After many years in the area, I decided to write this article for beginners in the field.
How to become a real hacker?
What is hacking?
Undoubtedly, hacking is art, an art that is learned, practiced and never forgotten. For me, hacking is the ability to use your wisdom to achieve amazing things with technology.
What is a computer hacker?
A computer pirate is a type of hacker who uses the system resources to gain access. Such behavior may be legal or illegal, depending on the case.
- An ethical hacker is one who uses his knowledge in a legal way.
- A black-hat hacker is one who uses his knowledge to illegally entering the systems.
Usually most beginners (n00bs) in the area tend to go for being a blackhat hacker, which almost always ends in a life of trouble and possibly your career as a hacker is going to end before you know the real arts of hacking.
How long will it take me to learn to hack?
Takes time to learn to hack, learn to hack is not learned in 21 days, and quite possibly the things that you think are “learning to hack” have nothing to do with what hacking is.
- Hacking public networks (eg Facebook, Gmail, Hotmail): If you are here because you want to hack your friend’s or relative, you can close this page now. We will not say how to hack hotmail or facebook. Do not insist. If at any time you consider yourself a hacker, or you learned “something” about hacking, never try to do it, never accept it in any way. Hacking hotmail or gmail or facebook does not make you a hacker, it can expose and endanger your life, career, etc.. Once you start to do it, you might not be able to stop and return to the right path.
- Talking about it with friends: Do not say that you are hacker. Your friends will always ask you to hack facebook, twitter, or something like. You’ll probably be wasting some time trying to do it and this will apart you from becoming a real hacker. Probably you will achieve it and your friends are maybe going to give you congratulations for it, then you will feel good, but all that fame brings hacker is trouble. There will be more people seeking for your services in an illicit way, then, there will be money, and then, the problems will come. Solution: You can tell your friends you do not know how to hack facebook (even if you know how to).
- Spying everyone: You should not spy by hacking, you should avoid take advantage of the arts for your own benefit. stay cool is the main rule. You must first learn how to recognize / solve a situation without having to hack anything, that will save your time.
- Wanting to be famous: Most hackers want fame, but if you want fame, is better to close this window and look for havij tutorials and hacker forums. You will be closer to jail then.
- Work in groups: This is very controversial because hackers usually work in clans. My recommendation: Work alone. If you work alone, everything will be harder, you will be learning about yourself and how to learn, and will avoid to do things for peer pressure
- Hacktivism: Do not put ideals before your goal to achieve more knowledge, you can easily be doing crazy things and making mistakes.
Why not to be a blackhat?
I was trying to write this article without ethical consideration. The main reason: the mean novice is not thinking about it, and I’m not here to talk about it.
However, you should understand that the ethical way is the right path.
Being a blackhat have a lot of drawbacks.
In the first place, you must ensure that you know in depth every system you are going to hack. You need to know the sysadmin behaviour, you need to know about your chances and you need to know about forensics and how they find you.
You should never underestimate the forensic auditor or police.
If you understood everything, you will get that being a blackhat is a very risky and non-profitable job.
Most blackhat are trapped because:
- Eventually you will make mistakes
- You have not reached the level of knowledge and understanding that is required for the job (although you feel on top of the hill).
What kind of life I should expect being a blackhat?
You should expect a cold prison, although there are great chances that no. In certain countries or inside certain mafias you’ll end up paying bribes and hacking for your prosecutors in order to ditch the law. One thing will lead to another, and possibly you will be falsely thinking that you have power. At the end of the road, when you can not continue providing such things, or they get somebody that delivers a better job with a better price, that people will betray you.
Who can be a hacker?
Hacking is an art more than anything else, here I want to break the myths, hack is not keep up to date with the vulnerabilities and technology, although this matter to be efficient, not make you a good hacker. Even people who quit hacking for two or three years, they can hack again better that someone who keeps up2date.
Therefore hacker can be anyone. the candidate requires:
- Strong analytical skills.
- low or high retention capacity (swallow the vulnerabilities book and / or CVE are not going to make you a hacker).
