This is a basic introduction to hax0ring. In this post, you'll get a basic understanding for hax0ring, methods of hax0ring, types of hax0rz, and more.
Types of Hax0rz
There are 3 types of hax0rz. There are the malicious "bad" hax0rs, there are the "good" usually corporate haxorz, and then there's those who fall in between the two.
[You must be registered and logged in to see this image.]
BLACK HAT HAX0RZ
People who hack for malicious purposes. Black hats usually hack illegally and are often portrayed as the "bad guys".
[You must be registered and logged in to see this image.]
GREY HAT HAX0RZ
People who fall in-between white hats and black hats. These hackers won't go out of there way to be malicious, but will perform in illegal malicious activity every now and then.
[You must be registered and logged in to see this image.]
WHITE HAT HAX0RZ
People who usually work for major companies. White hats are the rivals of black hats because they are considered the "good guys". They make sure the internet is safe and secure and spend most of their time fixing loop holes.
[You must be registered and logged in to see this image.]
Levels of Hax0rz
There are 3 levels of hax0rz just like there are 3 types of hax0rz. There are the the experts, the moderately skilled, and the beginners or newbies.
Computer Science Level
These are the expert hackers because they understand how network protocols and operating systems function. These are the hackers that code and program their own viruses, malware, rootkits, botnets, and can modify operating systems. This is the highest level of hackers because these people know to the fullest what they're doing and how to do it.
Technician Level
These are the hackers that typically use existing programs and tools that are created by other people (usually hackers on the computer science level). These hackers are educated enough to use tools and programs and slightly modify or tweak them, but they are not actually programming and developing the tools.
Script Kiddie / Skids
These are non-technical individuals who have no real experience in hacking and have somehow gotten their hands on malicious scripts, codes, or even tools in which they try to use and hack other people. These individuals are the lowest form of hackers and usually don't understand programming and coding orks and don't understand what their doing. A script kiddie can be someone who just got a computer and googled "hacking" and found some random code which can be used to do types of malicous damage.
Now that you have an understanding for the 3 different types of hax0rz and levels of hax0rz, we can move on to reasons why people may hax. People may hax for various types of things but a few main reasons why people do it are:
Hack for glory
Hack for money
Hack for revenge
Hack for security
Hack because you have to
HAX0RING FOR GLORY
People who hack for glory are often black hats, but can just as well be white or grey hats. These people want to be recognized and want everyone to know their name. You want to have a taste of fame by hacking, and make sure everyone knows it was you.
HAX0RING FOR MONEY
These people are also often black hats or white hats but can also be grey hats. These people may hack as a job and get paid for it (white hats) or they may illegally hack into bank accounts, steal credit card information, etc. (black hats). They may also sell their tutorials and tools to others which is a mix between grey and black since this is illegal.
HAX0RING FOR REVENGE
People who hack for revenge may be doing so because someone made you mad. For example someone may have hacked you, and you want to hack them back. Or maybe your girlfriend left you, and you want to hack her social media account. Anyone can do this but it is most commonly used amongst grey hats.
HAX0RING FOR SECURITY
This is basically a white hat hacker. Security hacking is all about finding exploits in your own system and then finding a way to patch them (This method is called penetration testing).
HAX0RING BECAUSE YOU HAVE TO
This could either be a black hat or a white hat. A white hat may have to hack because it's their job. However a black hat may feel it's his duty to hack governments because they have certain views.
Now we can move on to a few popular methods of hacking. Below are the most common ways of hacking, although there are many many more methods. You are not an expert hacker until you have all these methods mastered, which can take a very long time. To truly master some of these methods can take months or perhaps even years. Others can be mastered within a matter of days or weeks.
? Remote Administration Tools (RATs)
? Keyloggers
? Encryption
? Decryption
? Proxies
? Socks
? Virtual Private Networks (VPNs)
? Virtual Private Servers (VPSs)
? Windows
? Linux
? Unix
? FreeBSD
? All of the programming languages (C++, Java, C#, VB.NET, etc)
? Exploitation
? Structured Query Language Injection (SQLi)
? Cross Site Scripting (XSS)
? Remote File Inclusion (RFI)
? Local File Inclusion (LFI)
? Cracking
? Website Design
? Computer Security
? Network Administration
? Social Engineering (SEing)
While there are much more methods, these are the main ones. To be an excellent hacker, you need to have a majority of these mastered. That is very hard, and few people actually do. Mastering each one of these methods can take months and mastering all of them can take up to 7 years. Methods of hacking explained below:
HTML
Html is a very basic web-based programming language. HTML stands for HyperText Markup Language, and is the basic building block for most websites. It is a great starting point for beginners, as it helps gain an understanding of both the Internet, and programming. The HTML code for a website can be viewed by right clicking anywhere on the page, and clicking "View Page source". HTML can help further your career as a web designer, can help you understand the internet better, and help you understand how websites are made. However HTML is more of a white hat thing and can get boring for malicious hackers. If you are not planning on making a website, then you might not want to put as much time into learning HTML.
