Here's your first lesson.
You need to understand sockets from a programming perspective. You need to understand sending commands via the protocol you want. At the very start you will have to understand how network communications occur and the bits/flags/layers involved.
You need to understand sockets from a programming perspective. You need to understand sending commands via the protocol you want. At the very start you will have to understand how network communications occur and the bits/flags/layers involved.
yllus
Elite Member & Lifer
- Aug 20, 2000
- 20,577
- 432
- 126
Basically, learn how to program in whatever language the thing you're trying to hack is written in.
Figure out what the weak points in the system are likely to be.
Attack said weak points.
When it comes to websites, one typically looks at the input the site takes and sees if they can pass malformed values to gain unauthorized access. For example, for a number of months the AnandTech Forums had an RSS feed system for forum categories. It did not validate the forum ID # passed in, and thus people who knew the forum ID # for the moderator-only section could view topics in that section.
Google "SQL injection" and "cross site scripting".
Figure out what the weak points in the system are likely to be.
Attack said weak points.
When it comes to websites, one typically looks at the input the site takes and sees if they can pass malformed values to gain unauthorized access. For example, for a number of months the AnandTech Forums had an RSS feed system for forum categories. It did not validate the forum ID # passed in, and thus people who knew the forum ID # for the moderator-only section could view topics in that section.
Google "SQL injection" and "cross site scripting".
BrunoPuntzJones
Lifer
- Feb 24, 2001
- 14,513
- 4
- 81
Yeah, to be a "spook" and not be able to tell anyone what your job is, or a guy who is interviewed on tv with his face all blocky and voice changed, you'll need to be an engineering/programming genius.
You'll need access to lots and lots of hardware. You can't just go resetting your cable modem hoping for a new ip address every time some site locks you out
BrunoPuntzJones
Lifer
- Feb 24, 2001
- 14,513
- 4
- 81
Originally posted by: nakedfrog
Where can I learn to be a Mafia hitman?
Now THAT I can teach you.
Originally posted by: BrunoPuntzJones
Yeah, to be a "spook" and not be able to tell anyone what your job is, or a guy who is interviewed on tv with his face all blocky and voice changed, you'll need to be an engineering/programming genius.
You'll need access to lots and lots of hardware. You can't just go resetting your cable modem hoping for a new ip address every time some site locks you out
I do that for rapidshare with my DSL modemOriginally posted by: LoKe
Originally posted by: nakedfrog
Where can I learn to be a Mafia hitman?
Now THAT I can teach you.
You has mafia in Canada?
halik
Lifer
- Oct 10, 2000
- 25,696
- 1
- 0
ArmchairAthlete
Diamond Member
- Dec 3, 2002
- 3,763
- 0
- 0
1) Smash the stack
2) ???
3) Profit.
I had a small-ish assignment to exploit a buffer overflow vulnerability in a C program and then print my own message.
2) ???
3) Profit.
I had a small-ish assignment to exploit a buffer overflow vulnerability in a C program and then print my own message.
alkemyst
No Lifer
- Feb 13, 2001
- 83,769
- 19
- 81
Seriously...it's like places to race cars. No one tells really or the good sources dry up.
Back in the days right prior to the Great Hacking war before hacking made you part of America's most wanted, a dude called our house (It was around late 80's maybe...) and asked this question.
He was able to trace our connection and then access phone records. We wanted to learn more. My brother and I gave him a list of books/gfiles to read (as a joke, ones in our bookshelves on UNIX, x.25 networks, etc). Told him to call back when he was done.
Dude read them all and knew the crap hands down. Later became pretty skilled at figuring out some really cool stuff. When on to become a CTO of one of the original private ISP's, multi millionaire by 25.
Today there is really 99% script kiddies. No one really does great hacks anymore...it's hard to play though when you are looking at fed time for getting caught.
I pulled out of it right after both the FBI and AT&T had a family sit down with us.
You can search for cDc, Phrack, 2600 (which may have meetings in your city), etc.
You start outside the rabbit hole and work your way in.
Our biggest profit was a local phone bridge that was not on the record so no billing/auditing took place. It was a local call for us was where the N word comment was dropped to Corrupt by Eric Bloodaxe who thought he was SN.
In our day the big places were tchh, altgiers, lutzifer, QSD...
Hacking is like Engineering or Medicine...you need to pick a niche to focus on.
Figure out something really good and get hired for big $$$.
Back in the days right prior to the Great Hacking war before hacking made you part of America's most wanted, a dude called our house (It was around late 80's maybe...) and asked this question.
He was able to trace our connection and then access phone records. We wanted to learn more. My brother and I gave him a list of books/gfiles to read (as a joke, ones in our bookshelves on UNIX, x.25 networks, etc). Told him to call back when he was done.
Dude read them all and knew the crap hands down. Later became pretty skilled at figuring out some really cool stuff. When on to become a CTO of one of the original private ISP's, multi millionaire by 25.
Today there is really 99% script kiddies. No one really does great hacks anymore...it's hard to play though when you are looking at fed time for getting caught.
I pulled out of it right after both the FBI and AT&T had a family sit down with us.
You can search for cDc, Phrack, 2600 (which may have meetings in your city), etc.
You start outside the rabbit hole and work your way in.
Our biggest profit was a local phone bridge that was not on the record so no billing/auditing took place. It was a local call for us was where the N word comment was dropped to Corrupt by Eric Bloodaxe who thought he was SN.
In our day the big places were tchh, altgiers, lutzifer, QSD...
Hacking is like Engineering or Medicine...you need to pick a niche to focus on.
Figure out something really good and get hired for big $$$.
alkemyst
No Lifer
- Feb 13, 2001
- 83,769
- 19
- 81
In reality much of the times the easiest thing to do to get a password is to get to know someone or get physically onsight. Too many people have there passwords as something related to them or written at their desk.
Those that manage systems of old got to see plain text passwords and learn what people were using...once you had a list of the top 10 or so and knew the naming conventions for accounts it was a matter of just working a list.
At that time we weren't out to break stuff though...just get time on a machine that we normally would not have access too.
Today people get in and think it's fun to delete stuff.
Too true. However, a simple dictionary list would do just as well in the case of weak passwords. But like I said, usually those places aren't worth getting into. And the art of hacking isn't about passwords, it's getting in through a technical way. Guessing passwords is worthless, and helps no one. The whole point is to get in and explain how.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter