Tweet
Hack & Hackers
Hacking can be difficult and there are many different ways to hack and many different exploits to use. Hacking is neither defined nor limited by exploitation or exploration. Hacking is also illegal, so don't do it unless you are sure you have permission from the owner of the system you are trying to hack.
Hacking, in the good 'ol days was mostly discovering information, about systems and computing in general. In recent years it has taken dark connotations and in general has been looked down upon. Likewise, many corporations now employ "hackers" to test the strengths and weaknesses of their own systems. These hackers know when to stop, and it is the positive trust they have built that earns large salaries.
Now days there are white hat, grey hat and black hat hackers. White hats, good guys, blacks being malicious hackers and greys that are somewhere in between. The term "Hacker" does not necessarily mean that the person is bad or is doing anything wrong or illegal, unless you are talking about getting into someone else's system.
Steps
Know a programming language. C++ is good to know, but hardly easier to learn than Vietnamese.
Use Cygwin for Windows or *nix. Plain Windows and DOS will get you nowhere fast. (reader's note: this is purely biased opinion. The same tools the author uses can be found for Windows based machines. NMap particularly, uses WinPCap to run on WIndows and does not require Cygwin)
Know your target. Can you reach the remote system? Run a Ping scan of the form: ping <ipaddress> and there are some other commands you can use.
Also, try tracert <ipaddress> and this will show you how they are connected to the network.
Determine the OS(operating system). Why is this important? How can you gain access to a system if you don't know what the system is? This step involves running a scan of the ports.
Try pOf. nmap runs a port scan, showing you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action.
After finding open ports and determining the operating system, you have to find some path into the system proper, unless for instance you find ftp or telnet wide open.
Often you will run into a password. There are several methods for cracking a password. There is brute force, where a program(or you) try every possible number and letter combination as user and password. There is also dictionary cracking, where a program or you attempt certain words in lists. Less often the password is default or guessable.
Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer you need super user privaleges. This is root in *nix os's, admin usually in routers, Administrator in Windows XP and so on. Just because you have gained access doesn't mean you can access everything, only the super user can do this.
Often to gain super user status you have use various tricks such as creating a "buffer overflow" which is basically causing the memory to dump and allowing you to inject a code or perform a task at a higher level then you're normaly authorized. Only writing or finding an insecure program that you can execute on their machine will allow you to do this.
Using the above tactics on a popular or government computer will probably get you busted unless you cover your tracks *very* well. You must keep in mind there *are* people a bit smarter than you working for money to catch intruders into their systems. They sometimes even get a bonus for each intruder they expose.
Tips
Keep away from hacking government agency's systems!
No matter how good you are, remember that the "white hat" hackers are also trying to find you. They might be better than you, and in fact, if you are reading this they surely are.
Buy books discussing TCP/IP networking.
THIS article discusses what is known in the hacking world as "cracking".
White hat hackers are those that built the internet, made linux, and work on open source software. Black hats only want to destroy. It is advisable to look into white hat hacking, as it is respected and less likely to get you arrested.
Hacking, in the good 'ol days was mostly discovering information, about systems and computing in general. In recent years it has taken dark connotations and in general has been looked down upon. Likewise, many corporations now employ "hackers" to test the strengths and weaknesses of their own systems. These hackers know when to stop, and it is the positive trust they have built that earns large salaries.
Now days there are white hat, grey hat and black hat hackers. White hats, good guys, blacks being malicious hackers and greys that are somewhere in between. The term "Hacker" does not necessarily mean that the person is bad or is doing anything wrong or illegal, unless you are talking about getting into someone else's system.
Steps
Know a programming language. C++ is good to know, but hardly easier to learn than Vietnamese.
Use Cygwin for Windows or *nix. Plain Windows and DOS will get you nowhere fast. (reader's note: this is purely biased opinion. The same tools the author uses can be found for Windows based machines. NMap particularly, uses WinPCap to run on WIndows and does not require Cygwin)
Know your target. Can you reach the remote system? Run a Ping scan of the form: ping <ipaddress> and there are some other commands you can use.
Also, try tracert <ipaddress> and this will show you how they are connected to the network.
Determine the OS(operating system). Why is this important? How can you gain access to a system if you don't know what the system is? This step involves running a scan of the ports.
Try pOf. nmap runs a port scan, showing you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action.
After finding open ports and determining the operating system, you have to find some path into the system proper, unless for instance you find ftp or telnet wide open.
Often you will run into a password. There are several methods for cracking a password. There is brute force, where a program(or you) try every possible number and letter combination as user and password. There is also dictionary cracking, where a program or you attempt certain words in lists. Less often the password is default or guessable.
Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer you need super user privaleges. This is root in *nix os's, admin usually in routers, Administrator in Windows XP and so on. Just because you have gained access doesn't mean you can access everything, only the super user can do this.
Often to gain super user status you have use various tricks such as creating a "buffer overflow" which is basically causing the memory to dump and allowing you to inject a code or perform a task at a higher level then you're normaly authorized. Only writing or finding an insecure program that you can execute on their machine will allow you to do this.
Using the above tactics on a popular or government computer will probably get you busted unless you cover your tracks *very* well. You must keep in mind there *are* people a bit smarter than you working for money to catch intruders into their systems. They sometimes even get a bonus for each intruder they expose.
Tips
Keep away from hacking government agency's systems!
No matter how good you are, remember that the "white hat" hackers are also trying to find you. They might be better than you, and in fact, if you are reading this they surely are.
Buy books discussing TCP/IP networking.
THIS article discusses what is known in the hacking world as "cracking".
White hat hackers are those that built the internet, made linux, and work on open source software. Black hats only want to destroy. It is advisable to look into white hat hacking, as it is respected and less likely to get you arrested.
Warnings
Misuse of this information may be a local and/or federal crime. This article is intended to be informational and should only be used for ethical purposes.
Misuse of this information may be a local and/or federal crime. This article is intended to be informational and should only be used for ethical purposes.
negarane ma nabash parinaz, shayad be darde khodet ham khord
Comment