HOW TO HACK

0 comments

HOW TO HACK

  1. 1
    Learn a programming language. You shouldn't limit yourself to any particular language, but there are a few guidelines.


  • C is the language the systems are built with. It teaches something that's very important in hacking: how memory works.
  • Python or Ruby are modern, powerful scripting languages that can be used to automate various tasks.
  • Perl is a good choice in this field as well, while PHP is worth learning only because it's what newbies use to "hack" poorly written web-applications (forums, blogs etc).
  • Bash scripting is a must. That is how to easily manipulate most servers—writing one-line scripts, which will do most of the job.
  • ASM is a must-know. It is an all-purpose Java bytecode manipulation and analysis framework. You can't truly exploit a program if you don't know ASM.






  • 2
    Know your target. The process of gathering information about your target is known as enumeration. The more you know in advance, the fewer surprises you'll have.

    • Hacking

    1. 1
      Use a *nix terminal for commands. Cygwin will help emulate a *nix for Windows users. Nmap in particular uses WinPCap to run on Windows and does not require Cygwin. However, Nmap works poorly on Windows systems due to the lack of raw sockets. You should also consider using Linux or BSD, which are both more flexible, more reliable, and more secure. Most Linux distributions come with many useful tools pre-installed.
    2. 2
      Secure your machine first. Make sure you fully understood all common techniques, including how to protect yourself. Start with basics—have you found a server hosting a site about racism or other bad activities? Try to hack it, any way you can. Don't change the site, just make it yours.
    3. 3
      Test the target. Can you reach the remote system? While can use the ping utility (which is included in most operating systems) to see if the target is active, you can not always trust the results—it relies on the ICMP protocol, which can be easily shut off by paranoid system administrators.
    4. 4
      Determine the operating system (OS). Run a scan of the ports. Try pOf, or nmap to run a port scan. This will show you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action. You can activate OS detection in nmap by using the -O switch.
    5. 5
      Find a path or open port in the system. Common ports such as FTP (21) and HTTP (80) are often well protected, and possibly only vulnerable to exploits yet to be discovered.
      • Try other TCP and UDP ports that may have been forgotten, such as Telnet and various UDP ports left open for LAN gaming.
      • An open port 22 is usually evidence of an SSH (secure shell) service running on the target, which can sometimes be bruteforced.
    6. 6
      Crack the password or authentication process. There are several methods for cracking a password, including brute force. Using brute force on a password is an effort to try every possible password contained within a pre-defined dictionary of brute force software
      • Users are often discouraged from using weak passwords, so brute force may take a lot of time. However, there have been major improvenments in brute-force techniques.
      • Most hashing algorithms are weak, and you can significally improve the cracking speed by exploiting these weaknesses (like you can cut the MD5 algorithm in 1/4, which will give huge speed boost).
      • Newer techniques use the graphics card as another processor—and it's thousands of times faster.
      • You may try using Rainbow Tables for the fastest password cracking. Notice that password cracking is good technique only if you already got the hash of password.
      • Trying every possible password while logging to remote machine is not a good idea, as it's easily detected by intrusion detection systems, pollutes system logs, and may take years to complete.
      • It's often much easier to find other way into system, than cracking password.
    7. 7
      Get super user (root) privileges. Try to get root privileges if targeting a *nix machine, or administrator privileges if taking on Windows systems.
      • Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer you need super user privileges—a user account that is given the same privileges as the "root" user in Linux and BSD operating systems.
      • For routers this is the "admin" account by default (unless it has been changed); for Windows, this is the Administrator account.
      • Gaining access to a connection doesn't mean you can access everything. Only a super user, the administrator account, or the root account can do this.
    8. 8
      Use various tricks. Often to gain super user status you have use tactics such as creating a buffer overflow, which is causing the memory to dump that allows you to inject a code or perform a task at a higher level than you're normally authorized.
      • In unix-like systems this will happen if the bugged software has setuid bit set, so program will be executed as different user (superuser for example).
      • Only writing or finding an insecure program that you can execute on their machine will allow you to do this.
    9. 9
      Create a backdoor. Once you have gained full control over a machine, it's a good idea to make sure you can come back again. This can be done by backdooring an important system service, such as the SSH server. However, your backdoor may be removed during the next system upgrade. A really experienced hacker would backdoor the compiler itself, so every compiled software would be a potential way to come back.
    10. 10
      Cover your tracks. Never let the administrator know that the system is compromised. Do not change the website (if any), do not create more files than you really need. Do not create any additional users. Act as quickly as possible. If you patched a server like SSHD, make sure it has your secret password hard-coded. If someone tries to login with this password, the server should let them in, but shouldn't contain any crucial information.


