Hacking was used to help with gaining information about system for IT purposes when it was brought to the public’s attention as something that was not all bad. It is now days that hacking has taken on a darker meaning thanks to those who use their skills for personal gain while hurting others.
When you look at the positive end of the hacking scale, there are multiple multimillion dollar companies that have hackers employed in their IT departments in order to help test the strength of their systems so that they know where they are most vulnerable and can beef up a large company, hackers will only as far as they are allowed into the system and then help the company to fix the holes that they find. This help is what earns them the large salary the companies pay them to help keep their information protected.
Before you begin to hack, there are steps that you need to follow in order to make sure that you are prepared for experience of hacking that you will gain when you try and hack into a system. We have talked about these steps before in previous chapters, but they are worth going over again just to ensure that you are fully prepared when it comes to hacking into the system that you are granted access to.
(Part 1)
Step One: Programming language is a necessity when it comes to hacking. As we’ve talked about earlier, there is a variety of different programming languages that you can learn and it is best that you learn all of them so that you have a well-rounded knowledge of programming languages. It is vitally important that you know how to program speaks and works with the operating system that it is on. The more that you know, the easier that it will be for you to be able to gain access to the network.
Unix uses a C programming language and this teaches the memory how to work and knowing how this works is vitally important to learning how to hack into system.
Python and Ruby are programming languages that are both very powerful programming languages that are used to automate a variety of tasks.
PHP and Perl is used for web applications and is a very reasonable choice for those who are in the hacking field.
If you are going to be scripting, you should be using Bash. This program easily manipulates the Unix and Linux systems therefore doing most of the job for you.
Assembly is the most basic language that you processor is going to understand. All you programs can and will interpret assembly as it is most basic language that any computer has. If you do not have a good knowledge of assembly, then you will never truly be able to exploit a program.
Step Two: You need to know your target. It is vitally important that you gather as much information as possible on the target that you are planning to hack. In getting this information you will need to be able to find the weak spots in their system. There is a chance that you’re going to need to have different approaches in order to get into the system should you find that your initial approach is not the way to go. The more that you know about your target, the less chance that you’ll find a surprise while you are hacking the system. When you gather information on your target it is known as enumeration.
(Part 2)
Step One: You’re going to want to use a *nix terminal for all your commands that you’re going to be using when it comes to hacking. Cygwin is a good program that will actually emulate the *nix for those users who use Windows. If you do not have access to Cygwin, then it is best that you use Nmap which will run off WinPCap while you’re still on windows even through you’re not using Cygwin. However, the downside to Nmap is that it will run poorly on the Windows operating system because there is a lack of raw sockets.
When you’re actually hacking, you’re most likely going to want to consider using BSD or Linux as both these operating systems are flexible no matter what type of system you are using. But, it is important to know that linux will have more tools that are pre-installed and ultimately more useful to you when it comes to your hacking ventures.
Step Two: Make sure that the machine you ar using to hack is actually secured. You’re going to need to make sure that you are protected before you go hacking into anyone else’s system. If you are not secured, then there is a possibility that you are going to be traced and they will be able to get ahold of you and even file a lawsuit against you because they now know where you are.
If you’re hacking a system that is a friend, family member, or a companies, make sure that you do not do without permission of the system’s owner. The permission needs to ultimately be handwritten so that there are no repercussions that can come back on you.
If you do not feel comfortable attaching someone else’s system. then you always have the option of attacking your own system in order to find your own securities flaws. In order to do this, you’ll need to setup virtual laboratory to hack.
Step Three: You’re going to want to make sure that you can reach the system in which your are trying to attack. You can use pin utility tool in order test and see if your target is active, however, the results form this cannot always trusted. If you are using a ping utility tool, the biggest flaw you will find that the system administrator will actually be able to turn their system off and therefore causing you to loss your target.
Step Four: You’re going to need to run a scan of those ports on the system that your trying to attack by using pOf or Nmap in order to check and see which ports are actually open on the machine. Along with telling you which ports are actually open on the targeted machine. Along with telling you which ports are open, you’ll be to to see what type of firewall is being used as well as which kind of router is being used.
Knowing this type of information is going to help you to plot your course of action in attacking the targeted system. In order to activate the OS detection using Nmap, you’re going to use the -O switch.
