What should do to improve my skills?

nickee89nickee89 Registered Users Posts: 4 ■□□□□□□□□□
I passed my CEH exam on last year june, since then, i keep on practice on my hacking skills(the reason took CEH is to learn hacking more), from software usage, to code exploitation, then backtrack 6, but of cause during the class at CEH, it does not teaches u the real time environment hacking, just some theory + some script kiddie tool, which found out it does not useful anymore. I'm ambitious to become a penetration tester, or maybe an skillful white hat hacker, but in order to do that, i have to arm myself with experience, but i don't know where shall i start. I'm stuck since passed the exam until now, wondering what should i do to improve my skills. I'm planning to take CHFI next month to learn new stuff instead of stuck in this situation. I have tried to perform pen-testing my company server, but there a lot of barrier that i could not breach as the company is not that secure at all.
Breach that i could not pass:
1.) Unable to log in from 1 personal computer to the domain server located in the server room
2.) Unable to crack a password to connect to wifi, or login window, or administrator account
3.) Learned to setup Snort but not familiar with the filter rules and how to block connection
4.) SQL injection on certain website

If any high-end hacker out there, hope to get help from you because I'm really hoping that my skills could offer a help to security issues nowadays. Thanks

Comments

  • cyberguyprcyberguypr Senior Member Mod Posts: 6,909 Mod
    Obligatory question: did your employer give you written permission to perform those tasks?
  • TechGuy215TechGuy215 Explore_Dream_Discover Philadelphia, PAMember Posts: 404 ■■■■□□□□□□
    ^ +1 for cyberguypr. I don't see anywhere in your text about your position being security related, and/or that you have the permisison of the company to perform pentesting, scanning, or vulnerability testing.

    Make sure they know exactly what you are doing, and document EVERYTHING incase you have an issue.

    http://www.sans.org/reading-room/whitepapers/auditing/conducting-penetration-test-organization-67 <---A quick read to give you an idea of what goes into pentesting as far as planning, preparation, execution, analysis, and cleaning up.
    * Currently pursuing: PhD: Information Security and Information Assurance
    * Certifications: CISSP, CEH, CHFI, CCNA:Sec, CCNA:R&S, CWNA, ITILv3, VCA-DCV, LPIC-1, A+, Network+, Security+, Linux+, Project+, and many more...
    * Degrees: MSc: Cybersecurity and Information Assurance; BSc: Information Technology - Security; AAS: IT Network Systems Administration
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    I highly suggest you check out the site EH-Net Online Mag - Free Online Magazine for the Security Professional : EH-Net Online Mag. We don't get into gray hat or black hat stuff here.
  • nickee89nickee89 Registered Users Posts: 4 ■□□□□□□□□□
    Oh my apologize, i forgot to mentioned that i am the security consultant of my company, yes i do have permission from my employer, that's the purpose they employ at the first place, to check out their security issue. Also, i just no very sure about what to do after passing the CEH course.
  • Disgruntled3lfDisgruntled3lf A+, Net+, Sec+, CCNA, CCNA Security, Linux+, CDIA, Project+, LPIC-1, GCIH, GIAC Advisory Board, WGU Member Posts: 77 ■■■□□□□□□□
    Those are pretty unclear goals. For example:
    2.) Unable to crack a password to connect to wifi, or login window, or administrator account

    Is actually three different tasks and you haven't provided enough information.

    1. What type of security is the WAP using? This is important because different protocols have different weaknesses (WEP being the easiest to break)

    2. What login window are you referring to?

    3. What do you mean "crack" the admin password? Do you have a hash you're trying to crack? Are you attempting to brute force it? We would need more information to help you.

    4. This is so vague I don't have enough time to list all the possible information I'd need to help you. Have you made sure the web site even has a back end database to compromise?

    Also, how did you get a job as a security consultant running pentests without being able to perform SQL injection, wireless auditing, or privilege escalation? This is highly suspect so I'm uncomfortable giving you specifics but you did ask about how to improve your skills so I would suggest you get a copy of backtrack, damn vulnerable linux, and damn vulnerable web app. Then be prepared to commit some serious time to google.
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    Just take one item at the time, only one. Specially the one you like more, for example if you like wireless take that and use securitytube.net videos.

    If you want to learn the intrusion detection try to built snort (One time I built one using Windows XP), try to do MIT in your virtual machines until you master.

    You like sql injection download a lot of virtual machines with tutorials and follow the examples and later with a image copy of your server do the pentest.

    CEH teach you a little of everything, nothing deep, just take something you like must and begin to build from there, takes time but never in a real production environment

    Now if you keep trying in a real production environment without good knowledge doesn't matter if you are the security guy if the app/server is down it will not look good with you specially if you cannot fix it, in other words you will be without a job.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

Sign In or Register to comment.