2015 - Archieve

Under the hood articles from the past.

Saturday, 24 October 2015

HoW tO HacK OR beCome HackeR


                    HoW  tO HacK OR beCome HackeR




Before You Hack Hacking
 Primarily, hacking was used in the "good old days" for learning information about systems and IT in general. In recent years, thanks to a few villain actors, hacking has taken on dark connotations. Conversely, many corporations employ hackers to test the strengths and weaknesses of their own systems. These hackers know when to stop, and the positive trust they build earns them a large salary.


If you're ready to dive in and learn the art, we'll share a few tips to help you get started!

Part 1 of 2: Before You Hack
1.
Learn a programming language. You shouldn't limit yourself to any particular language, but there are a few guidelines.
C is the language the Unix was built with. It (along with assembly language) teaches something that's very important in hacking: how memory works.
Python or Ruby are high-level, powerful scripting languages that can be used to automate various tasks.
Perl is a reasonable choice in this field as well, while PHP is worth learning because the majority of web applications use PHP.
Bash scripting is a must. That is how to easily manipulate Unix/Linux systems—writing scripts, which will do most of the job for you.
Assembly language is a must-know. It is the basic language that your processor understands, and there are multiple variations of it. At the end of the day, all programs are eventually interpreted as assembly. You can't truly exploit a program if you don't know assembly.
Ad
2.
Know your target. The process of gathering information about your target is known as enumeration. The more you know in advance, the fewer surprises you'll have.

Part 2 of 2: Hacking

1.

Use a *nix terminal for commands. Cygwin will help emulate a *nix for Windows users. Nmap in particular uses WinPCap to run on Windows and does not require Cygwin. However, Nmap works poorly on Windows systems due to a lack of raw sockets. You should also consider using Linux or BSD, which are both more flexible. Most Linux distributions come with many useful tools pre-installed.

2.
Secure your machine first. Make sure you've fully understood all common techniques to protect yourself. Start with the basics — have you found a server hosting a site about illegal or possibly bad activity? Attempt to hack it in any way you can. Don't change the site, just make it yours.

3.
Test the target. Can you reach the remote system? While you can use the ping utility (which is included in most operating systems) to see if the target is active, you can not always trust the results — it relies on the ICMP protocol, which can be easily shut off by paranoid system administrators.

4.
Determine the operating system (OS). Run a scan of the ports, and try pOf, or nmap to run a port scan. This will show you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action. You can activate OS detection in nmap by using the -O switch.

5.
Find a path or open port in the system. Common ports such as FTP (21) and HTTP (80) are often well protected, and possibly only vulnerable to exploits yet to be discovered.
Try other TCP and UDP ports that may have been forgotten, such as Telnet and various UDP ports left open for LAN gaming.
An open port 22 is usually evidence of an SSH (secure shell) service running on the target, which can sometimes be brute forced.

6.
Crack the password or authentication process. There are several methods for cracking a password, including brute force. Using brute force on a password is an effort to try every possible password contained within a pre-defined dictionary of brute force software
Users are often discouraged from using weak passwords, so brute force may take a lot of time. However, there have been major improvements in brute-force techniques.
Most hashing algorithms are weak, and you can significantly improve the cracking speed by exploiting these weaknesses (like you can cut the MD5 algorithm in 1/4, which will give huge speed boost).
Newer techniques use the graphics card as another processor — and it's thousands of times faster.
You may try using Rainbow Tables for the fastest password cracking. Notice that password cracking is a good technique only if you already have the hash of password.
Trying every possible password while logging to remote machine is not a good idea, as it's easily detected by intrusion detection systems, pollutes system logs, and may take years to complete.
It's often much easier to find another way into a system than cracking the password.

7.
Get super-user privileges. Try to get root privileges if targeting a *nix machine, or administrator privileges if taking on Windows systems.
Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer you need super-user privileges - a user account that is given the same privileges as the "root" user in Linux and BSD operating systems.
For routers this is the "admin" account by default (unless it has been changed); for Windows, this is the Administrator account.
Gaining access to a connection doesn't mean you can access everything. Only a super user, the administrator account, or the root account can do this.