Someone who learned some techniques and read some manuals is called “script kiddie” not a hacker.
Which approach should I choose?
There are many aproaches to be a “hacker”. We must say that all of them plays well.
For example, beign an script kiddy works fine. Imagine that you have a vulnerable website, then, you should learn how to use several kind of software very useful (that no one else have used before in that website)… I.E. Havij is a very infamous software in your path.
Being a script kiddie will give you the hacker reputation. You may be learning some useful things and earning money being a pentester, this way you can formalize the script kidding and take the next step getting certified and using a “manual”. Then you will be blindly trying all those available scripts in backtrack/kali and call yourself a hacker when you see that something works.
If you want to reach the the next step on the scale, which I personally consider a real hacker, the most effective way to do it is through guessing.
How it works?
You should know and understand every involved technologies, you should know how they have coded the system, how they have configured it, then you may understand in what things the coder usually fail (by omission or laziness), in what things the sysadmin usually fails to configure (by omission or laziness), and use that knowledge with some hacking knowledge about some techniques.
At this point, the hacker will be in position to execute and carry non-documented techniques, use techniques combinations, create their own exploits and much more.
To understand what “every involved technologies” means, lets show you an example. If you are hacking a nginx webserver with php5 in CentOS Linux, you should understand all of this (in depth):
- HTTP Protocol: You should understand what content-encoding is, how the webserver transmit the data (chunked or content-lenght by example), what post parameters are, how are encoded and transmited, and everything.
- TCP Protocol: You should understand how it works, how the tcp session is established, what SYN/SYN-ACK/ACK means, how the session is finalized, what sequence numbers are, how URG works, how sliding windows works, and everything.
- DNS Protocol: You should understand how something called www.something.com becomes an IP, how the OS integrate that within, and maybe you will be reaching your objective without hacking the server? hehe
- UDP Protocol: Very similar to TCP, but more rustic. Transport information in packets and not in sessions. UDP could also lose packets. You should understand everything about it.
- IP Protocol: you should read about ipv4, maybe something about fragmentation, routing, switching… At this point, you need to know every single thing that your computer makes to reach the webserver. Every datagram, every single query,any possible error.
- SSL/TLS Protocol (In case the webserver uses HTTPS): You should learn many things, from asymmetrical cryptography to symmetrical cryptography. digital signatures, perfect forward secrecy, certificate authorities, uses, and every technology related to SSL/TLS.
- PHP5 Coding: You should understand the php5 internals at an advanced or expert level, you should be able to read any kind of php5 code, and identify everything (bugs, what they are doing, coding styles, etc). You should know about lfi, rfi, sqli, xss, and more.
- C/C++ Coding: Almost every single software is coded on C or C++ (php, nginx, etc), In order to identify vulnerabilities in such software, you should understand C/C++ in depth.
- Assembler and hardware: To understand C/C++ vulnerabilities, is extremely important to understand how the compiler translated that C/C++ code into ASM. If you are capable to understand how the language works, how the stack works, how the memory heap works, how the library linking works, and how the memory protection takes effect. Is very likely that you will be able to take advantage about.
- The Operating System: You should understand in depth about the operating system. by example, this case about Linux. Understand the configuration, permisology, hidden options, selinux, iptables, and every single thing about it.
- System Administration: You should deploy and manage the systems before try to hack them. Try to deploy similar platforms, configure it in a similar way, update it in a similar way, identify the bugs and mistakes that commonly happens by lazyness or omission, identify the required effort in cost+time to make this a secure platform, and maybe you will be closer to a functional bug.
- Script Kidding: Never go out without your script kiddie kit. Many times you wont be required to use your own techniques. Don’t reinvent the wheel.
- Logs: Never carry any kind of attack or recon without knowing in depth where they will be logging you.
Back to the topic, the guessing (based on your experience and knowing how the system was configured) is the best technique because you will be going right to the point. this is so different to a blinded backtrack that will take you hours testing any kind of unusable exploits and alerting the administrator (check about IDS)…
Someone able to easily recognize every used vector, relate it with several vulnerabilities, assign likelihood of occurrence and establish a attack matrix (starting with the most probable successful attack), then that person may go beyond the average because he will be adopting intelligent strategies. That is not written on any mean course. They focus on the standard methodology that makes results for everyone, but they do not empathize in the art. The art is that thing that will produce outstanding results.
