats from hostadvice.com, we can see that Windows Server is by far the most popular server OS followed quickly by Unix and Linux-based operating systems so it would make sense to learn how to use Windows Server and Linux if you want to hack these operating systems.
A lot of hacking tools run out of a Linux-based architecture, like Kali Linux. This is where understanding Linux-based commands can come in very handy. Windows Server’s Active Directory Domain Services is commonly used for identity management (user accounts, storing passwords, security permissions, etc).
1.4. Learn Networking
In order to attack a computer network, you have to understand how computers communicate. You should learn IP addressing (v4 and v6), subnetting, and other services like DNS (Domain Name Service) and DHCP (Dynamic Host Control Protocol).
Learn about VPNs and the laws about VPNs and which countries have the most strict laws when it comes to governments requiring VPN companies to release their VPN logs.
1.5. Learn to write code
Automation is one of the cornerstones of hacking. We recommend that you start by learning Python which is one of the most popular options. We have a free course you can take to learn Python here!
For hacking Windows networks, you will want to learn PowerShell. PowerShell can help do things like test passwords, gather a list of user accounts, and query other information about a computer system or network.
You can also use tools like PowerShell and PowerShell DSC (desired state configuration) to automate the creation AND configuration of your IT labs… You can see our full PowerShell course if you are interested in learning more.
You should also learn common coding tools like git and GitHub.
The bottom line is that writing to code and learning to automate is a massive time saver and an essential hacking skill!
1.6. Learn how to build IT labs
In order to become a hacker, you will need a lab environment where you can test. To start, you can use virtualization software like Hyper-V or VirtualBox. You can use these tools to create lab environments manually (at first) and then move on to automating the creation and deployment of these IT labs.
Windows Server has built-in PowerShell cmdlets for managing Hyper-V VirtualMachines but you can also use PowerShell to administrate VirtualBox tool as shown here, but as of this writing it is pretty much limited to powering VMs on and off.
2. Join Hacker communities
Joining a hacker community can help you learn what your peers are working on or inspire you to work on a new project. Here is a list of communities you should consider joining:
I would recommend staying away from blackhat (the bad hackers doing illegal stuff) communities in the beginning until you learn the ropes of hacking. For example, during the research for this article, I considered recommending a popular community but when I attempted to visit the URL I got this:
No doubt most of the members there were not black hat hackers, but if you’re brand new to hacking and you join a community that is strongly focused on illegal hacking it could lead you into getting into trouble.
3. Learn the system you want to hack
Now that you have some base skills, what should be next? Well, it’s probably time to start specializing in hacking a certain system. That could be specific types of websites that run on Apache, SQL databases, WordPress websites, or Windows Infrastructure.
Want to hack Windows infrastructure? Learn how to build and administrate Windows networks!
So how do you start? Want to hack Windows infrastructure? Learn how to build and administrate Windows networks! Want to hack websites? Start designing and hosting websites. Want to hack MySQL databases? Install, configure and administer a SQL database! Do you see a trend here??
If you’re saying to yourself “that sounds like a lot of work…” Well, it IS!
The best hackers start with a thorough understanding of how a system works. It’s extremely difficult to attack a computer system if you have no idea of where any weak points can be or even how the system is supposed to work.
This is why becoming a computer hacker takes such a long time because you need to understand so many technical systems, but the sooner you get started the better!
Build a replica lab
In an ideal world, you should have enough skills to replicate your target in a lab environment for you to test different attacks. This means gathering as much intelligence as possible on your target. Sometimes this information will be provided to you ahead of time, sometimes you’ll need to gather this information yourself by running networking scanning software.
If you’re targeting a Windows network then you would want to learn what version and build of Windows they are using. What kind of patches? Do they use logging software such as Splunk etc…
This principle applies to any device you want to hack. If you want to hack a device, then you should plan on obtaining technical documentation and in a best-case scenario a physical copy of the device for you to test on.
You can use the training we provide at Server Academy to become a proficient Windows administrator. This will give you the knowledge you need to build lab networks for testing purposes and how to attack (remember, pen-test / white-hat only) existing Windows-based networks.
4. Follow and Test Security Bulletins
Vulnerabilities are posted online with detailed information about how they can be exploited. This is so IT admins can see the information and address it in their network. The problem is that it is pretty common for these vulnerabilities to go left open for attackers to exploit because IT administrators are either busy doing other work or maybe fixing that vulnerability would break other functionality in their network.
4.1 Follow these bulletins
Since Server Academy focuses on Windows infrastructure, here is a list of Windows vulnerabilities that you can test in a lab environment:
- Microsoft Security Advisories and Bulletins
- STIG (Security Technical Implementation Guide) Viewer for Windows Server 2016
STIG Viewer is a great resource because it lists vulnerabilities for ALL types of devices. See the full list of STIGs here. Keep in mind that you don’t need to find your exact version or technology in order to use a STIG. They have SRG (Standard Requirements Guide) STIGs that apply to all types of similar software or devices like the General Purpose Operating System (SRG).
Don’t feel bad if you look over those bulletins and they appear to be written in a different language. Most of these vulnerabilities are highly specialized and utilize in-depth knowledge of the technology’s inner workings. This is why learning how to remediate and exploit these bulletins and vulnerabilities will vastly expand your technical knowledge!
4.2 Test vulnerabilities in a lab environment
As we’ve talked about before, you really need to start gaining hands-on experience as soon as possible and the best way to do that is to build an IT lab that mimics a real environment with a specific vulnerability and then try to exploit the vulnerability. Let’s take this Windows Server 2019 vulnerability:
You would need to create an Active Directory domain, and enable reversible password encryption in a GPO (Group Policy Object), apply the GPO settings with gpupdate /force and create a couple of user accounts with this password policy.
Now that you have the lab configuration complete, you may now move on to testing the vulnerability and attempting to hack your lab environment. This particular vulnerability would require you to use AD Explorer and learn about password encryption.
The decryption process is outlined here below:
So to decrypt this password we use the following steps:
– Take the G$MSRADIUSCHAPKEY Global LSA secret
– Decrypt it using the static key
– Parse the userParameters structure and extract the G$RADIUSCHAP and G$RADIUSCHAPKEY values
– Combine the value of G$RADIUSCHAPKEY (the 16-byte random) with the decrypted LSA secret to create an RC4 key
– Decrypt the value of G$RADIUSCHAP using that RC4 keyThe result is a plaintext Unicode password.
Niels Teusink – http://blog.teusink.net/2009/08/passwords-stored-using-reversible.html
This would be a pretty cool way to learn about password encryption and learn how you could exploit this configuration setting if you’re performing a red hat exercise or ethical hacking.
Conclusion
In this article, I did my best to explain how to become a hacker. It’s not a quick or easy path but it’s a skill that grows as your overall technical knowledge of IT increases.
If you are interested in increasing your knowledge of Windows Server or Active Directory so you can hack computer networks that use these technologies, I highly recommend that you create a free account at Server Academy so you can learn from our courses and practice in our IT labs.