Sign in to follow this  
Followers 0
LordRach

What now ?

21 posts in this topic

Hi,

I'm a Computer Sciences student and I was interested in hacking from the time I was a little boy. I have read many articles that speak about how to become a hacker. they all agreed that I should learn how to program and learn to use a linux distribution. now i have learned many programming languages (C/C++, Visual Basic, Java, Xhtml/css, php, and Javascript), i have also use a little of python and C# and many others. i have also used and learned many linux distributions (ubuntu, mandriva, backtrack,...), also i have learned some TCP/IP networking.

the question is : i'm i ready to get to some real hacking now that i have learned these ?

if yes, from where should i start, and where ?

thank you.

0

Share this post


Link to post
Share on other sites
Hi,

I'm a Computer Sciences student and I was interested in hacking from the time I was a little boy. I have read many articles that speak about how to become a hacker. they all agreed that I should learn how to program and learn to use a linux distribution. now i have learned many programming languages (C/C++, Visual Basic, Java, Xhtml/css, php, and Javascript), i have also use a little of python and C# and many others. i have also used and learned many linux distributions (ubuntu, mandriva, backtrack,...), also i have learned some TCP/IP networking.

the question is : i'm i ready to get to some real hacking now that i have learned these ?

if yes, from where should i start, and where ?

thank you.

I find it hard to believe you're telling the truth.

What exactly do you think "hacking" is?

0

Share this post


Link to post
Share on other sites

Maybe you need to start thinking more creatively.

0

Share this post


Link to post
Share on other sites

Read the FAQ, and all of the replies to everyone else's "where/how to learn hacking"

0

Share this post


Link to post
Share on other sites

You sound like you're ready. All you need to do now is read the k-rad leet hacker manual once you find it. It will teach you all you need to know. Once you finish it you will be ready to really start hacking!

0

Share this post


Link to post
Share on other sites
I find it hard to believe you're telling the truth.

What exactly do you think "hacking" is?

why would i lie anyway ?

Maybe you need to start thinking more creatively.

i'm actually working on a spy ware, it's my first, but i want to know what other hackers do

You sound like you're ready. All you need to do now is read the k-rad leet hacker manual once you find it. It will teach you all you need to know. Once you finish it you will be ready to really start hacking!

what is the k-rad leet hacker manual ?

Edited by LordRach
0

Share this post


Link to post
Share on other sites
i'm actually working on a spy ware, it's my first, but i want to know what other hackers do

Spyware sounds like you don't know what hacking is. if this is the realm you're looking into then your not going to get the answers your looking for.

Hackers think out of the box... they don't need to be told what to do.

Did you just learn how to program to hack a gibson? or did you learn how to program to say you know how to program?

0

Share this post


Link to post
Share on other sites

i just love computer sciences and especially programming, and the fact that i'm programming a spy ware doesn't mean anything. for me it's just a practice for my skills. i couldn't fin a better idea to start with. if you have an other suggestion then why not.

you said : Hackers think out of the box... they don't need to be told what to do.

well i'm not a hacker yet. that's why i'm asking for help to get started. don't tell what exactly to do, just give me the big picture of what hacker do either they are black or white hat.

this doesn't mean i don't know anything about it, but i just want to know your opinion.

Edited by LordRach
0

Share this post


Link to post
Share on other sites

You can't be taught to think outside the box. You can be an avid computer science fan your whole life without hacking. Hacking isn't a methodology it’s a philosophy; it's a way to think about/see 'problems' and how to solve them. You wont get "start at point A then move to point B" info. If you are so into CS like you say I find it hard to believe that you do not realize how to see 'problems' and solve them.

This is just my heavily opinionated post; many people have different ideas about hacking I spose. I might not even be a hacker, I just want to know how things work and after gaining this knowledge put it to use to solve problems.

I somehow doubt you will receive a clear “To hack, do this” or “you should starting thinking about moving on to this path now that you know all that”. It doesn’t work that way.

0

Share this post


Link to post
Share on other sites
If you are so into CS like you say I find it hard to believe that you do not realize how to see 'problems' and solve them.

i agree with you, but we have been taught to just learn how to use the tools (languages) to solve enterprise problems (Information systems, e-commerce, ...). that's the of education we get.

0

Share this post


Link to post
Share on other sites

Never let school interfere with your education man, it'll kill your mind. ;)

0

Share this post


Link to post
Share on other sites

LordRach... you haven't answered our question.... what is hacking to you?

0

Share this post


Link to post
Share on other sites

as far as i know, hackers are 3 categories :

- white hat : help solving security problems and finding bugs or software vulnerabilities and then find solutions to them.