8.
Use various tricks. Often, to gain super-user status you have to use tactics such as creating a buffer overflow, which causes the memory to dump and that allows you to inject a code or perform a task at a higher level than you're normally authorized.
In unix-like systems this will happen if the bugged software has setuid bit set, so the program will be executed as a different user (super-user for example).
Only by writing or finding an insecure program that you can execute on their machine will allow you to do this.

9.
Create a backdoor. Once you have gained full control over a machine, it's a good idea to make sure you can come back again. This can be done by backdooring an important system service, such as the SSH server. However, your backdoor may be removed during the next system upgrade. A really experienced hacker would backdoor the compiler itself, so every compiled software would be a potential way to come back.

10.
Cover your tracks. Don't let the administrator know that the system is compromised. Don't change the website (if any), and don't create more files than you really need. Do not create any additional users. Act as quickly as possible. If you patched a server like SSHD, make sure it has your secret password hard-coded. If someone tries to log-in with this password, the server should let them in, but shouldn't contain any crucial information.

Tips
Unless you're an expert or a professional hacker, using these tactics on a popular corporate or government computer is asking for trouble. Keep in mind there are people a bit more knowledgeable than you who protect these systems for a living. Once found, they sometimes monitor intruders to let them incriminate themselves first before legal action is taken. This means you might think you have free access after hacking into a system, when in fact, you're being watched, and may be stopped at any moment.
Hackers are those who built the internet, made Linux, and work on open source software. It's advisable to look into hacking as it's quite respected, and requires a lot of professional knowledge to do anything serious in real environments.
Keep in mind, if your target is not doing their best to keep you out, you won't ever become good. Of course, don't get cocky, don't think about yourself as the best of the best. Make this your goal: you must become better and better. Every day that you didn't learn something new is a wasted day. You are all that counts. Become best, at any cost. There are no half-ways, you must give fully of yourself. As Yoda would say, "Do or do not. There is no try."
Although it's great that there are many legal, safe training grounds available for anyone, the sad truth is that you won't become even mediocre if you don't perform potentially illegal actions. You can't become anyone if you won't find real problems on real systems, with the real risk of getting caught. Keep that in mind.
Remember, hacking is not about breaking into computers, getting a well paid job, selling exploits on the black market, nor helping anyone compromise secure machines. You'renot here to help the admin do his job. You're here to become the best.
Read books discussing TCP/IP networking.
There is a major difference between a hacker and a cracker. A cracker is motivated by malicious (namely: money) reasons, while hackers attempt to retrieve information and gain knowledge through exploration - ("bypassing security"), at any cost and in any way which may not always be legal.
Ad
Warnings
Hacking into someone else's system may be illegal, so don't do it unless you are sure you have permission from the owner of the system you are trying to hack or you are sure it's worth it and you won't get caught.
Be extremely careful if you think you have found a very easy crack or a crude mistake in security management. A security professional protecting that system may be trying to trick you or setting up a honeypot.
Never do anything just for fun. Remember it's not a game to hack into a network, but a power to change the world. Don't waste that on childish actions.
If you aren't confident with your skills, avoid from breaking into corporate, government, or military networks. Even if they have weak security, they could have a lot of money to trace and bust you. If you do find a hole in such network, it's best to hand it to more experienced hacker that you trust who can put these systems to good use.
Don't delete entire logfiles, instead, just remove only the incriminating entries from the file. The other question is, is there a backup logfile? What if they just look for differences and find the exact things you erased? Always think about your actions. The best thing is to delete random lines of log, including yours.
Misusing this information may be a local and/or federal criminal act (crime). This article is intended to be informational and should only be used for ethical - and not illegal - purposes.
Although you may have heard the opposite, don't help anyone patch their programs or systems. This is considered extremely lame and leads to being banned from most hacking communities. And if you would release a private exploit someone found, this person may become your enemy — and this person is probably better than you are.