Where do I start???
More newbie your are, better is. The learning paths on computer science are like independent branches, once you get into some specific one, is very difficult to change your branch. I think that a tree born crooked, will never grow straight.
Many people wrote about this and I differ with them. Most of the people and tutorials mention the “up side down” technique. That means: You learn the abstract, logic and gui, and then you will be going depeer and deeper.
However, thats counternatural. None of the system you are using was developed in JAVA or PYTHON and then they made the kernel in function of that. They first created the assembler and C, and then the kernel. After that, C++, and after that JAVA or PYTHON.
If you want to understand how the system works, you need to know about the building blocks. then you will be able to figure out how the system was developed and which problems are obvious. Otherwise, you wont be able to figure out that.
Another example: figure out that you are in a building, everything looks like walls, floors, ceilings, doors. nothing else. If you learn how to put floors, ceilings, doors and walls in place with a GUI, maybe you are missing were the colums are, which material is used, the supported weight, were the pipes are. Knowing C and ASM, is like knowing the building blocks from the inside. maybe that building blocks are not water resistant, or can’t carry some weight. You will be able to know the vulnerabilities just guessing: hah, they used the cheapest material for that wall.
Thats because I recomend lectures on:
- Programming/Coding: You should start leearning how a RISC Microprocessos works, then a CISC one, opcodes!. Ignore guides that invite you to learn python or visual basic.. Such guides are designed to prepare you in order to get results in a short period of time. They want you to automate your attacks, and even that is useful, that won’t help you to be a real hacker. Start with C99 and ASM. As a begginer Don’t go for C++11 / BOOST / STL. You should understand how the programming works in depth (memory, pointers, C->ASM translation, etc). This way you can master any other language. It’s difficult? YES.
- Networking: Learn how to code in networks, learn about nagle, about tcp/ip, udp, and when you feel you have mastered that, begin with raw-sockets. But the most important thing, learn what happens when your information leaves your computer, how it reaches the server and the answer comes back.
- Cryptography: The cryptography is one of the most important topics to learn. In cryptography depends the half of the internet security. Many times weak cryptography is the main source of vulnerabilities.
- Electronics: The electronics controls everything in computer. It pretty difficult to understand how a blinking monitor is really a bunch of electrons, photons, transistors, metals, and atoms. The science is extremely important for a hacker. (Hint: do you know anything about tempest? do you know that with tempest you could use the monitor as a wireless transmitter to subtract information, even if the computer is not connected to internet or anything!)
- Operating Systems: Learn everything about any possible operating system (Linux, Windows, FreeBSD). Learn about the kernels, registry, bus libraries, boot processes, anything.
- System Administration (read about ITIL), you should understand the challenges about managing many systems. and why it’s so complex to update a system. When you really get and understand that, you can take advantage from the bureaucracy.
- Security and Vulnerabilities: Learn about what was done by others in computer security, the vulnerabilities, etc… For that, is maybe useful to read certification programs and documentation (CEH Guides, Doing OSCP, etc). However, if, by example, you learn that to make some SQL injection you need to use simple quotes in the form, you should learn to debug what is happening with that single quote since you introduce it, until the server make a responce for it.
- Learn how to secure a system: Ask yourself the why of everything, why do you change a file permission, why use strong keys, why do you want to use some specific policy, etc.
- Learn how to think “out of the box”: If you are hacking a server on some X network, why not to hack some other weakest server in the same neighbourhood? then you can proceed with another kind of attack like Man in the Middle. Not every path from A to B is so straight forward. sometimes you have to pass trough C, D, E, F…
- Learn how to master Virtualization. VirtualBox today is your best friend. In my old times, there was a very rustic version of VMWARE, The microprocessors don’t had vmx extensions and everything was extremely slow. Figure out, our computers had just 384Mb of RAM, and in that times, that was considered too much!. The only way was to format and doing dual boots. Today you can install and erase hundred of operating systems in Virtual Machines. Moreover, you can run dozens at the same time. You must learn how to play with Operating Sytems in a secure way.
