How to Hack

Hacking can be difficult and there are many different ways to hack and many different exploits to use. Hacking is neither defined nor limited by exploitation or exploration. Hacking into someone else's system may be illegal, so don't do it unless you are sure you have permission from the owner of the system you are trying to hack or you are sure it's worth AND you won't get caught.




Hacking was primarily used for learning new things about systems and computing in general, 'in the good ol' days'. In recent years it has taken dark connotations and in general has been looked down upon. Likewise, many corporations now employ "hackers" to test the strengths and weaknesses of their own systems. These hackers know when to stop, and it is the positive trust they have built that earn them large salaries.



There is a major difference between a hacker and a cracker. A cracker (someone who "cracks" software distributions, like windows) is motivated by malicious (namely: money) reasons; a hacker is attempting to gain knowledge through exploration, at any cost and in any way - not always legal.
Steps1Use a *nix terminal for commands. Cygwin will help emulate this for Windows users. DOS is worthless in this area. The tools in this article can be found for Windows based machines. Nmap particularly, uses WinPCap to run on Windows and does not require Cygwin. However, Nmap works poorly on Windows systems due to the lack of raw sockets. You should also consider using Linux or BSD, which are both more flexible, more reliable, and more secure. Most Linux distributions come with many useful tools pre-installed.


2Try your first. Make sure you fully understood all common techniques, including the way to protect yourself. Start with basics - found a server which has site about racism, homophobia or other bad activities? Try to hack it, any way you can. Yet again, don't change the site, just make it yours.3 Know your target. The process of gathering information about your target is known as 'enumeration'. Can you reach the remote system? You can use the ping utility (which is included in most operating systems) to see if the target is 'alive', however, you can not always trust the results of the ping utility, as it relies on the ICMP protocol, which can be easily shut off by paranoid system administrators.4Determine the operating system (OS). This is important because how can you gain access to a system if you don't know what the system is? This step involves running a scan of the ports. Try pOf, or nmap to run a port scan. This will show you the ports that are open on the machine, the OS, and can even tell you what type of firewall or router they are using so you can plan a course of action. You can activate OS detection in nmap by using the -O switch.5Get super user (root) privileges. Try to get root privileges if targeting a *nix machine, or administrator privileges if taking Windows systems. Most information that will be of vital interest is protected and you need a certain level of authentication to get it. To see all the files on a computer you need super user privileges. This is a user account that is given the same privileges as the "root" user in Linux and BSD operating systems. For routers this is the "admin" account by default (unless it has been changed), for Windows, this is the Administrator account, etc. Just because you have gained access to a connection doesn't mean you can access everything. Only a super user, the administrator account, or the root account can do this.6Create a backdoor. Once you have gained full control over a machine, it's best to make sure you can come back again. This can be done by 'backdooring' an important system service, such as the SSH server. However your backdoor may be removed upon the next system upgrade - really experienced hackers would backdoor the compiler itself, so every compiled software would be a potential way to come back.