Hacker Perspective: Gazza
I am a hacker. Looking back over the years, there were other titles that I aspired to obtain including engineer, programmer, and even supreme ruler of the universe. The last one warranted a call to my parents when I was in school. Yet, the title of hacker is the most challenging, most rewarding, and a badge I wear proudly.
When I was younger (for a point of reference, 300 baud modems were considered "fast" and programs were recorded on cassette tapes), I considered myself a hacker because I could manipulate video games. I was especially fond of the Wizardry series. After installing and playing for a bit, I would work my way through the save files until I located the lines that were responsible for gold, experience, damage, etc. and give my character a few upgrades. This was quite popular with my friends, and lasted until the creators of Diablo II started saving the profiles server-side.
While calling myself a hacker then was probably a bit presumptuous at the time (since anyone with the Konami Code was a hacker too, by that definition), it is where I started my journey. Many life lessons and almost two decades later, I have updated my definition of a hacker. I have come to realize that it isn't what you do or what you hack, but what is inside that makes a person a hacker. For example, if in a pen-test scenario, Alice hacks the Gibson and gets a shell, then she could be considered a hacker. If Alice gives her report to Bob and he follows the instructions step by step and gets a shell, then is Bob a hacker too? I would argue no, Bob is not a hacker; he is script kiddie, even though he achieved the same result. Then, if it isn't the result, is it the process that defines who is a hacker? If that is indeed the case, consider this scenario. Eve performs a "man-in-the-middle" attack when Alice sends the report to Bob and she uses the report to get a shell too. Then is Eve a hacker as well? Hopefully, at this point you can see that trying to use a defined standard, process, or skill set that demarcates hackers from non-hackers is a fruitless endeavor. This makes my job of convincing you, the reader, that my first sentence is in fact true, significantly more difficult.
I alluded earlier that it is what's inside that separates hackers from non-hackers. Thus, in order to isolate the qualities that I feel contribute to my hacker mentality, I started looking online at various websites including Gallup's Clifton StrengthsFinder Assessment and Myers-Briggs Type Indicator. The one that appealed to me the most was the Gallup's Clifton StrengthsFinder Assessment. If you are not familiar with StrengthsFinder, the premise is that your strengths can be determined based on your answers to a series of questions. I opted to get only my top five traits, but for the right price you can get even more.
I contemplated on holding off and revealing at the end what was listed as number one, but why wait? We all have important things to hack. So, without further adieu, it is... ideation. Gallop defines this trait "as a person who is fascinated by ideas and is able to make them connect." Do you do that, too? I wouldn't be surprised if "ideation" was among the top five for most of the 2600 reader audience. The caveat that all 2600 articles need to be published here first only emphasizes the concept that 2600 contributors are good at coming up with new ideas. Even after 30 years, there doesn't seem to be a shortage of new ideas for authors to write about. The long running section entitled "The Telecom Informer" has endured the test of time and something I look forward to in each issue because it is always fresh with new ideas and perspectives.
What about the other part, specifically "making the ideas connect?" Programmers do this naturally, especially when debugging, because it forces you to consider a new way to get the program to compile. Even my own personal scripts (not worthy of publication, but they do make my life easier) are a testament of how ideas congealed. All the tools in Kali were born from someone who was able to reduce the complexity of the task into meaningful bits of code and get them to interact in a language that is foreign to most of the world.
However, connecting ideas is not limited just to the software side of things. Captain Crunch made the connection that, by using a toy whistle from a cereal box, he could generate a 2600 hertz tone. Or, if we step back even further, David Condon used a Davy Crockett Cat and Canary Bird Call Flute to generate the necessary tones. However, my favorite hardware hack of all time was Gaurav Khanna's PlayStation 3 cluster, because it had never occurred to me to turn gaming consoles into supercomputers.