- black hat : bad guys looking for destruction, they are also considered as criminals.

- gray hat : a mix of the 2 flavors.

that's the picture i have in my mind.

0

Share this post


Link to post
Share on other sites

There are no hats in hacking. At the risk of sounding stupid, hacking is a way of life. It's about thinking critically about every single situation, event, experience, object, etc. It's about being logical and looking at different angles. It's not about "how do I hack hotmail?" It's about seeing things as they were, are, and could be. It's about thinking in ways rarely thought or not thought at all.

The [black/gray/white]hat debate has gone on for quite a while by those who don't understand what hacking truely is.

So, if you think hacking is about writing malicious tools, programs, etc, you're wrong. Writing tools and programs can be a side-effect.

0

Share this post


Link to post
Share on other sites

From an interview with RMS

http://www.newscientist.com/article/mg1982...e-software.html

What does "hacker" mean to you?

A hacker is someone who enjoys playful cleverness. I know many people think it means security breaker, but since "hacker" is what we call ourselves in my community, I won't accept a derogatory meaning. If you want to refer to security breakers you should call them "crackers". You can be a hacker in a lot of different media, it doesn't have to be with computers. At the Massachusetts Institute of Technology there's an old tradition in which people "hack" buildings and public spaces, by putting up the famous "Nerd Crossing" road sign, for example. It didn't involve breaking any security and it was playful and clever.

0

Share this post


Link to post
Share on other sites

BTW, what is this "spy ware" you're working on? What does it do? How do you envision this thing working, and what is your end goal in developing this thing?

About 2-3 years ago, I set up a box to study spyware/adware/malware, just any old thing I could possibly pick up through Web browsing on an unprotected Win32 box. I deliberately installed little games and programs that were known to contain malware. I installed a Gnutella client, logged onto that network, downloaded and installed files that I was reasonably certain were infected, just to install them and then watch what they did on my network.

My approach was to install malware from only one source at a time, then watch its behavior. I used Wireshark to capture and analyze the network packets the programs sent and received, Process Explorer to observe the threads they generated (and which ones they killed off), and ARM to track changes they made to the registry. This was quite an educational experience and also good fun. One evening, I uncovered some script kiddie's botnet by watching his Gnutella-propagated malwares phoning home to their IRC channel. I'd gotten the IRC network's address, the channel name and channel password from watching his bot's activity on my machine, but every time I went into the channel using an IRC client, the botnet would kickban me. If I had a way to get on his operator bots' whitelist, I would have hung out in the channel and had a little chat with him.

Anyway, I'm kind curious about this project you're working on. Please do tell.

Edited by Colonel Panic
0

Share this post


Link to post
Share on other sites

Alright, as a "CS major" (I have serious doubts), in your labs you generally have a problem that you need to solve (code an application that does this and this without doing this, etc etc). And that's exactly what "hacking" is. You have a problem, you find a way to solve it. If you want to get around some sort of login screen, you find/code/whatever an alternative way in. That's a hack. If you fiddle with some web application software to make it more secure, that's a hack. If you simply want to make your media player run with a little bit better resource management, that's a hack, too.

Hacking is solving problems. That's it, that's the secret. Want to be a "hacker"? Find a problem and solve it. Bam.

Edited by xcalibur
0

Share this post


Link to post
Share on other sites
So, if you think hacking is about writing malicious tools, programs, etc, you're wrong. Writing tools and programs can be a side-effect.

+10000

Remember LordRach.

One hacks to learn...Not learn to hack.

You have a lot to learn. Stop thinking like you are.

I will tell you want a hacker really is, so you may know what you really are getting into.

A hacker is one who see a problem, then looks at it from every angle he can think of to solving that problem, then goes away and thinks about it more. He will find new angles he did not consider at first. Comes back to the problem then solves it in a way that others would of never thought of.

Why go through something when you can go around, over or under it?

You must rewire your brain, but I am sure you will get there, it will just take some time.

Take a step back and really look at what a hacker is. You will find the answer one day, but it will not be the one you wanted.

0

Share this post


Link to post
Share on other sites
BTW, what is this "spy ware" you're working on? What does it do? How do you envision this thing working, and what is your end goal in developing this thing?

About 2-3 years ago, I set up a box to study spyware/adware/malware, just any old thing I could possibly pick up through Web browsing on an unprotected Win32 box. I deliberately installed little games and programs that were known to contain malware. I installed a Gnutella client, logged onto that network, downloaded and installed files that I was reasonably certain were infected, just to install them and then watch what they did on my network.

