Penetration Testing for Beginners

Now, hackers come in all shapes, sizes and colors. Hacking is a very wide term. And by the first sentence, I'm not referring to the physical characters of the hackers, I'm talking about the field of specialization. Believe me, there is a lot of work to do on the Wireless domain that we had been working on so far (we have only touched wireless networks for the time being - you are a beginner), but wireless hacking is but a small island in the vast sea of hacking. A relatively large landmass is unarguably Penetration Testing, and a large name in this context is Metasploit. So here's a guide which will give you a good idea about what Penetration testing is, and if you're feeling to lazy, I've got it summarized here.

What is a penetration test?

What is penetration testing? Penetration testing, often called “pentesting”,“pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester.

How legal is it?

Let’s make one thing crystal clear: Penetration testing requires that you get permission from the person who owns the system. Otherwise, you would be hacking the system, which is illegal in most countries – and trust me, you don’t look good in an orange jump suit (or maybe you do, still I don't recommend going to jail for it, buy one if you need it).

In other words: The difference between penetration testing and hacking is whether you have the system owner’s permission. If you want to do a penetration test on someone else's system, it is highly recommended that you get written permission. Much better, get your virtual machine up and running, with your already acquired VMWare skills, and practice on your own system.

What is a vulnerability?

A vulnerability is a security hole in a piece of software, hardware or operating system that provides a potential angle to attack the system. A vulnerability can be as simple as weak passwords or as complex as buffer overflows or SQL injection vulnerabilities. (SQL injection is another topic I'd like to touch. Later maybe. I'm taking up too many tasks at hand at once.)

What is security research?

Vulnerabilities are typically found by security researchers, which is a geeky term for smart people (how much we hackers love to call our self smart, especially the beginners who get too cocky) who like to find flaws in systems and break them. 

What is an exploit?

To take advantage of a vulnerability, you often need an exploit, a small and highly specialized computer program whose only reason of being is to take advantage of a specific vulnerability and to provide access to a computer system. Exploits often deliver a payload to the target system to grant the attacker access to the system.

The Metasploit Project host the world’s largest public database of quality-assured exploits. Have a look at their exploit database – it’s right here on the site mentioned in the beginning of the article.

What is a payload?

A payload is the piece of software that lets you control a computer system after it’s been exploited. The payload is typically attached to and delivered by the exploit. Just imagine an exploit that carries the payload in its backpack when it breaks into the system and then leaves the backpack there. Yes, it’s a corny description, but you get the picture.

Metasploit’s most popular payload is called Meterpreter, which enables you to do all sorts of funky stuff on the target system. For example, you can upload and download files from the system, take screenshots, and collect password hashes. You can even take over the screen, mouse, and keyboard to fully control the computer. If you’re feeling particularly bad-ass, you can even turn on a laptop’s webcam and be a fly on the wall.

I would say that a payload is what exploits the 'exploit' and gives you some control over the exploited victim. Meterpreter is THE exploit, cause it doesn't give you 'some' control, it gives you ALL of it (that's some way to put it, yes,but not completely true. It still is the best payload. Beginners/noobs really enjoy the GUI feature available in this payload)

What to do next

Wait for more tutorials, or go ahead learning stuff without me. Not recommended, its gonna be a bumpy ride if you don't have us(I am only one person, why do I keep referring to myself as us?) to stabilize you. But still if you wanna go ahead, then Rapid7 is the best place to get started. Best of luck beginners.

Here is a list of related posts on this blog. You should most probably go in this order.

Penetration Testing Level 1: Hacking Windows XP (actual hacking here after the theory you read in this post- we'll help you setup a Kali Linux attack machine and Windows XP victim machine on VMware. Then wel will perform our first hack)
Penetration Testing Level 2:Post-exploitation of Windows XP
Penetration Testing Level 3:Crashing Windows 7
Armitage : Fast And Easy Hacking GUI
Windows XP : Hollywood Style Hack