                                                                                                                  ~by omkar
                                                                    source ~ whttp://wikihow.com/iki-how

Tuesday, 22 September 2015

WHAT HACKERs DO


  WHAT HACKER DO

Thanks to the media, the word "hacker" has gotten a bad reputation. The word summons up thoughts of malicious computer users finding new ways to harass people, defraud corporations, steal information and maybe even destroy the economy or start a war by infiltrating military computer systems. While there's no denying that there are hackers out there with bad intentions, they make up only a small percentage of the hacker community.
The term computer hacker first showed up in the mid-1960s. A hacker was a programmer -- someone who hacked out computer code. Hackers were visionaries who could see new ways to use computers, creating programs that no one else could conceive. They were the pioneers of the computer industry, building everything from small applications to operating systems. In this sense, people like Bill Gates, Steve Jobs and Steve Wozniak were all hackers -- they saw the potential of what computers could do and created ways to achieve that potential.
A unifying trait among these hackers was a strong sense of curiosity, sometimes bordering on obsession. These hackers prided themselves on not only their ability to create new programs, but also to learn how other programs and systems worked. When a program had a bug -- a section of bad code that prevented the program from working properly -- hackers would often create and distribute small sections of code called patches to fix the problem. Some managed to land a job that leveraged their skills, getting paid for what they'd happily do for free.
As computers evolved, computer engineers began to network individual machines together into a system. Soon, the term hacker had a new meaning -- a person using computers to explore a network to which he or she didn't belong. Usually hackers didn't have any malicious intent. They just wanted to know how computer networks worked and saw any barrier between them and that knowledge as a challenge.­
In fact, that's still the case today. While there are plenty of stories about malicious hackers sabotaging computer systems, infiltrating networks and spreading computer viruses, most hackers are just curious -- they want to know all the intricacies of the computer world. Some use their knowledge to help corporations and governments construct better security measures. Others might use their skills for more unethical endeavors.
In this article, we'll explore common techniques hackers use to infiltrate systems. We'll examine hacker culture and the various kinds of hackers as well as learn about famous hackers, some of whom have run afoul of the law.
In the next section, we'll look at hackers' tricks of the trade.

SUPER PHREAK
Before computer hackers, curious and clever individuals found ways to manipulate the phone system in a phenomenon called phreaking. Through phreaking, these individuals found ways to make long distance calls for free or sometimes just played pranks on other telephone users.


WHAT IS HACKING


       WHAT IS HACKING

  

In computer networking, hacking is any technical effort to manipulate the normal behavior of network connections and connected systems. A hacker is any person engaged in hacking. The term "hacking" historically referred to constructive, clever technical work that was not necessarily related to computer systems. Today, however, hacking and hackers are most commonly associated with malicious programming attacks on the Internet and other networks.

Origins of Hacking

M.I.T. engineers in the 1950s and 1960s first popularized the term and concept of hacking. Starting at the model train club and later in the mainframe computer rooms, the so-called "hacks" perpetrated by these hackers were intended to be harmless technical experiments and fun learning activities.
Later, outside of M.I.T., others began applying the term to less honorable pursuits. Before the Internet became popular, for example, several hackers in the U.S. experimented with methods to modify telephones for making free long-distance calls over the phone network illegally.
Hacking on computer networks is often done through scripts or other network programming. These programs generally manipulate data passing through a network connection in ways designed to obtain more information about how the target system works. Many such pre-packaged scripts are posted on the Internet for anyone, typically entry-level hackers, to use. More advanced hackers may study and modify these scripts to develop new methods. A few highly skilled hackers work for commercial firms with the job to protect that company's software and data from outside hacking.
Cracking techniques on networks include creating worms, initiating denial of service (DoS) attacks, or in establishing unauthorized remote access connections to a device.
  As computer networking and the Internet exploded in popularity, data networks became by far the most common target of hackers and hacking.

Hacking vs. Cracking

Malicious attacks on computer networks are officially known as cracking, while hacking truly applies only to activities having good intentions. Most non-technical people fail to make this distinction, however. Outside of academia, its extremely common to see the term "hack" misused and be applied to cracks as well.

Monday, 21 September 2015

Chat with Friends through ms dos Command Prompt


Chat with Friends through ms dos Command Prompt


1)
  All you need is your friend's IP Address and your Command Prompt.



2)  Open Notepad and write this code as it is.....!
@echo off
:A
Cls
echo MESSENGER
set /p n=User:
set /p m=Message:
net send %n% %m%
Pause
Goto A

3) Now save this as "Messenger.Bat".

4) Open Command Prompt.

5) Drag this file (.bat file) over to Command Prompt and press Enter.


6) You would then see Command Prompt Showing Some Thing Like This:
Messenger
Now, type the IP Address of the computer you want to contact and press enter

8) Now all you need to do is type your message and press Enter.
Start Chatting.......!

Popular Posts

Follow on Facebook

OMKAR MISHRA