16 votes

Learning to pentest

Hi, I need your help to learn pentesting.

I'm programming for several years. I'm really good in C# and can write moderately complex apps in Dart, Python and JavaScript. I'm in highschool and work for software development company as backend developer. But general programming starts to feel so boring...

I've started to watch LiveOverflow on youtube (no link, there is no wifi here and I don't want youtube to drain my data) and it was so interesting - so I tried it. I've tried few CTFs, read many writeups, and now I've discovered CTF hack the box.

When I know what to do, I have no problem googling and researching and later applying my knowledge. But I often discover, that I just don't know what I don't know.

There is one CTF challenge that I haven't completed yet. It's 20 line html page, no javascript, nothing suspicous. No cookies. It has just form with password input, which sends post request to server. Here's the problem - how do I get the flag (the password)? I can bruteforce it, but it clearly isn't the correct way. I know that the php runs on apache, debian. I've tried getting some files, I've tried going up (../), sql injection, nothing works.

And here's the general problem - what am I missing? What to learn? What should I google? I don't want ideas what I'm missing on this one example - Instead I need some sources where I learn generally about vulnerabilities I can exploit. Some blog, some website, something like this.

Could someone here recommend me some sources where I learn about this? How did you start and what things do you generally check when you face something you have to break into?

Thank you

3 comments

  1. [2]
    FunkyGenome
    Link
    I've started doing some CTFs myself the last year/s and I agree, it's really hard to Google for a problem when you don't have the words or the slightest idea what might be a way in. There is no...

    I've started doing some CTFs myself the last year/s and I agree, it's really hard to Google for a problem when you don't have the words or the slightest idea what might be a way in.

    1. There is no correct way. There are things that work, things that work well and things that don't work.

    You could always check out some ippsec videos of retired machines from HTB and learn a thing or two. I think that we have to just expect to learn from things that initially go over our heads. Pentesting seems thankless, but only until you pop that sweet, sweet root.

    Enumerating is important and helps you to boil down some search phrases or something to dive deeper into.

    3 votes
    1. smit2300
      Link Parent
      Agreed on IppSec videos. I got started like a year and a half ago just from watching him and his basic enumeration method and it got me up to being able to at least work through the "Challenges"...

      Agreed on IppSec videos. I got started like a year and a half ago just from watching him and his basic enumeration method and it got me up to being able to at least work through the "Challenges" section on HTB before eventually being able to actually independently pop boxes through googling and research. Hmu on HTB in a DM, same username, if you ever want some tips from someone not in the field that's gotten into pentesting on how to get started or want some useful materials.

      4 votes
  2. palpitations
    Link
    I'm far from an expert, but I do know a few good resources at least... OWASP PTES Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman The Web Application Hacker's Handbook...

    I'm far from an expert, but I do know a few good resources at least...

    OWASP
    PTES
    Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman
    The Web Application Hacker's Handbook by Dafydd Stuttard and Marcus Pinto

    2 votes