前言
通过 Hack The Box 学习实战化的渗透测试红队攻击
Learn Hands-On Penetration Testing Red Team Attacks with Hack The Box!
我是 0x584A,本篇文章将指导你如何从零开始进行实战化的渗透测试学习。基于 Hack The Box 提供的真实虚拟化环境,让学习实战化的渗透测试成为一种乐趣。
如果你看过我以往的文章,那么你可能已经知道了什么是实战化的渗透测试。对于想要真真扎根在学习网络安全攻防知识的人,最大的困境可能就在苦于没有贴近真实的实战环境,能够让自己尽情的展示攻防技术。
有人可能会杠一下,网络上那么多网站、应用和系统,我不能去进行渗透测试并将发现的安全漏洞告诉他们吗?答案是肯定的:不能! 因为未经授权许可,你只是一个黑客,一个破坏者,而且很可能你的所作所为会触犯一些违法红线。有人可能会再杠一下,那么多 SRC 厂家,我不能去进行渗透测试吗?这个当然是可以的,只要你技术过硬并且有道德的遵守他们制定的公约,你就是合法的。但这也意味着对新手不友好,会遇到很多挫折。
学习网络安全的方法有很多,从在线课程到大学深造。大多数这些方法将涉及不同程度的实际动手实验,虽然这有帮助,但没有什么可以替代 10000 小时定律。作者马尔科姆·格拉德威尔 (Malcolm Gladwell) 认为它是成为任何领域专家所必需的时间。虽然天生有天赋的人可能会不费吹灰之力就成为专家,但对于我们大多数人来说,在各种不同的环境中重复基本技能将使我们成为该领域的“专家”。
I’m 0x584A and this post will guide you on how to start from scratch with live-action penetration testing learning. Based on the real virtualized environment provided by Hack The Box, it makes learning real-world penetration testing a pleasure.
If you’ve read my past articles, then you probably already know what a real-world penetration test is. For those who want to be really, really rooted in learning about network security attack and defense, the biggest dilemma may be in the lack of close to the real real-world environment that allows them to show off their attack and defense skills to their heart’s content.
How to Start Your HackTheBox JourneySome people might be barreling along, with so many websites, applications and systems on the web, can’t I just go ahead and conduct a penetration test and tell them about the security holes I’ve found? The answer is yes:No! Because without authorization you are just a hacker, a vandal, and most likely what you do will break some illegal red lines. Some people might argue that there are so many SRC vendors out there, can’t I just go and do a penetration test? Of course you can, as long as you’re skilled and ethical enough to follow the conventions they set, you’re legal. But that also means it’s not newbie friendly and there will be a lot of frustration.
There are many ways to learn cybersecurity, from online courses to advanced college studies. Most of these methods will involve varying degrees of actual hands-on experimentation, and while that helps, nothing can replace the 10,000-hour rule. According to author Malcolm Gladwell, it’s the amount of time necessary to become an expert in any field. While the naturally gifted may become experts with little effort, for most of us, repetition of basic skills in a variety of environments will make us “experts” in our field.
HackTheBox 是什么?
在早期我努力学习通往 OSCP 认证时发现了 Hack The Box,这个网站对获取服务器最高权限的攻击技术进行了分级,并且制定了优秀的用户Rangk等级,良好的社区文化让你可以和全球网络安全爱好者交流技术(其中非常感谢 IppSec 的 YouTube 频道,让我学到了很多实用的安全技巧)。这就是 Hack The Box,它能让你在学习网络安全的道路上变的更加有趣。
Early on in my efforts to learn my way to OSCP certification, I discovered Hack The Box, a site that grades attack techniques for gaining maximum access to servers, has excellent user Rangk levels, and a great community culture that allows you to share your skills with cybersecurity enthusiasts around the globe (with many thanks to the YouTube channel of IppSec YouTube channel, where I learned a lot of useful security tips). It’s all about Hack The Box, and it makes learning about cybersecurity a lot more fun.