    Tips

    • Read books discussing TCP/IP networking.
    • Hackers are those that built the internet, made Linux, and work on open source software. It is advisable to look into hacking, as it is respected and requires a lot of professional knowledge to do anything serious in real environments.
    • There is a major difference between a hacker and a cracker. A cracker is motivated by malicious (namely: money) reasons; a hacker is attempting to gain knowledge through exploration, at any cost and in any way—not always legal.
    • Although it's great that there are many legal, safe training grounds available for anyone, the sad truth is that you won't become even mediocre if you won't perform potentially illegal actions. You can't become anyone if you won't find real problems on real systems, with the real risk of getting caught. Keep that in mind.
    • Remember, hacking is not about breaking into computers, getting well paid job, selling exploits on the black market, nor helping anyone compromise secure machines. You're not here to help admin do his job. You're here to become the best.
    • Keep in mind, if your target is not doing their best to keep you out, you won't ever become good. Of course, don't get cocky, don't think about yourself as the best of the best. Make this your goal: you must become better and better. Every day that you didn't learn something new is a wasted day. You are all that counts. Become best, at any cost. There are no half-ways, you must give fully yourself. As Yoda would say, "Do or do not. There is not try."
    • Unless you're an expert, professional hacker, using these tactics on a popular corporate or government computer is asking for trouble. Keep in mind there are people a bit more knowledgeable than you who protect these systems for a living. Once found, they sometimes monitor intruders to let them incriminate themselves first before legal action is taken. This means you might think you have free access after hacking into a system, when in fact, you're being watched, and may be stopped at any moment.

    Warnings

    • Hacking into someone else's system may be illegal, so don't do it unless you are sure you have permission from the owner of the system you are trying to hack or you are sure it's worth it and you won't get caught.
    • Misuse of this information may be a local and/or federal criminal act (crime). This article is intended to be informational and should only be used for ethical purposes and never for illegal purposes.
    • Do not delete entire logfiles, instead, just remove only the incriminating entries from the file. The other question is, is there a backup logfile? What if they just look for differences and find the exact things you erased? Always think about your actions. The best thing is to delete random lines of log, including yours.
    • Be extremely careful if you think you have found a very easy crack or a crude mistake in security management. A security professional that protects that system may be trying to trick you or may be setting up a honeypot.
    • If you aren't confident with your skills, stay away from breaking into government and military networks. Even if they have weak security, they have strong money to trace and bust you. If you do find a hole in such network, it's best to hand it to more experienced hacker that you trust, who can put these systems to good use.
    • Although you may heard the opposite, don't help anyone patch their programs or systems. This is considered extremely lame and leads to being banned from most real hacking communities. And if you would release a private exploit someone found, he can become your enemy—and he's probably better than you are.
    • Never do anything just for fun. Remember it's not a toy to hack into network, but a power to change the world. Don't waste that on childish actions.

    Things You'll Need

    • A (fast operating) computer with a connection to the Internet.
    • A proxy (Optional)
    • An IP scanner
    • Petaflops help


     by.................................................................................................................................................................


    0 comments:

    Subscribe to: Posts (Atom)