White Hat Hacking

[henbenley]

Ya, I figured as much. Script Kiddies always bugged me... "Dude... I'm a 1337 haxxor *uses Sub7's GUI*" Me and a friend used to use it to steal people's D2 accounts... we were fags =X I know, don't need to tell me.

 

Well, so be it. Anyone know what the proper order to learn would be? A+ then C? Or what?

 

I have a feeling this is going to be a lot like learning an instrument... completely tedious and boring, but in the end can be very enjoyable once those skills come together in harmony to make something beautiful.

 

Oh, and one other really open ended question... about how long does it take before one can actually start applying even a small amount of that information? IE crack a small site or a friend's home PC? I'm guessing around a year? Just want to know what I'm getting myself into, hehe. I don't have a delusional view of hacking, though, as seen in the movies. "Swordfish" always makes me laugh. "Crack the FBI's server in 60 seconds..." rofl... right

 

A+ is NOT a programming language! C and C++ ARE programming languages! A+ refers to a certification of hardware knowledge. C and C++ refer to languages that are used to create programs.

 

It will take alot of time. Last year I spent most of the year "working on stuff" with the school computers and it took time, but it was very easy to find backdoors and open locations. This year I backed off because some other people got in trouble last year and they closed up a few things, but they still left plenty open.

 

I started slowly many many years ago with some Java programming and then trying some C++, but wasnt motivated and lost interest then I moved on to PHP and I'm still working on that slowly. Motivation seems to be the biggest problem for me, as I am not seeing a product that I want immediately.

[Guest ecthlipsis]

I knew a little about C++, as my friend is studying it in school, but I know nothing about A+. Thanks for the clarification. Also, wouldn't C and C++ only be necessary to CREATE viruses (viri?) and things of that sort? I suppose one could make other useful things like automated progs etc., but other than program creation what benefit would C and C++ give me? Or is it one of those things that in order to defend/destroy a program one needs to know how it was made? Thanks again for the comments thus far. The lame thing about all this is no one I know can actually do it, thus it's like learning on my own.

[Kamikaze_Badger]

Pardon me if I sound rude, just had a 14 hour Transpacific plane flight.

 

But if you don't know this stuff already, you need to start researching more instead of asking a bunch of computer enthusiasts, very few of which know hacking philosophy.

 

Anyway... like I said, you don't seem to know enough about computers to even understand the fundamentals of hacking. Start out with the basics, work your way up to A+ Certification (hell, just do the online tests). C or C++ for viruses... not exactly. Right now most malacious software is written in VB Script or Visual Basic 6. A few big ones were written in C.

 

Anyway, you NEED to have a very in depth knowledge of computers and programming before you can even begin to start doing basic exploits and such (buffer overflows, jmp insertion, et cetera.

 

And that's all I have to say for now.

[Guest ecthlipsis]

I took several of the A+ Cert. sample tests and had no problem. Hardware stuff is not the problem. I did do a lot more research and realized I don't think it's worth the pay-out at all. Apparently the hacker concenus is to not use a Windows OS in favor of a UNIX based one, so that's one thing to learn. They also have said that VB is a waste of time as the focus should be done in the UNIX platform. Thus, people recommended learning Python, followed by XHTML, followed by C and then C++, and finish it all off with Java. I definitely don't have the desire necessary to learn a new OS and five programming languages. It's not worth all of that for a skill I consider a novelty.

[hardnrg]

I don't know why ANYONE suggested you learn programming languages... scripting languages, maybe, but C/C++ ?! what the...

 

Network Security is what you should learn first, not programming... get yourself a Linux environment set up like Auditor (probably superseded now, check the Remote Exploit site)...

 

the key to breaking or fixing network security is to know the INsecurities... not programming in C/C++

[Kamikaze_Badger]

Understanding how to use them in order to perform basic exploits is a bonus though .

[Guest ecthlipsis]

I don't know why ANYONE suggested you learn programming languages... scripting languages, maybe, but C/C++ ?! what the...

 

Network Security is what you should learn first, not programming... get yourself a Linux environment set up like Auditor (probably superseded now, check the Remote Exploit site)...

 

the key to breaking or fixing network security is to know the INsecurities... not programming in C/C++

 

Well that changes things, then. Odd too, because it was in some popular hacking FAQ's and in the forums at HTS.com (hack this site). Perhaps I might consider learning.

 

*Edit* So presuming I did want to learn Linux, which flavor should I choose? I used RedHat a LONG time ago for about a week, so I know nothing about which one to get. Any Linux guys got some recommendations? Oh, and it needs to be dual-boot friendly with Vista.

[upok]

ubuntu is easy to get along with. And it will dual boot with vista. I've used Mandriva, Suse, Fedora, and now Ubuntu, and so far I like Ubuntu the most. Some of the linux purists still swear by Gentoo or FreeBSD. Too techie for me right now, but in another year or so, who knows.

[road-runner]

Another vote on Ubuntu

[Kamikaze_Badger]

ubuntu is easy to get along with. And it will dual boot with vista. I've used Mandriva, Suse, Fedora, and now Ubuntu, and so far I like Ubuntu the most. Some of the linux purists still swear by Gentoo or FreeBSD. Too techie for me right now, but in another year or so, who knows.

Linux Purists + BSD... don't really mix.

[Verran]

With respect to the programming languages like C/C++ and VB, hardnrg is right. I doubt those are used much for exploits. But the point of those languages is more to get you learning coding concepts. If you want to jump right in and learn assembly, be my guest, but I think it makes more sense to start with the more user-friendly languages to pick up the basics.

 

For Linux, Ubuntu is incredibly user-friendly, easy to install, and easy to use. That's exactly why you shouldn't pick it. Ubuntu is almost Windows. You can install it and use most functionality without ever hitting a terminal prompt. So basically, you'd learn nothing. The whole point is to get into the terminal and start scripting and probing security. You'd be better off with something like Gentoo or Slackware where you can't just point and click your way through everything. Get familiar with the terminal, because that's where the real work is done.

[GuJuMaN89]

With respect to the programming languages like C/C++ and VB, hardnrg is right. I doubt those are used much for exploits. But the point of those languages is more to get you learning coding concepts. If you want to jump right in and learn assembly, be my guest, but I think it makes more sense to start with the more user-friendly languages to pick up the basics.

 

For Linux, Ubuntu is incredibly user-friendly, easy to install, and easy to use. That's exactly why you shouldn't pick it. Ubuntu is almost Windows. You can install it and use most functionality without ever hitting a terminal prompt. So basically, you'd learn nothing. The whole point is to get into the terminal and start scripting and probing security. You'd be better off with something like Gentoo or Slackware where you can't just point and click your way through everything. Get familiar with the terminal, because that's where the real work is done.

 

are u kidding me?!

 

C/C++ is used allll the time in exploits. take a look at a few exploits around, preferable good ones...

they are coded in C and usually ported into C++ and then ported into bots and other variants.