«

»

Feb 01

A Year of Ethical Hacking – Month One

Month One Review

One month down, eleven to go.

It’s hard to believe that the year is already one-twelfth of the way over!

My goal is to spend 416 hours studying Ethical Hacking in one year.  416 isn’t a random number.  416 is 8 hours per week, times 52 weeks.  I finished month number one with 34 hours.  Plus or minus a couple hours, I am on pace to meet my goal!  Have your 2017 goals made it through the first month?

If you aren’t sure exactly what this is all about, take a look back at my first post in the series, Investing a Year in Ethical Hacking.

It is surprising how much work can get done with consistent daily effort.  Also, it is easy to let several days go by with no progress.  Making a schedule to study at the same time every day has helped keep me mostly on track.

A few life events came up that prevented me from studying the last few days of the month but other than that, the first 3 weeks were a huge success.

Here is a summary of my first month of Ethical Hacking.

Week 1: 9 hours – Total: 9 hours – Google Hacking & Port Scanning with Nmap

Week 2: 11 hours – Total: 20 hours – Scanning, Enumeration, Linux

Week 3: 10 hours – Total 30 hours – Enumeration & Password Cracking

Week 4: 4 hours – Total 34 hours – Privilege Escalation, Antivirus Bypass, and Alternate Data Streams

 

Keep reading for the highlights of the month…

Highlights

OSINT / Google Hacking

I found some old posts I had made on a forum a long time ago.  I also found some interesting information about a company that I am interested.  See more in my Week 1 Post.

A cool website I found is Archive.org.  You can use this to view previous versions of websites.  I actually used it to successfully locate some information I needed, even though it was intentionally hidden on the current version of the site.

Nmap Scanning

I found a major difference between the ports that are open by default in Linux vs. Windows.   See more in my Week 2 Post.

I think it is important to point out that I learned a lot more than just scanning.  I got some hands on experience on real systems, found ports I didn’t know about, and researched what they were for.  This is certainly beyond the scope of the CEH exam.  However, I think this is the most important part of the learning process.  Exploration adds depth to the material and makes it more applicable to the real world.

Enumeration

I learned some basic enumeration techniques for gathering information about NetBIOS, SNMP, and SMTP.  SMTP was the most interesting, especially for Gmail and Office365 servers.  Take a look at my Week 3 post for more detail.

Password cracking

I cracked a password!  Well, a built in tool on Kali Linux actually cracked it.  I just followed the directions.  I think this officially elevates me to “script kiddy” status.  No matter what, it was fun and exciting; a necessary step toward becoming an Ethical Hacker. Check out the details in my Week 3 Post.

IP Address Fun

The difference between Tracert and TraceRoute is incredible! I got a really good results from TraceRoute.  TraceRoute gave me all the information about the hops across a network even when Tracert gave me NOTHING!

Another cool web resource I found is Arin.net.  You can look up ownership of IP address ranges.  I dug up some bonus info using it that wasn’t available from DNS alone.  You can see the detail in on the Week 2 Post.

Alternate Data Streams

I hid a file inside another file.  Week 4, This is a pretty neat trick.

Privilege Escalation & Antivirus Bypass

Other than password cracking, this was one of the highlights of the month.  I used a registry hack to elevate my non-admin account to Administrator!  And I even disabled the antivirus software while I was at it!  Week 4 was pretty great, check it out!

Study & Lab

In addition to all of that, I also invested time studying and memorizing information for the test.  Also, don’t forget time invested in actually building the lab!  Using Hyper-V, I built a lab with Windows 7, 10, Linux CentOS, Kali Linux, Server 2008 R2, and Server 2012 R2.  This includes a mix of systems connected to a private lab network and a couple systems connected to the internet.  Building a lab is a time consuming but important up-front effort.  I expect that next month I’ll get a lot more done since the lab is already built.  I’m sure I’ll build another system or two and continue to make minor tweaks to the lab but the bulk of the work is done.

Conclusion

That’s it!  Month 1 is complete.  I learned a lot and had a lot of fun.  I’m really looking forward to another great month ahead.

My hope is that this will show you what a long-term investment in learning and growing looks like.  It’s easy to get excited and try to get 37 certs in 6 months so you can land that big job.  But dedicating a year to mastering the subject is so much more rewarding!

How are your 2017 learning goals coming along?  Are you working on the CEH or something else?

Leave your $0.02 in the comments below.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>