In the first episode I introduce the channel, myself and how future episodes will go.
Hello and welcome to the very first episode of the Sudo Social Club. I’m Edward Miro and in this inaugural episode I am going to introduce myself, explain what this podcast will be about and demonstrate the general format. I’m doing these episodes to not only learn more myself, but also to teach others, so if you’re already super advanced at hacking you might find this a bit basic or verbose. For those still learning or wanting to learn, this will be right up your alley. Either way I hope to create content that is fun, interesting and useful. Just a quick note: I am waiting for my new audio recording setup to be shipped to me so I know this quality isn’t the best. I was just really excited to get started and all future episodes will be higher quality.
I hope you enjoy!
The Sudo Social Club is a project centered around hacking capture the flags, wargames, crypto-challenges and vulnerable VM’s. I noticed there are many great write-ups and white papers for these types of challenges, and also amazing videos of very talented hackers doing walkthroughs. Where I seek to carve my own niche is to merge the two. I will be recording videos of me completing the challenges and also explaining in great detail what I’m doing, why I’m doing what I’m doing and as much information as I can fit into each recording. Even though the foundation will be video, I see this primarily as a podcast and will be publishing the audio only to the feeds. I always wished I could find a podcast with someone talking through hacking scenarios, so I’m gonna make it myself.
So my name is Edward Miro. I’ve been a part of the world of hacking and cybersecurity since the mid 90s. My first experiences were running old school script kiddie tools like sub7 which if you happened to be a kid in the late 80s and early 90s you know were super fun. I remember scanning blocks of IP address looking for vulnerable hosts. Once I found one, I’d HTTP enable their C: drive, which for those who don’t know allows me to put their IP address in my browser and see all the directories and folders on their drive. Then I would start a keylogger, view it in my browser and mainly just do stupid teenage pranks like open their disc drive, play weird sounds and make system dialogues pop up with silly messages. I went to a tech school in the early 2000s and got my degree in computer network and information systems, worked for big ISPs, small MSPs, network operation centers and even have been a speaker at hacker cons, mentor and judge at a hackathon and contributed a few episodes to Hacker Public Radio.
Before we go any further I just want to state officially that I don’t recommend anyone doing anything illegal with the knowledge you’ll learn here. Back in the days when I was messing around with remote access tools, cyber crime had barely become illegal and I was lucky I didn’t get arrested. These days the consequences of some of these techniques are pretty severe.
And that aspect alone is why I personally got into the types of challenges covered by this channel. How does one practice hacking or cyber security when most of the techniques are illegal? Well, a home lab is the usual go to. If you setup a network at home and hack machines that you own, it’s totally legal. But setting a lab is tough and can be expensive. Luckily around 2010 I found Metasploitable. Metasploitable is an intentionally vulnerable virtual machine that was made for us to practice using Metasploit. And these days sites like VulnHub are huge repositories that have 100s of Vms we can run and practice anything we want. From there I found out about hacking capture the flag competitions and wargame sites like OverTheWire and fell in love. To me these types of challenges are not only fun because I get to practice cyber security, but are in my opinion the most amazing puzzles. There are alternate reality games that are so good and immersive that some people get dangerously into them.
So my goal at this time will be to publish weekly and keep episodes to between 45-60 minutes. I’ll be recording my screen and talking through everything I’m doing and occasionally pausing to teach why it works and give a bit of depth to my demos to help those still starting out. I normally recommend those who want to learn about hacking, penetration testing and cyber security to have at least a strong understanding of networking. If you are familiar with the Net+ cert this is the level I mean. There’s a bunch of tests online to see where you’re at and 1000s of hours of video on YouTube to teach you the foundation you’ll need to go further. It’s not rocket surgery so don’t be intimidated. If I can learn this stuff so can you.
Each week I’ll be picking a vulnerable VM, challenge or CTF to work through with you. And together we will learn about all the techniques, protocols and workflows to hack all the things. I’m also going to maintain a really good reference page on www.sudosocialclub.com with links, a workflow cheatsheet and a feed of all my episodes for you to use anytime you need it.
If you want to follow along this is my basic setup:
Choice of operating system is highly personal and there are hackers who use anything from Windows to FreeBSD. Like many I use Kali Linux because it’s a distro built around security and pretty much already has all the tools installed. I run Kali through VirtualBox and that’s just my preference and you should try a few different setups and find what works best for you. I like running Kali in a VM because I can keep a main snapshot fully updated and pristine, then clone it for use on my projects and if I break it or need to start over I can delete the clone and I’m good to go.
I always start each session with pulling up my terminal and running:
apt-get update (Used to re-synchronize the package index files from their sources.)
apt-get upgrade (Used to install the newest versions of all packages currently installed on the system from the sources,)
apt-get autoremove (Cleans out any used dependencies after upgrade packages.)
This gives me a nice updated environment and I’m ready to go.
So I know this weeks episode was mostly me just setting the stage for what’s to come and I am excited to get started working through hacking challenges with you and teaching you what I’ve learned and learning more myself. I have been in and around the hacking world for a long time, but I’d never call myself an expert or an authority and am here to learn through teaching and always getting better myself. Most of you young CS students out there are much smarter than me, I’m just old and have a little more experience than you. The same goes with the audio/video recording. I’m a noob at that aspect for sure and if anyone has any feedback or recommendations on how I can improve the channel please leave a comment or email me at email@example.com.
If you like this idea and are excited for what’s to come please subscribe to the podcast through whatever podcatcher you found me through and please subscribe to the YouTube channel. Links to everything on sudosocialclub.com, including transcripts, and if you want to help the channel grow please share on your social media. Thanks for checking out the Sudo Social Club. Have a great week.