学习的目标
对于那些可能没有安全基础技术背景的人来说,我想尝试拉平学习曲线并为他们提供学习资源,帮助他们克服最初的障碍,踏上终身探索和学习的旅程。
最近在刷推的时候,看到了一篇越南人用越南文字写的一篇文章:如何写博客?。
这也是我为什么写下这篇文章的初衷之一,用爱发发电吧。如果学习途中遇到什么问题,欢迎与我交流共同进步,前提是你要学会:提问的智慧 - https://github.com/ryanhanwu/How-To-Ask-Questions-The-Smart-Way/blob/main/README-zh_CN.md,我希望大家探讨时都是带着问题来的,而不是闲谈。
望,共勉。
For those who may not have a technical background in security fundamentals, I want to try to level the learning curve and provide them with learning resources to help them overcome their initial barriers and embark on a lifelong journey of discovery and learning.
While brushing up on my tweets recently, I came across an article written by a Vietnamese man in Vietnamese characters An article: How to blog?.
That’s one of the reasons why I wrote this article in the first place, send power with love. If you encounter any problems on the way of learning, welcome to communicate with me to make progress together, provided that you learn: the wisdom of asking questions - https://github.com/ryanhanwu/How-To-Ask-Questions-The-Smart-Way/blob/main/README-zh_CN.md, I hope that we explore with questions, not gossip.
Hopefully, with a shared desire.
如何正确的开始
接下来教你如何选择你的初始路径,并持续学习。
The next step teaches you how to choose your initial path and keep learning.
路径1-从基础学院开始
如果你没有任何网络安全基础(你至少要学会如何用电脑和翻译工具),可以访问 HackTheBox academy - https://affiliate.hackthebox.com/jiexu1616 并进行账号注册。为那些随时准备进入安全领域的网络安全初学者人士,Academy 通过指导培训发展你的技能,并通过一系列的行业认证证明你的专业知识。
站点通过结合示例互动、指导培训和行业专业认证等,帮助你高效的学习该领域的知识。我个人比较喜欢它积分消耗特性,也就是 Cubes。没学习一个知识模块需要 Cubes 点数,而这些点数会在你学习完成后进行返还。里面含盖了平台功能引导课程、各类安全工具使用课程、各类信息挖掘及漏洞利用课程等等,非常推荐前期对网络安全基础知识类的学习。
Tips: 推荐访问 https://affiliate.hackthebox.com/jiexu1616 链接进行账号推荐注册,如你后续在平台完成了充值可以联系我核对,我会将得到的活动金额返回给你。
If you don’t have any basic knowledge of cybersecurity (you should at least learn how to use a computer and translation tools), you can visit [HackTheBox academy - https://affiliate.hackthebox.com/jiexu1616](https://affiliate.hackthebox. com/jiexu1616) and register for an account. For beginner cybersecurity professionals who are ready to enter the security field, Academy develops your skills through guided training and proves your expertise through a series of industry certifications.
The site helps you learn the field efficiently through a combination of sample interactions, guided training, and industry-specific certifications. Personally, I like the point-consuming feature, or Cubes. It takes Cubes points to learn a module, which you get back when you’re done. Inside covers the platform function guide course, all kinds of security tools use course, all kinds of information mining and vulnerability utilization course and so on, very recommended to the network security basics of learning.
Tips: Recommended to visit https://affiliate.hackthebox.com/jiexu1616 link for account referral registration, if you subsequently completed the recharge in the platform can contact me to check, I will I will return the active amount to you.
