In popular media, hackers are often portrayed as villainous characters who illegally gain access to computer systems and networks. In truth, a hacker is simply someone who has a vast understanding of computer systems and networks. Some hackers (called black hats) do indeed use their skills for illegal and unethical purposes. Others do it for the challenge. White hat hackers use their skills to solve problems and strengthen security systems.These hackers use their skills to catch criminals and to fix vulnerabilities in security systems. Even if you have no intention of hacking, it’s good to know how hackers operate to avoid becoming a target. If you’re ready to dive in and learn the art, guyasong teaches you a few tips to help you get started.
Step 1:
Learning the Skills Needed to Hack
1. Understand what hacking is
Broadly speaking, hacking refers to a variety of techniques that are used to compromise or gain access to a digital system. This can be a computer, mobile phone or tablet, or an entire network. Hacking involves a variety of specialized skills. Some are very technical. Others are more psychological. There are lots of different types of hackers that are motivated by a variety of different reasons.
2 . Understand the ethics of hacking.
Despite the ways hackers are depicted in popular culture, hacking is neither good nor bad. It can be used for either. Hackers are simply people who are skilled in technology who like to solve problems and overcome limitations. You can use your skills as a hacker to find solutions to problems, or you can use your skills to create problems and engage in illegal activity.
Warning: Gaining access to computers that don’t belong to you is highly illegal. If you choose to use your hacking skills for such purposes, be aware that there are other hackers out there who use their skills for good (they are called white hat hackers). Some of them get paid big bucks to go after bad hackers (black hat hackers). If they catch you, you will go to jail.
3. Learn how to use the internet and HTML.
If you are going to hack, you’ll need to know how to use the internet. Not just how to use a web browser, but also how to use advanced search engine techniques. You will also need to know how to create internet content using HTML. Learning HTML will also teach you some good mental habits that will help you with learning to program.
4. Learn how to program.
Learning a programming language might take time, so you need to be patient. Focus on learning to think like a programmer instead of learning individual languages. Focus on similar concepts in all programming languages.
- C and C++ are the languages that Linux and Windows were built with. It (along with assembly language) teaches something very important in hacking: how memory works.
- Python and Ruby are high-level, powerful scripting languages that can be used to automate various tasks.
- PHP is worth learning because the majority of web applications use PHP. Perl is a reasonable choice in this field as well.
- Bash scripting is a must. That is how to easily manipulate Unix/Linux systems. You can use Bash to write scripts, which will do most of the job for you.
- Assembly language is a must-know. It is the basic language that your processor understands, and there are multiple variations of it. You can’t truly exploit a program if you don’t know assembly.
Step 2: Hacking
1. Secure your machine first.
To hack, you must need a system to practice your great hacking skills. However, make sure you have the authorization to attack your target. You can either attack your network, ask for written permission, or set up your laboratory with virtual machines. Attacking a system without permission, no matter its content is illegal and will get you in trouble.
- Boot2root are systems specifically designed to be hacked. You can download these systems online and install them using virtual machine software. You can practice hacking these systems.
2. Know your target.
The process of gathering information about your target is known as enumeration. The goal is to establish an active connection with the target and find vulnerabilities that can be used to further exploit the system. There are a variety of tools and techniques that can help with the enumeration process. Enumeration can be performed on a variety of internet protocols including, NetBIOS, SNMP, NTP, LDAP, SMTP, DNS, and Windows and Linux systems. The following is some information you want to gather:[5]
- Usernames and group names.
- Hostnames.
- Network shares and services
- IP tables and routing tables.
- Service settings and audit configurations.
- Applications and banners.
- SNMP and DNS details.
3. Test the target.
Can you reach the remote system? While you can use the pingutility (which is included in most operating systems) to see if the target is active, you cannot always trust the results — it relies on the ICMP protocol, which can be easily shut off by paranoid system administrators. You can also use tools to check an email to see what email server it uses.
- You can find hacking tools by searching hacker forums.
4. Run a scan of the ports.
You can use a network scanner to run a port scan. This will show you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action.
5. Find a path or open port in the system.
Common ports such as FTP (21) and HTTP (80) are often well protected, and possibly only vulnerable to exploits yet to be discovered. Try other TCP and UDP ports that may have been forgotten, such as Telnet and various UDP ports left open for LAN gaming.
- An open port 22 is usually evidence of an SSH (secure shell) service running on the target, which can sometimes be brute-forced.
6. Crack the password or authentication process.
There are several methods for cracking a password. They include some of the following:
- Brute Force: A brute force attack simply tries to guess the user’s password. This is useful for gaining access to easily-guessed passwords (i.e. password123). Hackers often use tools that rapidly guess different words from a dictionary to try to guess a password. To protect against a brute force attack, avoid using simple words as your password. Make sure to use a combination of letters, numbers, and special characters.
- Social Engineering: For this technique, a hacker will contact a user and trick them into giving out their password. For example, they make a claim they are from the IT department and tell the user they need their password to fix an issue. They may also go dumpster-diving to look for information or try to gain access to a secure room. That is why you should never give your password to anybody, no matter who they claim to be. Always shred any documents that contain personal information.
- Phishing: In this technique, a hacker sends a fake email to a user that appears to be from a person or company the user trusts. The email may contain an attachment that installs spyware or a keylogger. It may also contain a link to a false business website (made by the hacker) that looks authentic. The user is then asked to input their personal information, which the hacker then gains access to. To avoid these scams, don’t open emails you don’t trust. Always check that a website is secure (includes “HTTPS” in the URL). Log in to business sites directly instead of clicking links in an email.
- ARP Spoofing: In this technique, a hacker uses an app on his smartphone to create a fake Wi-Fi access point that anyone in a public location can sign into. Hackers can give it a name that looks like it belongs to the local establishment. People sign into it thinking they are signing into public Wi-Fi. The app then logs all data transmitted over the internet by the people signed into it. If they sign in to an account using a username and password over an encrypted connection, the app will store that data and give the hacker access. To avoid becoming a victim of this heist, avoid using public Wi-Fi. If you must use public Wi-Fi, check with the owner of an establishment to make sure you are signing in to the correct internet access point. Check that your connection is encrypted by looking for a padlock in the URL. You can also use a VPN.
7. Get super-user privileges.
Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer you need super-user privileges — a user account that is given the same privileges as the “root” user in Linux and BSD operating systems. For routers this is the “admin” account by default (unless it has been changed); for Windows, this is the Administrator account. There are a few tricks you can use to gain super-user privileges:
- Buffer Overflow: If you know the memory layout of a system, you can feed it input the buffer cannot store. You can overwrite the code stored in the memory with your code and take control of the system. [7]
- In Unix-like systems, this will happen if the bugged software has setUID bit set to store file permissions. The program will be executed as a different user (super-user for example).
8. Create a backdoor.
Once you have gained full control over a machine, it’s a good idea to make sure you can come back again. To create a backdoor, you need to install a piece of malware on an important system service, such as the SSH server. This will allow you to bypass the standard authentication system. However, your backdoor may be removed during the next system upgrade.
- An experienced hacker would backdoor the compiler itself, so every compiled software would be a potential way to come back.
9. Cover your tracks.
Don’t let the administrator know that the system is compromised. Don’t make any changes to the website. Don’t create more files than you need. Do not create any additional users. Act as quickly as possible. If you patched a server like SSHD, make sure it has your secret password hard-coded. If someone tries to log in with this password, the server should let them in, but shouldn’t contain any crucial information.