Throughout this series of articles so far, we’ve explored the basics of hacking into an IoT device, as well as how to exploit open ports on a virtual machine — all in the name of teaching a non-technical novice how to hack. In this article, I’ll be giving an overview of a few hacking tools that many penetration testers and ethical hackers will be familiar with — Kali Linux, Nmap, and Wireshark.
Now, when I first came across these tools as a complete layman, the immediate thoughts in my mind were something along the lines of “what?!”, “how does this thing do stuff?”, “what do I do here?”. However, of course these questions aren’t ‘Googleable’, so instead I sequentially search:
How to use Kali Linux? How to use Nmap? How to use Wireshark? This is a good starting point. However, by the end of this article I will have hopefully answered these questions in enough detail to provide some basic guidance. Let’s get started with the foundation of ethical hacking tools — Kali Linux. So, what exactly is Kali Linux and what is Kali Linux used for?
What is Kali Linux?
What is Kali Linux? Kali Linux is a Debian-derived Linux operating system designed for digital forensics and penetration testing. Essentially, Kali Linux has a wide suite of tools that any security professional would be happy with. Kali Linux can be utilised as your sole operating system, or you can opt to dual boot your current operating system alongside Kali as I did in a previous article.
So, how do you download Kali Linux? It’s pretty simple really. Firstly, follow this link and navigate yourself to whichever platform is the most suitable for you to run Kali Linux on. In my case, I was running Kali Linux on Virtual Box which is a virtualisation product for enterprise and home use. So, the ‘virtual machines’ version of Kali was the most suitable for my setup.
Once you have Kali Linux installed, you can run the operating system at the same time as your current one. For example, I’m currently running Mac OS X on my laptop yet I’m able to run Kali Linux on a separate monitor simultaneously — although it runs like a potato.
The most optimal method for dual booting is likely through a remote hard drive. Kali Linux needs around 10–15GB of free space to run at a decent speed, so having a hard drive or removable disk with at least that is required for it to run efficiently.
Now you have Kali Linux up and running, you can see via the menu that it has almost 100 pre-set hacking tools already installed on it, making it the perfect operating system for any wannabe hackers (like me!). I mentioned at the beginning of the article that we’ll be giving an overview on other penetration test/ethical hacking tools such as Nmap and Wireshark, both of which are built into Kali Linux. So, let’s get the ball rolling.
What is Nmap?
What is Nmap? Nmap (Network Mapper) is a is a free and open-source utility for network discovery and security auditing. Nmap is essentially a network scanner that enumerates known devices on a network, allowing individuals and organisations to create an inventory of their internet-connected devices and assets. In the original article from this series, I briefly covered what Nmap is and how I used it to scan the office environment to discover information about an IoT device. This is just one example of how Nmap can be used for security purposes, but it also extends its use case further through the Nmap Scripting Engine (NSE).
The NSE is one of Nmap’s most powerful and flexible features. It allows users to write simple scripts to automate a wide variety of networking tasks. Those scripts are executed in parallel with the speed and efficiency you expect from Nmap. Ultimately, the NSE allows users to execute particular security tasks through a built-in database of scripts, all of which are offered from the community. Using the NSE is a very simple step towards becoming a ‘script kiddie’, which is exactly what a low-level hacker with limited technical know-how is. In other words, it’s me. I am a script kiddie using NSE.
Nmap as a whole is an incredibly powerful tool. It is typically the first step in any penetration test because it allows the user to gain a holistic view on the network that is about to undergo an attack. The information can cover all sorts of variables which imply the state of security on the network. For example, an Nmap scan can provide information on:
Open ports, software versions, service versions, operating systems, and much more.
What is Wireshark?
What is Wireshark? Wireshark is a free and open-source packet analyser. It is used for network troubleshooting, analysis, and software development. Fundamentally, Wireshark allows users to view, analyse, and act upon information generated from the various packets transmitted on a network. A packet is the name given to a discrete unit of data in a typical ethernet network. Essentially, a packet is the term given to a piece of data that is communicated across a wireless network. Wireshark is the most commonly-used ‘packet sniffer’ in the world.
You know that meme of John Travolta wandering into a room acting very lost and clueless while he looks around? Well, packet sniffing is essentially that but in computational format. It allows users to filter and visualise the various communication protocols across different elements of the network, but is very limited on how to actually decrypt that data unless the user is an absolute whizz-kid — something I am not.
Wireshark gives system administrators a deeper insight into how their network is behaving, and if attacked, it allows the system administrator to see exactly which packets are being abused, emulated, redirected or simply just messed with. It’s a very powerful tool for both offensive and defensive security, and is a staple in the arsenal of many security researchers and ethical hackers.
In this article, I’ve covered the very fundamentals of the tools needed to start penetration testing/ethical hacking. Admittedly, the tools that I’ve explored in this article are very basic and, in order to actually execute a penetration test, more tools are needed. However, this article does provide a detailed overview of some of the necessary tools needed from the outset.
While Kali Linux is not 100% necessary to hack, it makes it a hell of a lot easier to do so. For instance, you probably wouldn’t want to play football in slippers because football boots are the optimal footwear for the sport. Kali Linux is the football boot of hacking — you can probably use something else, but why would you when it has everything you need?
Nmap and Wireshark are 2 fantastic tools that enable the user to analyse network traffic and entities in different ways, yet are both complimentary to each other. There are alternatives of course, but again, if the tool has everything you need to make the job at hand easier, then why deviate from that?
As an overview, this article has answered some very basic questions that will hopefully provide clarity on what each tool is capable of and the use cases associated with it. Next time, I’ll be exploring how we can intercept traffic on an IoT device by using a Raspberry Pi to remotely host it. Exciting stuff, right?
If you’re an ethical hacker, security researcher, or IoT hobbyist, sign up for early access to the platform at www.iotabl.com & join our growing community at https://discord.gg/GAB6kKNrNM.