RATS
RAT is an acronym which stands for Remote Administration Tool. Wikipedia defines a RAT as: A Remote Administration Tool (a RAT) is used to remotely connect and manage a single or multiple computers with a variety of software tools. Its primary function is for one computer operator to gain access to remote PCs. One computer will run the "client" software application, while the other computer(s) operate as the "host(s)". RATs themselves are illegal, because they are used mostly for malicious purposes, but there are actual legal RATs. The thing that makes some RATs legal is permission. Legal Remote Administration Tools, such as TeamViewer, require the other computer to accept the incoming connection. In addition, legal RATs don’t have any malicious features built into them. RATS are mainly a black hat thing because they can give you access to sensitive data such as bank account info, and you can infect people with them. However if you are caught using RATS you can get into serious trouble and go to prison.
Cryptography
Cryptography is not so much a method of hacking, but it will definitely help you along the way. Cryptography is basically the act of encrypting/decrypting something (ex. a file) so that wandering eyes can’t see it. It is pretty much securing yourself and remaining anonymous. A great tool to use would be TrueCrypt.
Website Hacking
Website hacking is, obviously, the art of hacking websites. This can be done in numerous ways: SQL Injection, XSS, RFI, LFI.
SQLi
(Structured Query Language Injection)
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application (like queries). The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.
XSS
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables attackers to inject client-side script into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 80% of all security vulnerabilities documented by Symantec as of 2007.[1] Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.
RFI
Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to:
Code execution on the web server
Code execution on the client-side such as JavaScript which can lead to other attacks such as cross site scripting (XSS).
Denial of Service (DoS)
Data Theft/Manipulation
LFI
Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected.
Batch
Another programming start. Batch has been the starting point of a large amount of hackers. Batch refers to the Windows command line (So do this if you are using the Windows operating system). If you see things online that say “CMD hacks” “Batch viruses” or “Notepad Hacks” then you are seeing people talk about batch. Basically, it is used by opening a blank text document, and entering the script you want, and saving it as a .bat file rather than a .txt. Windows implemented this so that macros could be run on the system that would drastically reduce the time it takes to complete a task, but many new hackers took advantage of this, and use it in malicious ways.
Types of Hax0rz
There are 3 types of hax0rz. There are the malicious "bad" hax0rs, there are the "good" usually corporate haxorz, and then there's those who fall in between the two.
[You must be registered and logged in to see this image.]
BLACK HAT HAX0RZ
People who hack for malicious purposes. Black hats usually hack illegally and are often portrayed as the "bad guys".
[You must be registered and logged in to see this image.]
GREY HAT HAX0RZ
People who fall in-between white hats and black hats. These hackers won't go out of there way to be malicious, but will perform in illegal malicious activity every now and then.
[You must be registered and logged in to see this image.]
WHITE HAT HAX0RZ
People who usually work for major companies. White hats are the rivals of black hats because they are considered the "good guys". They make sure the internet is safe and secure and spend most of their time fixing loop holes.
[You must be registered and logged in to see this image.]
Levels of Hax0rz
There are 3 levels of hax0rz just like there are 3 types of hax0rz. There are the the experts, the moderately skilled, and the beginners or newbies.
Computer Science Level
These are the expert hackers because they understand how network protocols and operating systems function. These are the hackers that code and program their own viruses, malware, rootkits, botnets, and can modify operating systems. This is the highest level of hackers because these people know to the fullest what they're doing and how to do it.
Technician Level
These are the hackers that typically use existing programs and tools that are created by other people (usually hackers on the computer science level). These hackers are educated enough to use tools and programs and slightly modify or tweak them, but they are not actually programming and developing the tools.
Script Kiddie / Skids
These are non-technical individuals who have no real experience in hacking and have somehow gotten their hands on malicious scripts, codes, or even tools in which they try to use and hack other people. These individuals are the lowest form of hackers and usually don't understand programming and coding orks and don't understand what their doing. A script kiddie can be someone who just got a computer and googled "hacking" and found some random code which can be used to do types of malicous damage.
Now that you have an understanding for the 3 different types of hax0rz and levels of hax0rz, we can move on to reasons why people may hax. People may hax for various types of things but a few main reasons why people do it are:
Hack for glory
Hack for money
Hack for revenge
Hack for security
Hack because you have to
HAX0RING FOR GLORY
People who hack for glory are often black hats, but can just as well be white or grey hats. These people want to be recognized and want everyone to know their name. You want to have a taste of fame by hacking, and make sure everyone knows it was you.
HAX0RING FOR MONEY
These people are also often black hats or white hats but can also be grey hats. These people may hack as a job and get paid for it (white hats) or they may illegally hack into bank accounts, steal credit card information, etc. (black hats). They may also sell their tutorials and tools to others which is a mix between grey and black since this is illegal.
