Jump to content


Photo

Newbies Guide to hacking


  • Please log in to reply
33 replies to this topic

#1 -Led Zeppelin-

-Led Zeppelin-
  • Members
  • 227 posts

Posted 21 March 2006 - 01:24 AM

Here is a basic guide on where to get started with Mac Hacking. This is very helpful, so please take the time to read it completely. Patience is a major key to success in life, especially with computers. Thanks

Please note: When copying or downloading this thread, the formating of the text may change.

----------
| Part 1 |
---------------------------------------------------------------------------------------------------------
Introduction

Many people from around the world get into hacking for various reasons. Unfortunately, many people will begin to hack
because they want to be "m@d 1337" and cooler than their friends. The fact is, you can't be a successful or respected
hacker if you just use other people's programs- you can't download things and expect to hack anyone without a wink of
computer security knowledge. As such, being a hacker requires skill, motivation, creativity, and many other characteristics,
but above all, patience. In order to be a competent hacker, you will be reading more than anything else. This reason alone
is why so many find out that hacking really isn't for them- because they just want to mess with people's computers early
on rather than read and figure things out for themselves. I'll warn you right now- this part of the series involves no
hacking, but rather reading about things you'll need to know if you want to be any good. This is your first test, really-
if you can comprehend what you read in this document (in other words, you need to read it), then you may just have what it
takes to become a decent hacker- however, notice the word MAY.

Bear in mind, also, that computer security knowledge comes not only through poring over volumes of documents, but through
some experimentation- this is where some of the fun comes in. Find yourself a family member's computer, or use your own
computer, to try out various methods of hacking or screw around with their security. Here's a quote that rings true in
all aspects of learning and education, including computer security:

"Tell me, and I forget. Teach me, and I may remember. Involve me, and I learn."
-Benjamin Franklin

I know that's rather corny, but who cares? Now hopefully you're getting the picture- you will be doing a lot of reading
but you must do at least some experimentation to test things- especially if you're learning a programming language. The
best thing you can do is write your own programs using what you learn. Anyway, that was a bit long, so now, since I know
you're anxious (if you're still alive after reading that), we'll get into some actual material.

Terms

Before you get into reading computer security documents, you'll need to know some terms, however basic, so that computer
experts' jargon (tech-talk; see? you just learned something) won't blow you away and you'll actually understand the
computer aspect of what you're reading. So here are some of the more basic computer terms you'll come across (some are
not as common, but still used.) I will discuss other terms at various points in this tutorial series.

TCP/IP- if you've read anything about computers, you've probably heard the term IP address- IP is generally explained in
conjunction with TCP. Respectively, TCP and IP stand for Transfer Control Protocol and Internet Protocol. When you send
data (such as email), the data is first broken down into packets by TCP, and then the IP sends these packets to their
destination (like a specified email address.) Upon arrival, TCP will first check the data packets for validity. If the
packets are invalid, the data will not be displayed. If the packets are valid, TCP will re-assemble these packets into
readable/usable data.

HTTP- the protocol most important to the Web, HTTP stands for HyperText Transfer Protocol. This protocol moves hypertext
files across the 'Net- in other words, it controls where documents such as Web pages go to. HTTP needs a client and a
server at two different ends, but you don't really need to know about that for now.

FTP- stands for File Transfer Protocol. This protocol is used by servers to transmit files (such as a download site on the
Web.) Files can be uploaded, shared, downloaded, etc. FTP servers will usually require authentication to gain access to
the server unless it is being used by a person who does not need a password to do something (such as a person downloading

a porn video.)
TFTP- not as commonly seen as some other protocols, TFTP stands for Trivial File Transfer Protocol. If you know what the
word 'trivial' means, you should be able to formulate some sort of idea as to what this is. It is a protocol again used
by servers to transmit files, but is slightly different from FTP. It is not as capable as FTP in its ability to handle
files, as it will never require authentication for use by anybody. These servers can sometimes be installed by viruses
and worms- use Slarty's excellent tool to weed 'em out.

SMTP- a protocol you might use everyday, SMTP is Simple Mail Transfer Protocol. This is, quite obviously, the protocol
used by servers to route email to its destination. Other protocols are forms of SMTP but are called something different-
such as the POP3 protocol. However, that's not important.

IDS- Intrusion Detection System. Self-explanatory.

Honeypot- a server or system that seems very easy to break into, but is equipped with an IDS (see above) to bust your
ass because you got greedy.

Port- acts like a door between a computer and the Internet. Some ports are closed, other open (at different times, they
can open or close, regardless of prior activity.) Different ports use different protocols, like the ones I described above,
and some are used by programs such as AIM or Kazaa.

Firewall- acts like a lock for doors (ports.) It blocks incoming and outgoing traffic on certain ports to keep computers
safe or to prevent somebody from hacking.