Enough with ideation. Let's move on to number two. The second trait on my list was strategic. Gallop defines strategic as "People who create alternative ways to proceed. Faced with any given scenario, they can quickly spot the relevant patterns and issues." Consider this: to date, the exploit database contains over 3000 modules. These exploits were written by authors who were able to see alternatives in how a program functions. Quick question: if you were to conduct a pen-test, would you load up Metasploit and start down the list of exploits until you find one that works? Well, that is one way to do it, but may increase the odds of finding future work in that particular field. A preferred method is to take the data from the information gathering phase ("spot the relevant issues and patterns") and then farm a game plan. Most pen-testers worth their salt will tell you that every pen-test has its nuisances. What worked for Company A probably won't work again for Company B. On some pen-tests, you are on site and have Kali, back box, Pentoo, etc. fired up and ready to go; on others, you have to have a plan to do it remotely.
But being strategic is not only limited to selecting the right tool for the job, but also on how to use them. While open-source tools are created to make your life as a pen-tester easier, but this very same code is what the IDS developers leverage for their systems.
For instance, take Nmap. While it is a great tool for port scanning, knowing which flags to set and how fast to scan is important to avoid detection. Running nmap -A [insert lP address here] does provide a great deal of information for you, but a quieter approach would be to use a TCP FIN scan. The Social Engineering Toolkit (SET) is another great example. Including the exploit into the phishing attempt is the easy part, but selecting your target and crafting the email - so that the victim doesn't get the impression that you are a Nigerian prince - requires a bit more strategy. Some of the truly great ones are strategic enough to write their own tools. My hat goes off to you folks.
My third trait was that of achiever. Gallop defines an achiever as a person who "takes great satisfaction from being busy and productive." The key word here from me is "productive" and I translate that into "never say die." In keeping with the pen-testing scenario from earlier, I feel this trait can be applied here as well.
Being an achiever makes the information gathering phase of a pen-test less daunting since you can feel busy from the beginning and productive too when a vulnerability is discovered. While it is tempting to dive right into the exploitation phase, especially if the vulnerability found is one that has worked in the past, greater satisfaction is derived from having multiple entry points. This is especially true if the first attempt fails and you have to move on to your second, third, or even fourth plan of attack. I also feel the customer appreciates a pen-tester who is an achiever because, when they read the final report and see all the hours and effort that went into the pen-test, they know they got their money's worth.
At this point, you may perceive me as an individual, cloaked in a hoodie of unnatural darkness, sitting on top of a throne made of Club-Mate crates, who can dispense shells like lightning bolts. That, however, is simply not true; I recycle. Moreover, I am part of a team and we each have our roles.
Why am I dispelling the illusion of grandeur I worked so earnestly to create? Because my fourth strength is that of a relator. A relator is defined as a person who "finds deep satisfaction in working hard with friends to achieve a goal." While pwning a system is fun in its own right, working with my team is the reason I go to work day in and day out. I also feel that a relator's role is to share the knowledge that they have gained. Thus, when I am not hiding behind a terminal, you can also find me at my local hackerspace and various security conferences sharing the things that I have learned and gaining wisdom from those better than myself. Being a relator is what inspired me to write this article.
Finally, my last trait is that of a learner. A learner is defined as a person who "has a great desire to learn and wants to continuously improve." Each morning, I try to catch up on the latest alerts, blog postings, patches, and releases. When I get home, I like to keep reading. My personal library at the moment has no less than 20 unread books. The topics range from programming in Ruby, packet analysis, toolkits I should be using, Arduino projects, to various cybersecurity-related science fiction. Please don't neglect the sci-fi; some of my better ideas were inspired from fictitious plots. I am also preparing for the CISSP certification.
In conclusion, what is my definition of a hacker? I define a hacker as a person who has lots of ideas, can implement them strategically, doesn't give up, shares information with others, and never ever stops learning. This is by no means the only combination of traits, nor the best, that a hacker would possess, but they are mine.
Have I convinced you that I am a 1337 haxor, like Alice, or just another script kiddie, like Bob? In the end, it doesn't really matter. My hopes were to inspire you, the reader, to recognize the traits inside each of you so you can be a better hacker.
[Shout outs: To my mom; I am sorry for yelling each time you picked up the phone and disconnected me.]
Recently, Gazza has been delving into the world of robotics. He has recently purchased a turtlebot and is keenly interested in exploring Simultaneous Localization and Mapping (SLAM) and visual odometry. He is also the proud father of two child processes with uptimes of 1.58e+8 s and 6.3e+ 7 s respectively.