Hacking – Talk to me like i'm an idiot

Viewing 38 posts - 1 through 38 (of 38 total)
  • Hacking – Talk to me like i'm an idiot
  • Boba Fatt
    Member

    in addition to the Tor question, where do you even begin with computer hacking?

    It looks all cool in the films and on the telly, but nobody ever really mentions where they start, you just see some code being punched in and booya!! they’re flying jets remotely (this may have been a dream)

    Just curious

    purpleyeti
    Member

    you spend 90% of your time looking at a terminal window with nothing very exciting happening in it. you start nowerdays mostly by downloading some free cms or webstore and installing it then looking for bugs in it and seeing how the code causes them. or if you are on one of the uni ethical hacking things you’ll be looking as damn vunerable linux/webapp etc. that and read some blog posts.

    Premier Icon Cougar
    Subscriber

    Google CEH (ethical hacking).

    Where you begin is an innate curiosity and a desire to explore.

    Premier Icon Cougar
    Subscriber

    Also,

    Films are broadly bunk. The only films I’ve ever seen with a vague grasp on reality are War Games and Sneakers. And ever then you need a pinch of salt.

    Premier Icon Cougar
    Subscriber

    Also,

    “Hacker” is an abused term. “Cracker” is closer to most Hollywood portrayals. Hackers are akin to tinkerers, hobbyists.

    Social engineering

    Premier Icon maxtorque
    Subscriber

    Cougar
    Also,

    Films are broadly bunk. The only films I’ve ever seen with a vague grasp on reality are War Games and Sneakers. And ever then you need a pinch of salt

    This x1000

    In films, the hacker simply plugs in there generic windows laptop the the device to be “hacked” even if that is an alien space ship, which wouldn’t have the correct socket, voltage levels, number of digital pins, may not even use electricity, not have a std protocol, not use a std operating system, work at a different frequency etc etc etc, and presses a button. 3 secs later after the laptop screen has shown some wizzy graphics, the device is “hacked” and the hacker has complete and full control over that device…..

    u02sgb
    Member

    Have recently seen an effort to make this more realistic in TV and films. Blackhat wasn’t the usual ridiculous hollywood bunk. I’m also quite liking Mr Robot.

    Premier Icon steveoath
    Member

    But doesn’t the “U” in USB stand foruniverseal? πŸ˜•

    purpleyeti
    Member

    matrix trilogy got some bits right, you seen nmap and a known ssh exploit get run. i still take ceh with a dim view, but it might have improved from the joke it used to be. and the term hacker is correct, the mythical 80’s use has well and truly been superseded, best you can do now is try and pin hat colours on people.

    Danny79
    Member

    Mr Robot is great definitely a step up in the realism stakes. Like the small details even the episodes are named like files you’d torrent. Plus good script and great acting.

    Premier Icon Cougar
    Subscriber

    I’ve never heard of that, what is it? (Yes, I could Google, but personal recommendation and all that…)

    Danny79
    Member

    Extended trailer.

    Get yourself a plane ticket to Vegas and pay your $230 (cash only) on the door and hack all day with the best of them……

    https://www.defcon.org

    Or if you want to be a good guy:

    https://www.blackhat.com

    I sat in a very interesting cybersecurity talk a few weeks back, these might be useful bits of kit to take along to help, hackers generally rely on the social engineering way in nowadays along with a few key tools……

    USB Rubber Ducky

    WiFi Pineapple

    http://www.instructables.com/id/USB-Keylogger/

    Premier Icon benji
    Member

    Big axe, just mind out for the shards of plastic πŸ™‚

    purpleyeti
    Member

    there are nearly as many blackhats at blackhat as there are a defcon, due to ticket prices you see just as many industry people at defcon too. and i disagree with the se point if you look at any of the major breaches over the last few years they weren’t caused by se, much more likely to be sqli, drive by downloads, or just standard phishing, se, apt and targeted attacks are saved for special occasions not the daily ownage.

    All you need is this H4XX0R

    I work in “cyber security” and it isn’t sexy πŸ˜†

    As said up there ^^ you look at a terminal swearing mostly πŸ˜€

    Plus it’s not all “lets fire up some software and launch it at things” you actually have to do some of that there thinking.

    If we strip this back to the bare basics, old Internet code was written if A happens then proceed to C If B happens proceed to D. When I was a kid I’d look at the source code (the Web page script) and read the code. I’d look for passwords or back doors In the script (this was many years ago mind, it’s much more complicated now) and I’d use that to log in and look at……. you guessed it…. porn. I’d also take a look at a free picture on called say www. Xxxx/0001.jpg and run that through a programme that went through all the numbers until another file was found. Very very basic but that’s where it started.

    Lifer
    Member

    [video]https://www.youtube.com/watch?v=gOrkA_XJ4FU[/video]

    Or pay LIAG to do it for you (ethically, of course)!

    xiphon
    Member

    It often stems from an interest in computer science, and a desire to understand the systems better. The term “hack” comes from an American slang term for “prank”. And “forcing something to work in a different way than it was originally programmed/designed”.

