.

Teach me hacking?

<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Sat Oct 27, 2007 10:06 pm

Teach me hacking?

I get asked all the time what is hacking and how do you do it. To someone new it seems so mysterious. Its not really. Think of it this way, we are trying to connect or network with another computer in a new way. A way out of the ordinary. That’s what hacking is all about. Doesn’t matter whether it’s hardware or software. We are taking something beyond what its intended. We are making it do what we want.  We shake it , squeeze it, bend it, whatever it takes to make it happen and we have the ability to  hang in there as long as it takes. We take advantage of over worked and pressured coders that rush a little too fast. Not their faults. They have to or lose their jobs. It’s a rush to the market and they always feel they can patch at another time. Should there be a law that forces coders to write safe and good code?  I hate more restrictions on our freedom, but I also hate getting my identity stolen or my paypal account ripped also because some company was rushing to the market to make a fast buck! 

  If you already know how to network with other boxes you are half way there. Now think outside the box. How can you connect?  How can you force a connection?  Exploit?  Crack password?  Is there something in the network open? Most pen testers like me go for looking for the simple first. Did the admin get lazy? Is there something open?  If not is there something not patched?  Hmm, I cant still get in! Now its time for some creative social engineering.  That’s where most networks fail actually.  People are the weak link. Until we fix that we are all vulnerable.
Last edited by Kev on Sun Oct 28, 2007 10:42 am, edited 1 time in total.
<<

slimjim100

User avatar

EH-Net Columnist
EH-Net Columnist

Posts: 385

Joined: Wed Nov 08, 2006 12:50 pm

Location: Atlanta

Post Sun Oct 28, 2007 9:02 am

Re: Teach me hacking?

Kev I fully agree with this and this is possibly the best explanation of hacking I have heard. Explained in its truest form.

Brian
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
<<

n00b@hacking

Newbie
Newbie

Posts: 2

Joined: Mon Oct 29, 2007 1:48 am

Post Mon Oct 29, 2007 1:56 am

Re: Teach me hacking?

Hey i'm a noob already had the concept of hacking though... i study Computer Science and just started hacking and studying about security about a week ago.

I'm trying to test the security of the webpage of the company where a relative works to start but since i'm a noob i can only use tools :P can you tell me where I can get .pm's or exploits for metasploit?? it doesn't have many for linux and i scanned the webpage and it's running apache 2.0.51 over FEDORA so... also it has the unfiltered port for mysql running an old insecure version (according ton nessus :P) can you guide me??
<<

Florin

Newbie
Newbie

Posts: 29

Joined: Thu May 03, 2007 8:57 am

Post Mon Oct 29, 2007 2:31 am

Re: Teach me hacking?

Welcome to Ethical Hacker Network Forum.

What you are trying to do is not just unethical, but it's illegal too.
So if you expect to get some help in doing something unethical, this is not the place to do it.

Maybe you should start over your process of learning how to hack, with the laws you have to obey in order to not get yourself in trouble.

The next step will be setting up a virtual lab and practice there.
Last edited by Florin on Mon Oct 29, 2007 2:37 am, edited 1 time in total.
Security+, OSCP, CISM, CISSP
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Oct 29, 2007 8:42 am

Re: Teach me hacking?

Also, depending on what type of security is setup on this web server they may have already seen you and are watching out for you now since you ran a Nessus scan... (lots of traffic).
<<

sedated

User avatar

Newbie
Newbie

Posts: 37

Joined: Sun Oct 07, 2007 11:36 pm

Post Mon Oct 29, 2007 9:22 am

Re: Teach me hacking?

n00b@hacking wrote:Hey i'm a noob already had the concept of hacking though... i study Computer Science and just started hacking and studying about security about a week ago.

I'm trying to test the security of the webpage of the company where a relative works to start but since i'm a noob i can only use tools :P can you tell me where I can get .pm's or exploits for metasploit?? it doesn't have many for linux and i scanned the webpage and it's running apache 2.0.51 over FEDORA so... also it has the unfiltered port for mysql running an old insecure version (according ton nessus :P) can you guide me??

  I wouldnt recomend actually pen testing untill you have a solid ethicall foundation.You dont want to get  charged with a computer crime that could possibly harm youre future career as a ethical hacker.Start bye reading everything you can on networks and hacking and then practice at home on a home network. :)
<<

n00b@hacking

Newbie
Newbie

Posts: 2

Joined: Mon Oct 29, 2007 1:48 am

Post Tue Oct 30, 2007 4:36 pm

Re: Teach me hacking?

Whoa! you guys really misunderstood me, i am no cracker, my mom is the equivalent of a CIO of the enterprise, there's no one above her in charge of information, data processing etc.  I'm simply trying to see if there are wholes and prove they can be exploited, i've already got the wholes, just don't know what to do with them, i hardly think she'll press charges, think of it as a security assessment... anyways regarding the nessus thing i found a server that keeps no log and has the 8080 port open so i think i did all that analysis anonymously... my question was more about who can guide me in the becoming a hacker process, i've already hacked computers in lan me and a couple of friends are learning the arts of hacking together, this is just an experiment. 
<<

Florin

Newbie
Newbie

Posts: 29

Joined: Thu May 03, 2007 8:57 am

Post Tue Oct 30, 2007 5:36 pm

Re: Teach me hacking?

It's a good thing that you are trying to learn how to hack, but my advice is to do this in a test/virtual environment or in a LAN that is just for testing purposes (of course, that LAN has to be yours or you should have the written approval of the owner).

Messing up with production servers is a dangerous thing, as you said, you are still learning, you don't know what's the impact of your scans to the server.

On the other hand, even if your mother is the CEO of the company, you still shouldn't make a security assessment without having a signed agreement between you and the company - so called Get out of jail card.

Is the Security Officer / IT Manager informed about this? If your mother is the only person that knows about this ... it's just not right, you know?
Do you think that in case that server is compromised while you are doing your assessment, and a forensic analysis is performed, it will be easy for her/you to explain your actions?

Try to keep the learning process in a controlled environment and you will be just fine.

And now to answer your question: try searching this forum, I'm sure that you would find some great books that describe the process of ethical hacking step by step.
Security+, OSCP, CISM, CISSP
<<

matthiasfan

Newbie
Newbie

Posts: 25

Joined: Tue Aug 07, 2007 2:18 pm

Post Wed Oct 31, 2007 5:53 am

Re: Teach me hacking?

Yeah, just because your mother is high up, doesn't mean that other people will not get offended for having someone try to hack their system.  If there are IT guys, get with them and create a virtual machine to run at your house to try to hack.  This way no data is corrupted and nothing bad can happen.  Before you start any of this though, make sure you know how a network actually works.  This sounds very "noobish" info, but you should know how it works inside and out.  Once you learn that inside and out, then you can see the security flaws.  Such as when you start understanding about handshakes between computers, you can know how to make them do what YOU want them to.  Do a lot more reading before anything though.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software