Learning Kali

I will admit i downloaded kali-linux to learn how to hack. But i am doing so legally! If you are hacking legally it is perfectly fine. I am not trying to destroy or mess with anyone else's things i am trying to learn the art behind hacking and how it is done because computers are very interesting to me. As long as you are obeying the law and not hacking to mess with other peoples things it is completely okay to want to learn how to hack.
 


We're not arguing the ethics of hacking, just that wanting to "learn how to hack" is in itself a bad approach to computer science, and using Kali for learning is an equally bad move because it doesn't perform like a regular operating system. True penetration testers will use it as a tool on a system devoted to testing, but never as a main operating system for personal use which a lot of people come to these forums trying to do.

Hacking has become super cool because of movies like The Social Network, but in reality no one can "teach" you how to hack. It is a skill acquired after years of built up knowledge about computing, networking, programming, etc. Any crack kiddie can download a tool like BlackShades and push a couple buttons to penetrate systems, but real penetration testing is a combination of a lot of skills. If you want to 'hack' you better make sure you can....
Program in C fluently
Understand how a filesystem operates
Understand how an operating system operates
Understand Linux backwards and forwards
Understand endianness, architecture differences, and language support differences (unicode vs ASCII)
Learn to read hex numbers well
Learn how to reverse engineer binary files
Learn the structure of ELFs
Learn how servers communicate
Learn how the web works, how packets are sent what protocols are used, etc.
Learn how databases work and DBMS handles data in the database
Learn SQL
Learn a scripting language (Python prob)

I've been in the IT field for years, written production level Java and C++ code, and work with Linux and DBMS software on a daily basis, but I wouldn't consider myself to have even a fraction of the knowledge I would want to have to successfully penetrate systems, but from watching CTF hacks from DefCon and a number of other security conventions the list above is just a portion of what they use in those CTF events.
 
It depends. I hacked my college class with a DOS attack. I did have an unfair advantage being on their LAN. I mean you can get in real deep writing your own custom malware, or you can use some of the free tools in Kali plus Social Engineering to deliver a Payload.

I think it's possible to create a Malicious USB with Metasploit or the Social Engineering Toolkit. A better hacker could deliver a payload through a network. Other people could deliver it on USB by 'Sneakernet'.
 
It depends. I hacked my college class with a DOS attack. I did have an unfair advantage being on their LAN. I mean you can get in real deep writing your own custom malware, or you can use some of the free tools in Kali plus Social Engineering to deliver a Payload.

I think it's possible to create a Malicious USB with Metasploit or the Social Engineering Toolkit. A better hacker could deliver a payload through a network. Other people could deliver it on USB by 'Sneakernet'.
LOL I just ask for the passwords with some excuse. Got access to certain computer labs because of it. :p
 
LOL I just ask for the passwords with some excuse. Got access to certain computer labs because of it. :p
There is a good article by The Grugq about the future of hacking where he pretty much says social engineering is the future: http://www.csoonline.com/article/21.../where-is-hacking-now--a-chat-with-grugq.html

The Grugq: Well, in 2000 there were loads of good exploits which would take maybe a week to find and develop. These days it might take six months to find and develop one. That is a huge change in value.

CSO: Why so long now?

The Grugq: It is harder to find good bugs and develop good exploits for them.

CSO: It’s like overfishing?

The Grugq: It is exactly like overfishing. That is actually the analogy which Halvar uses to describe it. He takes it a bit further. Basically, there’s closed-source fishing and open-source fishing. Or ice fishing vs. fishing in a clear coral sea. :)

CSO: It makes sense. As finding exploits became automated, bugs were found and exploited rapidly. It’s like dropping those huge trawling nets.

The Grugq: The thing is, the juicy targets are still few and far between.

CSO: And this must also put a premium on socially engineering your way in.

The Grugq: Well, that is harder to do. But these days non-exploit hacking is making a comeback. The whole buffer overflow thing will die off, and what is left is the people who know how to get in without exploit. Those guys are the really old-school guys.
 
Learning to hack can help people understand how and where security flaws exist. This can help developers gain a better understanding of how and where to fix security bugs.
 
I feel like I should defend Kali here and say that if it weren't for having that live Kali cd one night at 4 am and being fed up with windows I would've never discovered the joys of linux which now I spend ridiculous amounts of time learning about. There are I'm sure other people out there who will install it for whatever wrong reason and find something they love :) I run Fedora and Kali now and it may not have been the ideal way to go but I'm so happy that it was there or I'd still be on Windows not enjoying my computer like I do now. If people install it for the wrong reasons and don't ever bother learning blah blah they won't be better off with anything else as nothing easier to use is going to motivate someone to learn something nor is having the same tools on a different distribution they'll still do it for whatever wrong reason and never learn anything. I wouldn't say a thing normally but I see the same kali hate everywhere and it gets tiring after a while. It's always the same reasons and it never seems to add up to anything when it comes to my personal experience with it, having things for a stupid reason always makes me find something I love and want to learn more about.
 
to answer the question asked... How do I learn Kali Linux? Answer: the same way you learn any and every other distro! to answer the implied question of how do I learn to hack/crack? Answer: RTFM and then read it again and again until you truely understand it. If you can not figure out how to learn to hack/crack then you do not need to know how and you will just get yourself into more trouble than it is worth. If you can't do it without pre-built tools then don't do it. man pages are your friends! And if you really want to learn hacking/cracking check out https://www.enigmagroup.org/ and https://exploit-exercises.com/
 
Last edited:

Members online


Top