Hacker Wannabe - If you're a hacker please come in

Ohh, and sorry for the shameless plug, but we have a few origonal hacking challenges here. in the challenge section. and for an even more shamless plug, an encryption hacking challenge / tutorial written by myself. http://www.astahost.com/qwijibows-cracking...enge-t4858.html It contains en encrypted web page, and the source code to the sotfware used to encrypt it. you must try to de-crypt it. Ive also included a spoiler, and a brute force source code i used to crack it. So far, its only been managed by MasterComputers.

Comment/Reply (w/o sign-up)

rantsh I salute you for doing what I did not have the guts to do!

I have read through quite a few tutorials/RFCs and other references at this point and while I have learned a great deal I am still a bit lost. I have been going to college for a Computer Science degree and I am now in my second year. I do basic to intermediate Java programming and I know HTML.   I have done little with C and C++. PHP frankly confuses me as I have not done much work with it or found a good reference. I have done bath files and limited DOS. I do simple troubleshooting for friends and family. I can read source code and with a little time and effort figure out what,how, and why. I personally think that the simple questions "Why?" and "How?" are the greatest questions ever devised by man. I love learning more and I think that I learn best by doing. I will start on a project and have a plan for what I want it to do and love it when I encounter something that I don't understand or know how to accomplish cause then I start on the journey of figuring out how to do it and inevitably learn something in the process.

I thought I would let you know a little about me and my background before I asked any questions as it would give you a better idea of what I seek.

 I love to learn and I love a good challenge, however I am finding it a bit difficult finding a good starting point to enter the wonderful and somewhat "mysterious" world of hacking. I have learned a good deal and found some good references by reading through the posts here and in a few other places but I have found that many of the sites that people praise and refer to no longer exist or have been moved. I have read the posts regarding hackr.Org and would love to find something like it with practice challenges to sharpen my teeth on but as of yet I have found none. I would love to find a site or reference that would offer some guidance to lead me from that limited background I have and teach me what I need to know to move forward as well as something that I can use to practice the skills I have learned. I am in no way asking for someone to hold my and show me the answers but instead point me in the right direction and give me a shove. As I mentioned before I love a good challenge and would love to find a exercise/challenge/goal to practice on without the risk of being arrested or committing any crimes. I want knowledge, not a criminal record or a path of destruction lying behind me.

Well if you have made it to this point in my post I thank you for listening to my ramblings and for any advise or guidance you can offer me.

                                                                                      -TDJ

 

 

 

 

Comment/Reply (w/o sign-up)

i dont really hack, but i explore all weak windows systems i encounter to learn all their weaknesses and just learn about them. you can tell a lot about someone from the programs they use and what's in their documents.
also, try this site: it is legal.
hackthissite.org
(sorry, i only know a little BBCode)
-wait, this is bbcode.
ok, [link]hackthissite.org[/link]
tell me if this helped!

Comment/Reply (w/o sign-up)

thanks for quoting the site try2hack
i think it'll help me alot

Comment/Reply (w/o sign-up)

You don't learn to be a 'hacker', in order to exploit security weaknesses in systems, websites etc. you first have to learn all about the system. Once you have studies and become well hearsed in what it is you want to break in to then it's simply a case of using your new found knowledge to test weaknesses.

For example, if you want to hack a website and it uses php, there is a page on the website where you can enter your email address to be added to the mailing list. Now we assume that when we enter our email address then that information will be added to a mysql database, which means the POST data sent will be inserted in to a query such as:

mysql_query("INSERT INTO maillist (email) VALUES ('".$_POST['email']."')");

Notice that the data isn't being processed and is just being input directly to the database (obviously we can't see the code but hacking is all about trial and error). So what we could type in to the email address form is:

x'); DROP TABLE maillist; --

Now what the new query will look like after the data has been inserted in to the query like above is:

INSERT INTO maillist (email) VALUES ('x'); DROP TABLE maillist; --

Now our unfortunate Mr WebHost has lost his entire mailing list because he didn't use mysql_real_escape_string before inserting his POST data.

Now this kind of thing you can expect to work on a site created by a complete noob to php programming, but very doubtful it will work on a pro's site, in fact it's probably impossible. When making attacks such as this you have to ensure you are selecting your targets carefully, some even put in measures to catch people in the act of hacking. I would demonstrate more examples over things such as .asp and through .exe files but I won't bother. I only learned about the different types of exploits myself to better protect my own software and website designs. Actually using this knowledge to cause random damage for no reason is just childish, it should only be used if you actually have a goal that needs accomplishing, such as gaining admin status for your favourite online game, or accessing a file on another persons computer and changing your college grades or such like.

Once you have the ability, USE IT RESPONSIBLY!!!

Comment/Reply (w/o sign-up)

Programming languages are a great help.

If you want to mess around with some web sites. Learn web design. A lot of successful hacks start with the knowledge of programming.

www.w3schools.com is a great reference and tutorial site for anything related to web programming. This includes from the basic HTML to more server side programming of ASP and PHP and SQL.

Also, www.hackthissite.org is a great website for hacking tutorials.

Remember that hacking could be considered a criminal offense, so be careful on what you get in to. Don't try to mess up something that isn't yours.

And for a security note, there is A LOT of *programs* that will claim to be a hackers tool that will do the work for you. Often these type of programs are designed to hurt the user more than anything. It is much safer(and much more of an accomplishment) if you learn how to make these type of tools for yourself.

Comment/Reply (w/o sign-up)