路径 2-从实战攻防开始
如果你已经在从事网络安全相关工作,想通过实战化的方式进行学习却苦于没有相应环境,那么强烈推荐你注册 HackTheBox LAB - https://affiliate.hackthebox.com/stwplw52cz7x。只需要下载个人的 openvpn 配置文件,通过 openvpn 进入 Lab 环境就能随时开启一场实战化的学习。
它有很多不同的学习模块,例如:
- Machines :长期有 20 多个不同等级的活跃的免费标靶机器,并且每周会轮询更新一个新的标靶机器,同时也会不定期的选择几个退休标靶机器加入该免费列表。这也是我个人玩的最多的模块,每一台机器都是一个全新的挑战,全新的知识链。学习的时候能让你感觉不到时间的流逝。
- Challenges:其实就是 CTF 模块,里面含盖 WEB、Pwn、Crypto,数据取证、移动安全等等 120+ 个题目,难道也是从容易到极其困难。喜欢 CTF 类型的可以试试这个。
- Tracks:它就是一个 Machines 与 Challenges 的集合。通过一个主题串联一类 Machines 与 Challenges 的集合,专项学习或加固这个主题知识。
- Battlegrounds:这个叫战场模式,在 Advanced Labs 菜单里面。其实就是 AWD 模式的线上平台,分 2v2 和 4v4 模式,含盖攻击、防守和漏洞加固于一体。也是给没有这类环境实战学习的人提供的模块。
Battlegrounds 模式对抗过程中的页面:
除了上面提到的免费内容,HTB 平台支持 PayPal 购买 VIP 会员的服务,仅需 PayPal 关联银联“借记卡”就可以完成跨国付款,非常方便快捷。
Tips: 推荐访问 HackTheBox LAB - https://affiliate.hackthebox.com/stwplw52cz7x 链接进行账号推荐注册,如你后续在平台完成了充值可以联系我核对,我会将得到的活动金额返回给你。
If you are already engaged in cybersecurity-related work and would like to learn through a hands-on approach but suffer from a lack of appropriate environment, then it is highly recommended that you sign up for [HackTheBox LAB - https://affiliate.hackthebox.com/stwplw52cz7x](https://affiliate. hackthebox.com/stwplw52cz7x). Simply download your personal openvpn configuration file and enter the Lab environment via openvpn to start a hands-on learning experience at any time.
It has many different learning modules, for example:
- Machines : There are permanently over 20 active free target machines of various levels, and a new target machine is polled and updated every week, as well as a few retired target machines chosen from time to time to be added to this free list. This is the module I personally play the most, each machine is a new challenge, a new chain of knowledge. Learning can make you feel less like time is passing.
- Challenges: In fact, it is the CTF module, which covers WEB, Pwn, Crypto, data forensics, mobile security and so on 120+ topics, is also from easy to extremely difficult. Like CTF type can try this.
- Tracks: It is a collection of Machines and Challenges. It is a collection of Machines and Challenges linked together by a theme, and it is specialized to learn or strengthen the knowledge of this theme.
- Battlegrounds: This is called Battlegrounds mode, in Advanced Labs menu. In fact, it is the online platform of AWD mode, divided into 2v2 and 4v4 modes, covering attack, defense and vulnerability reinforcement in one. It is also a module for those who don’t have this kind of environment to learn in practice.
Battlegrounds Page during mode confrontation:
In addition to the free content mentioned above, the HTB platform supports PayPal to purchase VIP membership services, and you can complete cross-border payments by simply associating PayPal with Alipay, which is very convenient and fast.
Tips: It is recommended to visit HackTheBox LAB - https://affiliate.hackthebox.com/stwplw52cz7x link for account referral registration, if you If you have completed a subsequent top-up on the platform you can contact me for verification and I will return the active amount to you.
总结
我现在基本保持这么个习惯:周一有空的话就整理下历史 HTB 过程文章发公众号里,周一至周五日常完成本职工作,周六自由一天和媳妇出门逛街或者刷剧,周日在家打新的 HTB 免费标靶机器,如此循环并不枯燥。
通过 HTB 模拟实战化,始终保持技术学习和熟练使用的状态。最近新开了个 Hackers Clash Season II 活动,目前是第二季了,每季 13 周,每周一台新的 Box 机器上线,与全球的安全爱好者一起竞赛争夺 RANK 排名,欢迎一起加入进来。
享受趣味学习的乐趣。
I now basically maintain this habit: Monday if you have time to organize the history of HTB process articles posted on the public number, Monday to Friday to complete their daily work, Saturday free day and daughter-in-law go out shopping or brush drama, Sunday at home to play the new HTB free target machine, so the cycle is not boring.
Through the HTB simulation actualization, always keep the state of technical learning and skilled use. Recently started a new Hackers Clash Season II, now in its second season, each season of 13 weeks, every week a new Box machine online, and security enthusiasts around the world to compete with the competition for the RANK ranking, welcome to join together.
Join in the fun and learn.