Step Five: Ports such as those that use HTTP or FTP are going to more often then not be protected ports and are only going to become unsecure and discoverable when they are exploited.
Ports that are left open for LAN gaming such as TCP and UDP are often forgotten much like the Telnet ports.
Any ports that are open usually evidence of a SSH (secure shell service) that in running of your target. Sometimes these ports can be forced open with brute force in order to allow you access to them.
Step Six: Before you’re able to gain access to most machines, there passwords that you’re going to have crack. You are able to use brute force in order to crack the password as one of the ways that you can try get into a system. When you use brute force, your effort of trying possible passwords contained within pre-defined dictionary is put onto a software program and used to try and crack the password.
Before that users of any website or system are highly discouraged from using passwords that are weak and easy to crack, sometimes using brute force can take some time to the brute force techniques in an effort to lower the time that it takes to crack a password.
You can also improve your cracking speed by using cracking algorithms. Many hashing algorithms can be weak and therefore are exploited in using their weakness in order to easily gain access to the system that you’re trying to attack.
For Example, if you have a MD5 algorithm and cut it in 1/4, you will then have a huge boost in the speed used to crack the password.
Graphics cards are also now being used as another sort of processor that you can gain access to. Gaining access to a graphics card is a thousand times faster than it is to crack a password or use an algorithm is order to attack the system.
It is highly advised that you do not try and attempted every possible password option when you are trying to access a machine remotely. If you’re going to use this technique, then you’re more than likely going to be detected due to the pollution of system logs and it will take years to complete.
When you’re using an IP Address to access a proxy, you’re going to need to have a rooted tablet as well as install a program called TCP scan. The TCP will have a signal that will upload and allow you to gain access to the secure site that you’re trying to attack.
In the end, when you look at it, the easiest way to gain access to any system is to find a way that dose not require you to have to crack a password.
Step Seven: If you’re targeting a *nix machine, you’re going to need to try and get the root privileges. When you’re trying to gain access to a Windows system, you’re going to need to get the administrator privileges.
If you want to sell the the files on the system, you’re going to need to have a super-user privileges, Having super user privileges allows you to have an account that will give access as a root user in the Linux or BSD systems.
Even if you’re wanting to have access to the most basic kinds of files on a computer, you’re going to need to have some kind of privileges that will allow you to see the files. So, no matter what, if you’re wanting to see anything on a computer, you’re going to need to have some sort of privileges that will allow you to see what is one the network. These privileges will come from the system administrator.
A system that uses a router will allow you to have access to the system by using an admin account. The only reason that you would not be able to have access to it is if the router password has been changed by the router administrator. If you’re using a Windows operating system, then you’re going to have to have to access to administrator account.
Remember that if you gain access to the operating system, that dose not mean that you will have access to everything that is on the operating system. In order to have access to everything, you’re going to need to have a root account, super user account, or an administrator account.
Step Eight: There are ways that you can create a buffer overflow so that you can then use in order to give yourself super user status. The buffer overflow is what allows the memory to dump therefore giving you access to inject a code or in order to perform a task that is on a higher level then what you are authorized to do.
Software that is bugged usually has a setuid bit set in the unix system. This system allows a program to execute a task as if it were a different user.
Once again it is important that you get the administrators permission in writing before you being to attack an insecure program on their operating system.
Step Nine: You worked hard to get into the system, you’re going to want to make sure that you do not use up as much time getting back out. The moment that you have access to system that is as SSH server, you will be able to create what is known as a backdoor so that you can gain access back to the system whenever you want without spending nearly as much time as you did the first time. A hacker that is experienced is more likely to have a back door in order to have a way using complied software.
Step Ten: It is vitally important that you do not allow the system administrator to know that you got into their system and that is has been compromised. The way that you can ensure that they do not know is to not make any changes to website or create more files than what you’re to need to create. You also should not create any additional users or you’re going to instantly send up a red flag to the administrator.
If you are using a patched serve such as an SSHD server, you’re going to need to code your password so that no one can log in using that password. If they happened to log in with that password, they will then have access that they should not have and they will have access to crucial information that you’re most likely not going to want them to have access to.
When someone begins to try and log into system, you need to get immediately before you are caught. If caught, you’re going to face some serious charges.