HAX0RING FOR REVENGE
People who hack for revenge may be doing so because someone made you mad. For example someone may have hacked you, and you want to hack them back. Or maybe your girlfriend left you, and you want to hack her social media account. Anyone can do this but it is most commonly used amongst grey hats.
HAX0RING FOR SECURITY
This is basically a white hat hacker. Security hacking is all about finding exploits in your own system and then finding a way to patch them (This method is called penetration testing).
HAX0RING BECAUSE YOU HAVE TO
This could either be a black hat or a white hat. A white hat may have to hack because it's their job. However a black hat may feel it's his duty to hack governments because they have certain views.
Now we can move on to a few popular methods of hacking. Below are the most common ways of hacking, although there are many many more methods. You are not an expert hacker until you have all these methods mastered, which can take a very long time. To truly master some of these methods can take months or perhaps even years. Others can be mastered within a matter of days or weeks.
? Remote Administration Tools (RATs)
? Keyloggers
? Encryption
? Decryption
? Proxies
? Socks
? Virtual Private Networks (VPNs)
? Virtual Private Servers (VPSs)
? Windows
? Linux
? Unix
? FreeBSD
? All of the programming languages (C++, Java, C#, VB.NET, etc)
? Exploitation
? Structured Query Language Injection (SQLi)
? Cross Site Scripting (XSS)
? Remote File Inclusion (RFI)
? Local File Inclusion (LFI)
? Cracking
? Website Design
? Computer Security
? Network Administration
? Social Engineering (SEing)
While there are much more methods, these are the main ones. To be an excellent hacker, you need to have a majority of these mastered. That is very hard, and few people actually do. Mastering each one of these methods can take months and mastering all of them can take up to 7 years. Methods of hacking explained below:
HTML
Html is a very basic web-based programming language. HTML stands for HyperText Markup Language, and is the basic building block for most websites. It is a great starting point for beginners, as it helps gain an understanding of both the Internet, and programming. The HTML code for a website can be viewed by right clicking anywhere on the page, and clicking "View Page source". HTML can help further your career as a web designer, can help you understand the internet better, and help you understand how websites are made. However HTML is more of a white hat thing and can get boring for malicious hackers. If you are not planning on making a website, then you might not want to put as much time into learning HTML.
RATS
RAT is an acronym which stands for Remote Administration Tool. Wikipedia defines a RAT as: A Remote Administration Tool (a RAT) is used to remotely connect and manage a single or multiple computers with a variety of software tools. Its primary function is for one computer operator to gain access to remote PCs. One computer will run the "client" software application, while the other computer(s) operate as the "host(s)". RATs themselves are illegal, because they are used mostly for malicious purposes, but there are actual legal RATs. The thing that makes some RATs legal is permission. Legal Remote Administration Tools, such as TeamViewer, require the other computer to accept the incoming connection. In addition, legal RATs don’t have any malicious features built into them. RATS are mainly a black hat thing because they can give you access to sensitive data such as bank account info, and you can infect people with them. However if you are caught using RATS you can get into serious trouble and go to prison.
Cryptography
Cryptography is not so much a method of hacking, but it will definitely help you along the way. Cryptography is basically the act of encrypting/decrypting something (ex. a file) so that wandering eyes can’t see it. It is pretty much securing yourself and remaining anonymous. A great tool to use would be TrueCrypt.
Website Hacking
Website hacking is, obviously, the art of hacking websites. This can be done in numerous ways: SQL Injection, XSS, RFI, LFI.
SQLi
(Structured Query Language Injection)
SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application (like queries). The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.
XSS
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables attackers to inject client-side script into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy. Cross-site scripting carried out on websites accounted for roughly 80% of all security vulnerabilities documented by Symantec as of 2007.[1] Their effect may range from a petty nuisance to a significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner.
RFI
Remote File Inclusion (RFI) is a type of vulnerability most often found on websites. It allows an attacker to include a remote file, usually through a script on the web server. The vulnerability occurs due to the use of user-supplied input without proper validation. This can lead to something as minimal as outputting the contents of the file, but depending on the severity, to list a few it can lead to:
Code execution on the web server
Code execution on the client-side such as JavaScript which can lead to other attacks such as cross site scripting (XSS).
Denial of Service (DoS)
Data Theft/Manipulation
LFI
Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected.
Batch
Another programming start. Batch has been the starting point of a large amount of hackers. Batch refers to the Windows command line (So do this if you are using the Windows operating system). If you see things online that say “CMD hacks” “Batch viruses” or “Notepad Hacks” then you are seeing people talk about batch. Basically, it is used by opening a blank text document, and entering the script you want, and saving it as a .bat file rather than a .txt. Windows implemented this so that macros could be run on the system that would drastically reduce the time it takes to complete a task, but many new hackers took advantage of this, and use it in malicious ways.
Last edited by 3hunna on Tue Jul 23, 2013 5:28 pm; edited 1 time in total