My approach was to install malware from only one source at a time, then watch its behavior. I used Wireshark to capture and analyze the network packets the programs sent and received, Process Explorer to observe the threads they generated (and which ones they killed off), and ARM to track changes they made to the registry. This was quite an educational experience and also good fun. One evening, I uncovered some script kiddie's botnet by watching his Gnutella-propagated malwares phoning home to their IRC channel. I'd gotten the IRC network's address, the channel name and channel password from watching his bot's activity on my machine, but every time I went into the channel using an IRC client, the botnet would kickban me. If I had a way to get on his operator bots' whitelist, I would have hung out in the channel and had a little chat with him.

Anyway, I'm kind curious about this project you're working on. Please do tell.

Wow. That sounds very interesting. I would love to have been in that situation.

0

Share this post


Link to post
Share on other sites
BTW, what is this "spy ware" you're working on? What does it do? How do you envision this thing working, and what is your end goal in developing this thing?

About 2-3 years ago, I set up a box to study spyware/adware/malware, just any old thing I could possibly pick up through Web browsing on an unprotected Win32 box. I deliberately installed little games and programs that were known to contain malware. I installed a Gnutella client, logged onto that network, downloaded and installed files that I was reasonably certain were infected, just to install them and then watch what they did on my network.

My approach was to install malware from only one source at a time, then watch its behavior. I used Wireshark to capture and analyze the network packets the programs sent and received, Process Explorer to observe the threads they generated (and which ones they killed off), and ARM to track changes they made to the registry. This was quite an educational experience and also good fun. One evening, I uncovered some script kiddie's botnet by watching his Gnutella-propagated malwares phoning home to their IRC channel. I'd gotten the IRC network's address, the channel name and channel password from watching his bot's activity on my machine, but every time I went into the channel using an IRC client, the botnet would kickban me. If I had a way to get on his operator bots' whitelist, I would have hung out in the channel and had a little chat with him.

Anyway, I'm kind curious about this project you're working on. Please do tell.

the general idea is to make a spy ware witch behave like an ordinary image when it's lunched for the first time. then, it will install itself in the windows folder and add itself to the startup programs. then it will gather any possible information about the target machine. and possibly after that, I'll try to add a key logger functionality.

the data gathered will not be sent directly to me but it'll be sent to web server instead (via http).

that's the big picture of the project. my goal is not the spy ware itself, but i just want to get more experience about :

- client-server programming.

- windows registry.

- and finally, i want to learn about malicious programs by making one rather than reading others source code.

anyway, I liked all your suggestions and i'm willing to be a hacker more than ever. and now that i had a "good" understanding of what hackers do, i have one more question :D : where should i look for problems so that i can try to find solutions to them ? (open source projects ? bugs and security holes ? or making new programs that serves others ?)

0

Share this post


Link to post
Share on other sites

I'm curious about how you plan on having executable code behave like an image file? The only way I can think of to do this is find a weakness in a program that displays the image from the file, exploit it so that it runs the arbitrary code hidden within the image file, all the while keeping said arbitrary code hidden within the image.

This will require you to have extensive knowlege of image file formats, stenographic techniques, and most likely assembly language to start. Also given your target, Windows, you would need to take a collection of the most popular image viewing software, and reverse engineer them to find out HOW to format your image file to exploit a found weakness. This needless to say will be very very hard. Its not something you can find in a tutorial, or have someone answer for you on a forum, it will take a great deal of creativity, insight, and most importantly EXTENSIVE background knowlege. Also know that if you find a weakness in one particular program, it most likely will not work in the others.

To be perfectly honest with you, from the wording of your posts my guess would be you don't have nearly enough experience or knowlege to approach this project. Start smaller, read a book about computer archetecture. A good one I've read is Computer Organization and Design. This will teach you how computers are organized and how processors work, using the MIPS processor as a basis. Note that this is different than a x86 processor that common PC's use. Once you've read that and understand it, code a MIPS simulator in Java. Have it have several objects representing the different components of the processor (ALU, MUX, etc) and have them transfer information like the actual processor. In addition have it take some mips commands in a text file as input and output the result.

Once you have done that in Java, take it a step further and do it in C++.

Now to become a "hacker" you don't specifically have to do that exact problem. But you do have to do some serious studing and many, many, many problems with that level of difficulty and hopefully eventually harder. The fun part is finding problems that interest you personally and working out creative ways to solve them. This is so much more satisfying than the cheap thrill of infecting peoples machines and getting their info, and it affords more personal growth as well.

So to sum it all up, study more, start small, practice, study even more, play, and have fun. B)

->Colonel Panic: Thats pretty awesome! Were you able to figure out a way into the IRC channel?

Whoo now that was a long one... Sorry about the spelling guys, despite my best efforts I am useless without spellcheck.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0