Tuesday, March 22, 2011

#1 – Essential Frugal Hacker's Toolkit


INTRODUCTION


For those of you who don't know me, I'm a network security analyst and project manager. I lead a team of network security analysts whose job it is to perform vulnerability assessments for the Department of Defense and to perform penetration tests for some commercial customers. Not only do I lead my team and work the contracts/business side of the house, a lot of the time I find myself on the ground at testing sites, working side by side with my employees. I am a competent tester and a very technical person, so
when scheduling conflicts arise and my team can't cover testing completely, I step in and lend a hand. Previous to this gig, I worked as a UNIX administrator for nearly fifteen years and managed a 1500
workstation hospital's mixed-technology network. I know Windows. I know Linux. I know (some) Cisco. I know SQL. I've programmed web applications in Perl, Javascript and PHP.



Basically, I'm a technology hound. I like to know how things work and I don't stop researching until I
find a satisfactory answer.



But I'm not a celebrity chef. And I'm not Stephen King. I'm not rich. I live day to day on a budget. And
I'm guessing that if you are reading this, then you do, too. After all, not everyone is lucky enough to have a limitless cash flow. 


In essence, I have to hack on a dime budget. I tend to piece together my computers and I rarely pay for

software (I don't pirate, I simply don't buy Microsoft Windows, if, in fact, I don't need it). I like to keep my dollars where they belong—in my own wallet, not someone else's.


So, with a frugal wallet in mind, I've put together what I feel is an essential hacker's toolkit. I've

included in it a small array of hardware, some specialty, some not and I'm here to tell you from the get-go that there will, indeed, be holes in our toolkit. There are some tools that simply cost too much
to seriously think about including in a frugal hacker's toolkit. And, if I'm totally honest, there will probably be tools that pop up along the way that we'll simply add to our toolkit. (I mean, the chances
that I'll remember everything right at the time of writing are slim to none)


Since we're frugal (and not flat broke), we are going to spend a little money here and there.

However, what money we do spend, will be done for a reason: to easily get us results. Since we're hackers, we're lazy, right? And who really wants to sit and spin crucial cycles making a free/incredibly
cheap piece of hardware to work when we can spend a quick $30 and get that piece of hardware to work within a few minutes? I don't know about you, but I'll dish out a couple of bucks to save myself a headache and hack into a system faster.


So where do we start? Well, the following list is my starting point. Whenever I build a hacking toolkit, this is the checklist of equipment I usually pull together. Let's go over it, shall we?




THE
ESSENTIAL FRUGAL HACKER'S TOOLKIT

Here's what you're going to need to amass in your collection. I've been able to piece together most of
this kit from castoffs at my job. If you're job has an IT department, you might be able to get friendly with a tech and luck into a late model in the discard pile, as well. 

Let's start, shall we?

  1. A Late Model Laptop (Use the following specifications as a guideline. You can vary with any
    particular component, but try to stick close to the specs. You'll get the best experience if you keep the hardware modern—not necessarily new or the latest and greatest, just modern)
  • 80GB Hard Drive (or larger)
  • 1GB – 2GB RAM
  • CD/DVD ROM Drive (A writer is not
    necessary)
  • Built-In Wireless Card capable of
    being put into “monitor mode” (see below) OR
  • PCMCIA slot/USB slot for wireless
    card that can be put into “monitor mode”
  • Ethernet Cable Port
  • Multiple USB Ports
  1. A wireless card that is capable of being put into “monitor mode” (more on what “monitor
    mode” means later, but for now, stick to any wireless card that has the following chipsets built into it). Other than the actual laptop, this is where you want to spend some actual money. Not a lot
    of it, but some.
Wireless Chipsets to research:
  • Atheros (AR5XXX, AR9XXX)
  • Broadcom (B43XX Family)
  • Intel Pro Wireless and Intel Wifi
    Link (Centrino)
  • Ralink (RT2X00)
  • Realtek (RTL8187)

  1. Two or three Ethernet cables – you never know when things break
  2. A USB Bluetooth Adapter
  3. A small, inexpensive hub – we're going to use this for wired network sniffing
  4. Two or three USB flash drives (sticks are the most preferable option here: 4GB-8GB, nothing more)

Basically, to demonstrate to you that I'm practicing what I preach, I'll be piecing together my own kit and documenting it all along the way. So, throughout these lessons, you'll see what I see and you'll learn what I learn. This will be an in-depth look at penetration testing techniques, skills that you'll need to hack a network and the tools you can use to evaluate a given network's security.

Also, some essential reading that I think you'll find interesting is listed below. I'll be drawing from a lot of reference material and some of these books will contain in-depth data for us, as hackers.

ESSENTIAL READING
HACKING EXPOSED 6 by Stuart McClure, Joel Scambray, and George Kurtz
HACKING EXPOSED WIRELESS by Johnny Cache, Joshua Wright, and Vincent Liu
THE DATABASE HACKER'S HANDBOOK by David Litchfield, Chris Anley, John Heasman and Bill Grindlay
THE WEB APPLICATION HACKER'S HANDBOOK by Dafydd Stuttard and Marcus Pinto
OFFICIAL CERTIFIED ETHICAL HACKER REVIEW GUIDE By Steven DeFino, Barry Kaufman, Nick Valenteen and Larry Greenblatt
THE ART OF DECEPTION by Kevin Mitnick and William L. Simon
THE ART OF INTRUSION by Kevin Mitnick and William L. Simon

7 comments:

  1. "i am [..] a very technical person"
    So please, delete all your lines feed when you copy-paste your text...

    ReplyDelete
  2. What? i think he is REAL, keep it up man, i like read yours

    ReplyDelete
  3. Real Hackers use Linux.

    Up to date laptops? pah. Newer model laptops are more likely to have hardware tracking in them (stuff that tracks not only the HDD if you get my drift).

    So unless you're willing to part with it (dump it) when your hacking is done (even if you're using someone else's connection) the older laptop the better.

    You don't need a Quad Core, 6GB RAM loaded 1GB Graphics card packed Laptop for hacking, Just something that's reasonable. You're not playing Crysis, just running programs.
    A fast internet connection is more important than a blistering fast computer.

    Otherwise, good information here.

    ReplyDelete
  4. Hey Drew- thanks for creating this blog! I'm relatively new to security penetration testing, and this blog guide is excellent.

    Regarding the essential reading recommendations you make above, I just purchased the first on the list (Hacking Exposed 6), for about $12 on half.com (they want over $30 for it new!), and was wondering if that will suffice for now or do we need the rest of the listed literature.

    Anyways, I'm onto the next blog about installing backtrack. I have a Win 7 with Ubuntu installed as a virtual machine within VirtualBox. My laptop is a desktop replacement, so it is pretty powerful- do you think it will be fine for me to use it for my "hacking" adventures, or should I get a cheaper, older model that will only have backtrack installed on it?

    Thanks!

    ReplyDelete
  5. Why a laptop? Why not desktops?

    ReplyDelete
  6. Hi,

    This is one cool blog so big up on hard work!
    I think you need to add "Wireshark Network Analysis - Second Edition" to the reading list.

    Cheers.

    ReplyDelete