    I took the CEH exam a few years ago to expand my knowledge of threats to systems, but much of it was “how to use this tool, how to use that tool”. I have a friend who works for a top UK IT security company, and they spend months developing their own toolsets for exploits on customer systems, finding a weakness in their in-house applications. Very hard work, but very very good money! (He’s CREST registered too….)

    I sit the other side of the fence – defensive as opposed to offensive – keeping ‘hackers’ at bay from our systems.

    I know of someone (my sister in laws friend) who does the offensive stuff for a living. Hacking loyalty cards for free stuff, social engineering shops and then posing as employees the next day to get into stuff and making scripts for Tinder to show complete Facebook profiles are a few he’s done. Nice work if you can get it I guess, my efforts fizzled out at finding an Abbey National server number through war dialling in a phone box (the manual way) till I got lucky and hit modem noises. Oh and messing about with folk on school computers using Netbus. Apparently that made me a hacker (according to the computer studies teacher) when I got caught and banned.

    willard
    Member

    @dave_rudebar – Shirley you mean NCC or Context? LIAG only work for Queen and country (unless you know something I don’t!).

    The way I’ve looked at hacking is that it’s discovering ways of getting software to do things that it should not do.

    Traditional development is all about building software that does what the requirements say that it should and traditional testing is all about making sure that it meets those requirements and functions as a product (i.e. it does what it is supposed to). When you have failures in software that allow you to do things that you should not be able to do, for example executing commands as a user with higher privileges than you should have, that’s a bad thing.

    My day to day is spent triaging reports of bugs like these. I get exposed to a lot of issues on a lot of technologies and there’s rarely a dull day. Mind you, that’s partly due to my background in test… I love finding problems.

    Premier Icon Cougar
    Subscriber

    The way I’ve looked at hacking is that it’s discovering ways of getting software to do things that it should not do.

    And hardware.

    And, come to that, people. (Far and away the easiest way of getting someone’s password is to go up to them and say “hey, what’s your password?”.)

    mogrim
    Member

    And, come to that, people. (Far and away the easiest way of getting someone’s password is to go up to them and say “hey, what’s your password?”.)

    Or:

    Social engineering at its finest.

    willard
    Member

    Cougar, fair point.

    Nico
    Member

    I got into computer security to meet girls.

    purpleyeti
    Member

    how did that work out for you?

    willard
    Member

    Well, cyberstalking is a lot easier if you control the webfilters and page logs…

    “Hacker” is an abused term. “Cracker” is closer to most Hollywood portrayals.

    But you can’t say cr**er, that’s racist.

    CaptJon
    Member

    maxtorque – Member

    In films, the hacker simply plugs in there generic windows laptop the the device to be “hacked” even if that is an alien space ship, which wouldn’t have the correct socket, voltage levels, number of digital pins, may not even use electricity, not have a std protocol, not use a std operating system, work at a different frequency etc etc etc, and presses a button. 3 secs later after the laptop screen has shown some wizzy graphics, the device is “hacked” and the hacker has complete and full control over that device…..

    If you’re referring to Independence Day, the best explanation i saw was that the Area 51 craft was studied and became the origins of human computing systems. Therefore, there was some compatibility between Geoff Goldblum’s laptop and the mothership.

    mogrim
    Member

    If you’re referring to Independence Day, the best explanation i saw was that the Area 51 craft was studied and became the origins of human computing systems. Therefore, there was some compatibility between Geoff Goldblum’s laptop and the mothership.

    There are some things that don’t need explanation, and Independence Day is one of them. Great film, but don’t try to justify the stupidity.

    And it’s Jeff Goldblum.

    (Far and away the easiest way of getting someone’s password is to go up to them and say “hey, what’s your password?”.)

    closely followed by looking at the post-it stuck on the underside of their keyboard

    If you’re referring to Independence Day, the best explanation i saw was that the Area 51 craft was studied and became the origins of human computing systems. Therefore, there was some compatibility between Geoff Goldblum’s laptop and the mothership

    The best explanation I saw was that it was a film made primarily for an American audience

    Talk to me like i’m an idiot

    Mr Trump, how are you?

    CountZero
    Member

    Films are broadly bunk. The only films I’ve ever seen with a vague grasp on reality are War Games and Sneakers. And ever then you need a pinch of salt.

    Seeing Sneakers at the cinema, and knowing what exotic terms like RAM meant, won me a week long trip for two to LA! I’ll hear nothing bad about that film. πŸ˜€

    willard
    Member

    Mate of mine swears that Swordfish, if you take away a lot of the Hollywood bullshit, is actually not a bad film from a technical standpoint. But, but that rationale, Die Hard 4.0 would be a good film as well.

    It’s not.

    He does think that Nick Cage is a decent actor though, so is not to be trusted.

Viewing 38 posts - 1 through 38 (of 38 total)

The topic ‘Hacking – Talk to me like i'm an idiot’ is closed to new replies.