We're back with another personal story from the infosec industry! This week we talked Max aka s.1.l.k.y. We find it important to share these stories because cybersecurity is a growing field with lots of potential for newcomers, but many aspiring ethical hackers are lacking in direction.
Let's take a look at Max's story.
How did you get started in cybersecurity?
Funny story, my stepfather always restricted my Wi-Fi time when I was like 13 years old. I have found a way to bypass his restrictions multiple times. Of course, he fixed the issues every time, he noticed I still got access to the internet. This continued until I had no more possibilities left. I then managed to crack his password and was in again.
After that I have thought the whole topic is a lot of fun and looked for more information. I installed Linux as my main system for the first time and was absolutely lost. I had no idea on how to use anything. But with time came knowledge. I then started to read articles, watched YouTube tutorials, and tried to reproduce the things I read and watched. I was just a script kiddie exploring a new world.
I have also started pwning hackthebox and vulnhub ctf challenges which I'm still doing today. After a while I've found a German infosec community of a small youtuber which is working as a pentester. In my federal state we have a lot cybersec companies, hackerspaces and so on. But in my hometown, I've met no other person who is also interested in pentesting yet, so I stayed in this small community. Each week we pwn machines together in our own little hacking team called "SMP Wolves" where I am our team captain.
This year during the Covid-19 epidemic I passed the OSCP exam. It was incredible. At first, I thought to not find a way to exploit the last privilege escalation but after a few hours I managed it and was extremely happy about it. Currently, I am working as a web developer and have absolutely no cyber security related tasks. Pentesting is my hobby just as bug bounty hunting. Normally I find vulnerabilities by testing out what I could do with certain things, this can be changing the value of something looking if that had an impact of my result.
Everytime I find a vulnerability I try to contact the vendor/developers and send them a report of what I have found. Because this is my hobby, I don't even care if I get a bug bounty. I just want to let them know that they have an unfixed issue which can be abused. Most time I just request a CVE ID for the issue. If I get one and a patch got released, I release my findings as well.
Hacking is not just a job. You must be passionate and curious.
What skills do you think are necessary to be a good cybersecurity professional?
That really depends on what you are interested in. For example, if you want to become a web application pentester or bug bounty hunter, knowledge of web development can be extremely helpful. Of course, you also have to build the think outside-the-box mindset. But as I said, the most important things are to be passionate and curious. If you know a system/application well enough you may be able to do things which were not intended by the developers.
If you could only give our readers 3 pieces on how to look for vulnerabilities, what would they be?
- Think outside the box, be creative
- Just think about what you could use to abuse and test out your possibilities.
- Remind that there is always something to find if you look deep enough
What was your experience in getting OSCP and what other certification you can recommend for aspiring ethical hackers?
Getting the OSCP certification was a lot of fun. The study material provided by offensive security is of a high quality. I trained a bit less than a year for it, by solving HacktheBox, Vulnhub, TryHackMe and the OSCP lab machines. It is an incredible journey and teaches you to "Try Harder" which means, whatever you do, do NOT give up. My next goal is to get the OSWE certification (from offensive security as well) which is based on web exploitation only.
Other great certification are OSCE, OSEP, OSWE, OSWP, CRTP, CEHv10 and Sec+ but in my opinion the offsec certs are the best.
If you could give our readers one piece of advice on how to get safer online, what would it be?
One advice would be to less, be careful in the net, criminals mostly do not choose their victims specifically (but of course that happens also really often), just be a bit paranoid on the web and do not click every link received. My three main tips are:
- Use 2factor authentication
- Think before you click (do not trust suspicious links/E-Mails)
- Never reuse passwords
Mcafee posted a nice article once on how to stay safe online.
What other resources that helped you in your journey?
To boost your privilege escalation knowledge I recommend two courses from Tib3rius:
- Windows Privilege Escalation: https://www.udemy.com/share/102EPcAEMYeFhUQX0D/
- Linux Privilege Escalation: https://www.udemy.com/share/101YYoAEMYeFhUQX0D/
To practice hacking there is nothing better than:
You can connect with Max on below social account:
LinkedIn: Maximilian Barz