The Joy of Hacking – 10 Tips to Get You Started

Comments: 5 Comments
Published on: April 28, 2013

Hacking has gotten a pretty bad rap, especially since you have so many baddies stealing credit cards and selling email lists. But not all hackers use their powers for evil. The very nature of hacking is merely figuring out how something works, finding its soft spot, and using that knowledge to get the thing to do what you want. Regardless of your morals or motives, hacking can be fun. If you are reading this, you probably have at least a mild interest in hacking. You may have already sought out a hacking community and asked how to get started. If so, you probably got answers like “you have to be a great programmer” or “go get your CompTIA Security Certificate” or “If you have to ask, you shouldn’t be a hacker.” This might be helpful advice if you are planning a career in computer science or if you want someone to talk you out of it. But if you’re just a hobbyist, it doesn’t have to be that complicated. These discouraging answers are nothing more than barriers. And what is a hacker’s primary goal? To get past the barriers. So your first hack is to figure out how to be a hacker. I will even make it easy for you by providing tips to get you started.

  1. Get Linux. This is optional, but I strongly recommend it. Windows is very functional for end user fluff like pretty icons and cute apps. But let’s face it, Windows is the Chuck E. Cheese of operating systems. If you want to really get into hacking, you’re going to need easy access to the system’s tools – and not have to deal with popups that say “Are you sure you want to go there? Are you sure? Verify that you are sure, because we’re not convinced that you know what you’re doing!” You don’t have to re-partition your computer. You can download Linux onto a Flash drive and run it live, without interfering with your Windows OS.
  2. Learn a computer programming language. Any language. It doesn’t matter which. Your goal is to learn how to communicate with a computer, to learn the basic elements like functions and conditional statements. You don’t have to be fluent in the language. It’s much like learning to speak a human language. You’ll never learn all the words, but you should know how to ask for directions or how to read a menu. For basic hacking, it’s the same; you should know how to ask for directions and how to read a menu. If you’re not sure which language to start with, I’d recommend either “C “or Python. There are a lot of great books and courses to learn from, but there is also a wealth of tutorials on the web. You’d be amazed at what you can learn on YouTube.
  3. Understand the structure of a website. Before diving into anything hard core, start with the Internet. Learn a little HTML and Javascript. Again, just enough to understand what’s going on under the hood of a web page.
  4. Practice viewing the source code for websites with forms and passwords. You do this in your browser by selecting Tools > View source (or something similar, depending on your browser). What you are looking for is how the webpage author submits the form and where the data is stored. High profile websites hide this information well, so start with simple community websites or non-profit organizations. Look for visible directory structures like \home\files\images\. Knowing the structure can sometimes allow you to navigate to other directories on the server to see what’s inside.
  5. Learn about injection attacks. An injection attack takes advantage of sloppy programming, which occurs more commonly than you’d expect. With an injection attack, you inject your own code into a form field, or the URL of a webpage, to get the page to display secret information. One of the most common attacks is the SQL injection. Since many websites use SQL or MySQL to store user information such as email addresses and credit cards, hackers often try to find holes in the SQL coding. Another attack you can learn is the Javascript injection. It’s not hardcore hacking, but you can sometimes use Javascript to set a cookie in your browser that says “I’ve already logged into this website and I was definitely authenticated. So let me back in. I swear, I’m trustworthy.”
  6. Learn about session hijacking. Similar to the Javascript attack, this is a soft attack that manipulates cookies so the browser thinks you’ve already gained access to a site. This attack only works for single sessions and while the legal user is logged on. Once the user logs out, you’re cut off.  More on session hijacking HERE.
  7. Learn the various password encryption methods. A friend once told me that there’s no such thing as random. When a computer spews out a “random” number, it is actually following a programmed algorithm, even though the resulting number looks completely random. The same holds true for encryption methods. In order for a computer to encrypt a password, it has to follow a programmed algorithm. To decrypt a password, you have to figure out the encryption method and then try to reverse the process. Very often, however, a technique called “hashing” is used to encrypt. Hashing is supposedly irreversible and not normally something your puny human brain can hack all by itself. But don’t worry about that, yet. I’ll get to it. For now, just learn what those methods are. Do a Google search for encryption, and then learn about hashing. Some common examples of hashing are MD4, MD5, SHA, and CRC.
  8. Download some hacking tools. Remember when I said not to worry about your puny human brain? That’s because there are actually tools to help crack the more complex encryption algorithms. There are many great ones available. Wireshark  and Cain  are two that I am most familiar with. Research which ones are best for you and learn what they do and how to use them.
  9. Practice hacking. I do not recommend going out and trying to hack someone else’s website or database. You’ve done a lot of research up to this point, but you need to get a feel for the process and understand what you are doing. There are a number of safe –and more importantly, legal– ways to practice hacking. Metasploit provides a downloadable, exploitable environment to practice hacking in the privacy of your own home and on your own personal server. And there are websites that actually challenge you to hack them, turning hacking into a brilliant (and addicting) game. Hack this Site and This is Legal are two of my absolute favorites.
  10. Know the difference between hacking and attacking. I don’t want to preach about ethics or legalities. Your reasons for hacking are your own business. But I think it’s safe to say that no one likes to be arrested. So just remember that poking around places where you don’t belong is the same as walking into someone’s house uninvited. Just because you can, doesn’t mean you should. Hacking is not necessarily illegal. Attacking is. Know the difference.
Share
Share
5 Comments
  1. Pit 2013 says:

    Hello there! I just wish to offer you a big thumbs up for the excellent information you
    have got right here on this post. I am returning to your site for more soon.

  2. ++ GET ALL FOR FREE! – REGISTER TODAY FOR FREE! ++
    Want to get Free Youtube Like
    Free Youtube Likes
    Visit us: http://likefastviews.com/get_free_youtube_views.php | SOCIAL MEDIA EXCHANGE!
    ++ GET ALL FOR FREE! – REGISTER TODAY FOR FREE! ++

  3. If you want to get a great deal from this article then you have to apply these strategies to your
    won website.

    Look into my site – facebook likes

  4. Because the admin of this weeb site is working, no uncertainty very shortly it will be famous,
    due to its feature contents.

    Check out my webpage – free facebook likes

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Welcome , today is Monday, September 1, 2014