Those are many of the basic terms you'll need to know in order to be competent- it's not everything (and I don't pretend
to know everything), but it will hopefully give you a solid foundation in beginning computer security.

Ports

I explained ports briefly in the Terms section, but since they will be an integral part of your hacking career, I am going
to go into greater detail here with extremely bad analogies. Ports are, again, doors between anyone's computer and the
neighborhood (Internet) that can be open or closed, and some will be locked (firewall) or have retinal scanners (passwords.)
In the beginning, stay away from these secure doors. I'm not going to tell you how to find open doors (port scan) on
certain houses (computers) in this part of the tutorial, but that'll be coming later- I'll give you a foundation in security
first. Once you find an open door that is using the desirable protocol (for example, if you want to send mail, use the SMTP
port, port 25) then all you have to do is walk in (hack the computer), but again, I won't tell you how to do that just yet.
Stay patient, and you'll learn in time. Make sure you don't ring the doorbell (get detected), or you'll be totally screwed
(you can figure out an analogy for that one, I assume.)

Anyone, once you're in, do what you want. But back on the subject of ports, you need to find a desirable port for what
you want to do- see the example above. Because of this, sometimes you won't be able to hack a certain computer because
the port is inaccessible (people have their doors shut.) Basically, trying to find the right port (door) is like going
on the Price is Right and selecting a door to find a prize (target) afterwards. The port scanner and its results are
like Bob Barker, telling you annoying things that you didn't want to know, because all you want to do is get by the damn
door.

So, to overview this slightly more detailed section, ports can be closed or open, and they will run different protocols.
So, if you get into a certain port with the protocol you want, have fun. Yes, I know that analogies were awful, but
please forgive me- only one section left in this part.

Firewalls

The last section of this part of the tutorial will be on firewalls, because you will hear tons about them in security
documents and when you try to hack something. Firewalls, are again (cue bad analogies) like locks on doors that will
prevent some people from getting in. You can, once you're good, pick the lock (bypass a firewall), but as I've stated,
stay away from a firewall in your early hacking days- trying to screw with a locked house (computer with a firewall)
will only get you into some serious trouble. Anyway, firewalls block all traffic on certain ports so that they are
inaccessible to people who want to get in. Because of this, firewalls can sometimes be inconvienent to hackers, but they
are essential to securing yourself.

Envision a house that is totally open- like having every port in the world open on one computer (I don't think that'll
EVER happen). It'd be real easy to get in, and just mess around with anything you want, because each port will run on a
different protocol. Now, close every door and put a lock on it. Slightly tougher to get in now, isn't it? Of course,
there will be some ports open, but even then the firewall may still prevent any connections- like a door that locks from
the inside so you can control it but no one from the outside can get in. Sometimes, you will be turned away by a firewall
because it shuts off a port with a protocol you want to use.

That's a slightly less brief description of firewalls. Though there are still many concepts to be covered, but by now,
you should be beginning to feel more comfortable with computer security.

Conclusion

So now you've hopefully learned about ports, firewalls, terms, and more importantly, a hacker's mentality. Hopefully the
bad analogies helped you understand the topics better, and in the next part we'll get into some real fun stuff, like
Telnet hacking. But for now, make sure you understand this stuff, because the next tutorial won't always walk you through
material you should've already learned. Good luck with your hacking career (though it's not really anything yet, so
nevermind for now.)
---------------------------------------------------------------------------------------------------------
| Part 2|
---------------------------------------------------------------------------------------------------------
Introduction

Welcome back to the Total Newbie Security/Hacking Guide. This is part two of the tutorial, and assumes you have read
part one, which can be found a little ways below. If you haven't read part one, at least have some background in computer
security. Just to make sure that you do have enough background knowledge to understand this tutorial, here' s a little
quiz you can use to check yourself. I won't provide answers here- the whole purpose of the quiz is to make sure you know
things, and if you don't, read the last tutorial.

1. What is a port, and what is its function?
2. What is a firewall, and how does it help secure a computer or network?
3. Define:
FTP
HTTP
SMTP
4. What is a honeypot, and why does it suck if you get caught in one?

If you knew none of those, don't read on. If you knew 1 or 2, then you may want to brush up on your reading before
continuing. If you got most or all right, congratulations and thank you for bearing my rambling in the first part.

Anyway, I'm going to cover a lot of new ground in this tutorial, so you will need to remember your old terms, as well
as what you learn here. If you can remember just a few things after you've read this part through once, that's good-
you can always come back to see what you missed. My aims for this part of the tutorial are simple: to provide you with
more knowledge of terms and security, teach you the basic pre-hack steps you should (and need to, quite often) take,
and finally, the first steps into actually hacking something. At the end, I've also decided to throw in a basic C++
lesson that I'll build on in the coming parts of the tutorial.

If you're ready to read, then let's go.