- Don’t attack third party servers without the appropriate permissions: Use your own virtual servers to test vulnerabilities, to attack them, to test your own techniques, and simulate real internet attacks. Practice inside your own controlled environment. More you practice, more abilities you will acquire. (so obvious xD). The problem is: if you decide to practice with internet hosts, you will end up in jail.
- Make Linux your primary and host operating system. Windows is the most used OS, however, if you want to be a hacker, start using an OS that permit you to touch everything.
- Learn about history: Install the legacy operating systems in virtual machines. Understand the evolution that has suffered the computer science too. The vulnerabilities that appeared multiple time across the history (like ping of death). Remember that the human being is the only one animal that does not learn from errors and commit the same mistake twice 🙂
- Learn about Logs, IDS, IPS, firewalls… You need to know about the defense systems in order to disable it.
- After that, learn something about databases. SQL is essential.
- The internet search engines are your best friends: You need to know how to search trough internet, how to reach information, how to reach manuals, and more.
- Is very important that you should be able to filter information found in the network. Not everything is true. (Even for such articles or websites of who you may think are experts) The real hacker should question and challenge EVERYTHING. For a hacker, there is no blackboxes, there is no: “This works because is well known to work and tested by others more intelligent than you”. You will be wanting to test it again and put it obstacles in order to prove it false.
- When you have completed all of this, you will be ready to specialize yourself in your specific favourite technology (Phones, android, wireless, etc, etc).
- To keep motivated, you can watch movies! do something about ethical hacking, make conferences, teach others and keep the peace.
- Remember that the most important thing is not the knowledge itself, the most important thing is your analytical skills on the things you already know. You should not reinvent the wheel, however you must how to build the wheel from scratch.
- Go outside, admire the nature. Not everything is one and zeros.
- Don’t follow the “media hackers”… More you know about how this works, you will be knowing that is not that difficult to make noise. Is not difficult to make a virus and distribute it. Is not that difficult to execute HAVIJ and deface a thousand websites in a few days. The real difficult thing is to control yourself and continue learning.
- Do not idolize anyone. do not compare yourself with others: There is no teachers, everything is about self-learning. You will always found someone better than you and someone worse than you. It’s extremely important that you don’t admire anyone but yourself, even if you are a newbie. Focus in reach your objectives, That shouldn’t be determined by others.
- Be persistent, Don’t lose the motivation. Ask yourself the reason because you have read this. If you want to hack some email or is because you are curious? If you wanna learn how to hack some email account, please find another guide. You will lose the motivation trying to learn Assembly. You will lose the motivation if you want to break the system for the data and not for the system.
- The best way to do it is to avoid signatures. Never identify yourself with just one nickname or with your real name, use proxies, use common names (like john smith), That applies for everything: forums, casual chats, etc.
- Encrypt your whole operating system and comunications. (truecrypt for windows, dm-crypt for linux), if it’s on your possibilities, use double factor key for the cipher and use random generated passwords that you can’t remember. Cipher everything even the mp3 you have. Don’t leave anything without cipher, even if you don’t have anything to hide. Your information is extremely valuable, your clients information is also valuable. Your enemies will take anything from you, from winrar serial key found in your computer to some ripped mp3 from a CD that you may have missed. Everything works in order to put you in jail and take advantage of you.
- At the end, more years you can survive without getting in troubles, without ego, without adrenaline. More you will be able to learn and far you will reach. I remember you: Majority of hackers won’t reach full of their capabilities just because they will lose motivation and will be caught in some illegal activities.
What’s after being a hacker?
After many years, you will understand that being a hacker wasn’t so important. Maybe is like a lifestyle, maybe it will lead you to a very funny set of adventures. but you have to understand that is just a tool, a hobbie, a funny thing. You will left worries and enjoy life.
And hacking may teach you how to appreciate thing in a different way.