WEB How does one go about hacking?

Discussion in 'OT Technology' started by zaphod, Jun 3, 2008.

  1. zaphod

    zaphod Smashing Treats!

    Joined:
    Jan 19, 2003
    Messages:
    18,213
    Likes Received:
    0
    Location:
    Betelgeuse
    First... let me say this is NOT a thread asking specifics. I don't want to know how they actually do it. Don't post links. Don't post how-tos.

    I'm simply curious because I read this story on stumble upon...
    http://blog.wired.com/27bstroke6/2008/05/comcast-hijacke.html

    It just makes me wonder how you'd ever go about learning that. I assume you just get into some IRC chats or something, and dudes would show you how.
    It makes me think though because I feel it's so underground, but at the same time it IS the internet, so anything that becomes 'known' becomes known to EVERYONE. I don't get how hacking stays so secretive. Do you just have to know a god-like amount of programming and figure it out yourself, or is there enough info where you can 'learn' and 'apply' while no one else knows.

    I'm just amazed at how (not necessarily in this story) 15 year old kids in China can hack the shit out of a high security database. How the fuck can you even do that? :confused:
    What makes it difficult to protect against these types of hacks when your programming your application or database? Are there really that many variables that you can't protect against... what makes them able to do this stuff?
     
  2. Mr J

    Mr J New Member

    Joined:
    Jun 4, 2004
    Messages:
    55,061
    Likes Received:
    1
    Location:
    England
    It's easy.
     
  3. lukin87

    lukin87 New Member

    Joined:
    Jan 11, 2008
    Messages:
    135
    Likes Received:
    0
    The more you know about something, the easier it will be to hack.

    If you know everything about how something works you will know what faults there are that could make it potentially vulnerable.

    I've done a lot of work with MySQL and PHP and occasionally i recognise potential vulnerabilities in websites. With enough experimentation i could potentially cause harm those sites... but i've got better things to do with my time.
     
  4. Finest

    Finest OG #93

    Joined:
    Mar 16, 2000
    Messages:
    30,750
    Likes Received:
    36
    Location:
    Wisconsin. Seriously.
    ibscriptkiddies
     
  5. crazybenf

    crazybenf Active Member

    Joined:
    Nov 14, 2001
    Messages:
    15,575
    Likes Received:
    2
    learn2beascriptkiddie.txt

    1) log off of #bearcave on mIRC (probably dalnet, you faggot.)
    2) open IE on your mom's eMachine
    3) http://www.milw0rm.com/
    4) search for mAd SpL01tZ yo.
    5) copy exploit. paste into server using pico/nano/joe. (because you're not man enough for vi)
    6) ./pWN
    7) sit there confused because it didn't work.
    8 - 99) still confused
    100) finally rtfm and figure out that you need to make the file +x
    101) ./h4xh4xh4x
    102) .......
    103) .......
    104) be amazed, you just hacked your first redhat machine.
    105) ??
    106) definitely not profit.
     
  6. Black98GPGT

    Black98GPGT im back....

    Joined:
    Feb 11, 2004
    Messages:
    14,537
    Likes Received:
    0
    Location:
    Chester
  7. crazybenf

    crazybenf Active Member

    Joined:
    Nov 14, 2001
    Messages:
    15,575
    Likes Received:
    2
  8. Deviance

    Deviance Can't you smell that smell? OT Supporter

    Joined:
    Jul 10, 2007
    Messages:
    4,988
    Likes Received:
    12
    Location:
    Rocky Mountain High
    The specific Comcast incident isn't really a hack.

    They got network Solutions to reset the use rinformation on the account used by Comcast to manage their domains.

    They then logged in and pointed the comcast.net website to their own server.

    Comcast wasn't hacked. Network Solutions was social engineered.
     
  9. maxxpower

    maxxpower OG Lauren Crew - Observer OT Supporter

    Joined:
    May 27, 2007
    Messages:
    26,348
    Likes Received:
    0
    Hacking is basically finding vulnerabilities and successfully exploiting them.
    From social engineering to web hosting, there are always vulnerably systems and procedures waiting to be exploited.

    There is no simple guide to "hacking" as it involves knowing a plethora of methods, systems etc.
    I've had the privilege to sit down with Stuart McLure
    http://www.amazon.com/exec/obidos/s...pe=ss&index=books&field-author=Stuart McClure
    and see live demonstrations of older unpatched systems being compromised.
    Today, as people and companies are now focusing their attention on security, it is becoming harder and harder to find vulnerable systems. But, they are out there.
    Read up on web security and exploits and you will get a good insight into what is required.
     
  10. HYBR|D

    HYBR|D Beep Beeeeee'p

    Joined:
    May 5, 2006
    Messages:
    2,009
    Likes Received:
    0
    Location:
    Ozz
  11. most updates to wordpress software and other things will already fix that. usually only works on homemade forms/php stuff, people who are inexperienced in clean syntax/coding and never escape their characters or add some sort of cleaning function in php to keep people from entering in malicious characters in a form.
     
  12. mondaynightmike

    mondaynightmike New Member

    Joined:
    Aug 10, 2004
    Messages:
    117,672
    Likes Received:
    0
    Location:
    DEFINITELY No *Unlinked* Cock Pics
    Just VPN On to said server, then VNC on to the server, crack password and your in.
     
  13. danza

    danza New Member

    Joined:
    Jul 9, 2005
    Messages:
    1,319
    Likes Received:
    0
    Location:
    california
    its easy. First you dial into the gibson. Then you download the trash file and store it in that place you put that thing that one time. Then wait for the fbi.

    HACK THE PLANET!
     
  14. HYBR|D

    HYBR|D Beep Beeeeee'p

    Joined:
    May 5, 2006
    Messages:
    2,009
    Likes Received:
    0
    Location:
    Ozz
    I'm watching Hackers, and i was re-reading this thread. :noes:

    i think the FBI'z are coming for me :coolugh:
     
  15. Insert Tokens

    Insert Tokens Making Cancer My Bitch OT Supporter

    Joined:
    Jan 12, 2006
    Messages:
    8,329
    Likes Received:
    75
    Location:
    Tasmania
    :rofl:

    It's in that place where I put that thing that time.. :squint:
     
  16. Ebtek

    Ebtek Afraid of 138

    Joined:
    Mar 19, 2000
    Messages:
    152,866
    Likes Received:
    1,073
    make sure you sleep in your clothes, because the last time they came, I was in my underwear with my dong hanging out and shit
     
  17. zaphod

    zaphod Smashing Treats!

    Joined:
    Jan 19, 2003
    Messages:
    18,213
    Likes Received:
    0
    Location:
    Betelgeuse

    :bowrofl: best part of the article
     
  18. Logik

    Logik Livin la vida broka

    Joined:
    Jun 30, 2000
    Messages:
    20,667
    Likes Received:
    1
    Location:
    The Steel City
  19. Cthalupa

    Cthalupa New Member

    Joined:
    May 5, 2006
    Messages:
    46,930
    Likes Received:
    0
    Location:
    Dallas, Texas
    Most start out using script kiddie shit, and never go beyond that. Some actually understand the concepts of why it works, and then learn more about specific pieces of software, and use what they know to apply those concepts to it, and find new vulnerabilities, etc.
     

Share This Page