Hacking: Quick and Easy

by haplesscheese

You're the aspiring hacker - interested in Internet hacking communities, clubs, and events, but with little hacking background or knowledge.  You want to get your hands on your computer and do something you can be proud of - and have the community be proud of you.  How?  Penetration testing is an experienced occupation, requiring years to hone skills and find out what works best.  Besides, computers and operating systems are constantly advancing, and old systems are rapidly becoming obsolete.  You need something now.

0x01 Choosing a Job

As far as we're concerned, there are five types of hacks: DoS (i.e., SYN flooding, distributed DDoS), web exploits (i.e., SQL injections, URL manipulation, XSS, CSRF), wireless hacks (i.e., Wi-Fi vulnerability scanning, Wi-Fi key cracking), social engineering (i.e., phishing, keylogging), and malware.  For something you can do at home right now, let's choose to create a web exploit.  Our goal is for a successful SQL injection (where, in place of a variable, text that represents SQL commands will be executed) to be played out on our target.

0x02 Gathering the Tools

To do our job, all we'll need is a web browser.  However, one of the best penetration testing operating systems on the web is Kali Linux.  Kali contains many tools that would be useful to the aspiring hacker.  My personal setup includes VirtualBox running a copy of Kali.  You can find links to download VirtualBox and Kali in the References section at the end of this article.

0x03 Selecting a Target

To find a vulnerable target, we'll use Google dorks (search terms that bring specific results for a domain).  Lists of popular Google dorks can be found online, but we'll just use:

inurl:"login.aspx?id=" intitle: "admin"

to get all websites that contain login.aspx in the URL and admin in the title.  Most of these will be vulnerable due to them sending queries to the database directly in the URL.

A typical URL query might look like this:

SELECT * FROM Users WHERE Username = '' + UserInput AND Password = '' + PassInput;

Where UserInput is the username provided by the user and PassInput is the password provided by the user.

An injected query could then look like this:

SELECT * FROM Users WHERE Username = '' + ' OR ''1=1' AND Password = '' + ' OR ''1=1';

This statement would effectively login the user to the first row in the table Users.  This makes it extremely easy for us to break in.

0x04 SQL Injection

Once a vulnerable target has been found, we'll begin our process.  In the Username and Password boxes, type:

' OR ''1=1'

We might now be greeted with a confirmation of login, along with our username.  We are in.

(Note: SQL injection might be blocked on the server that you use.)

0x05 References

VirtualBox: virtualbox.org

Kali Linux: kali.org