Terms

Again, I'm going to throw in a terms section. All of these terms here will likely be brand new to you (if you're a
newbie), as I'm not including any terms from the last tutorial in this section- if you need to know those, look back.

Client and Server- these are the two parts of a direct connection between computers. For example, let's say you're
downloading some porno off of an FTP server. You, the sex-deprived computer user, are the client. The client is the
end of a connection that makes a request to the server to connect. The FTP server that provides you with porno is
obviously the server. This is the end of the connection that listens (waits) for incoming connection requests. It can either
accept or decline these requests.

Sockets- sockets tie in with the last example. A socket is the endpoint of connection (there are two, one at the server
end and one at the client end) that will be bound to a certain port and IP (or IP range; see next definition) in order
to establish the connection- you can think of it like a real socket, in which things are connecting to get a power supply.

IP Range- this term refers to (obviously) a range of IP addresses. For example, if you are given IP range 192.168.1.xxx,
that would refer to any computer that has an IP address from 192.168.1.1 to 192.168.1.255- however, these only refer to
local machines on the same network (IPs with the 192.168 prefix), so hopefully I didn't just break forum rules.

Telnet- this is a utility that was originally used for legal purposes- for example, logging into an e-mail account from a
remote location to check stock reports or something. Nowadays, Telnet is still used, for both legal and illegal purposes,
but its use has dwindled due to more advanced programs and computer-illiterate people that wouldn't know how to use Telnet.
Anyway, when used correctly, Telnet can become a nice friend to hackers.

Those are really all of the terms you'll need- if there are any others, I'll define them when we first see them. However,
you may hear other hackers refer to different types of people- and here are the definitions.

Script Kiddie- script kiddies are the most useless and childish form of "hackers" but sadly the most common. Script kiddies
are people that do no work on their own, have no knowledge about computers, how they work, or how to hack, but just use
simple programs to do what they think is hacking- such as trojans, AIM password stealers, etc. Script kiddies are hated
by most everybody in the computer community- you do not want to be one.

Hacker- somebody who breaks into single computers or computer networks for a number of different reasons- the types of
hackers are defined below.

White Hat Hacker- an ethical hacker, sometimes called a "Noble Hacker", who breaks into computers/networks for the
purposes of information and fascination- they feel that information should be shared, and as such they attempt to break
into systems for this information- and the fascination with computers ties in because they want to see how things work,
what types of hacking work and what doesn't. White hats will sometimes release programs to exploit vulnerabilities that
they find- they will not use these, because it damages things, and they don't want to do that. They leave damage up to
black hats, or sometimes script kiddies will try exploits- and always land in jail. Many people on the forums, including
myself, are white hats- we don't damage things, but just get information.

Grey Hat Hacker- a grey hat is a person who generally sticks to the principles of white hat hacking, but will sometimes
damage systems- they are in between white hats and black hats.

Black Hat Hacker- as all good hackers are, black hats are very competent at what they do- and that is breaking in to wreck
systems. Rather than break in and follow the white hat path of getting information, black hats will screw up everything
that people have worked hard to do- they will wipe data, plant viruses, and do other things that will damage systems.

Anyway, that's about it for terms/hackers. As I said before, any new terms in this part of the tutorial will be defined,
if necessary, when we meet them.

Legal Stuff

As you probably know, hacking (even white hat) is totally illegal (although gathering info shouldn't be) and will land you
in jail or juvenile hall. That is not good. I will not take responsibility for your actions- this whole tutorial is for
educational purposes only, and as such, I won't take the blame when you get busted and land in jail- which is likely to
happen if you don't know much.

Sorry, but I have to cover my own ass. Now back to the actual tutorial.

Reading

As I've mentioned before, you will need to do a very sizable amount of reading in order to become competent. If you want,
you should experiment on IP address 127.0.0.1, which is your local machine's loopback address- your own computer. Do not
attempt to hack anyone else's computer until you are competent and confident in your abilities. Unfortunately, many people
(especially script kiddies) who know nothing about computers will attempt to hack something and just get caught. Don't be
one of those people- and also, the more knowledge you have, the more respected you will be by other hackers, espeically
those of lower skill- and I'm sure you want respect, don't you?

Having a good knowledge of many security topics is best- you shouldn't know only a few things, however. You should be as
knowledgeable as possible in many topics, because the more knowledge you have in a vast area of topics, the more competent
you'll be, and the better you'll be able to overcome obstacles. Think of your knowledge as tools in your toolbox (brain.)
In real life, the more tools you have, the easier it is to get the job done- and if you run into a problem one way, you
can always adjust. The same applies to hacking/security. You should have a good base in areas such as:

? Anonymity/Proxy
? Programming
? Telnet
? Basic Terms (they will come in handy!)
? Ports
? Firewalls
? Exploits

and many others that I don't list here.

Google (h++p://www.google.com) and AstaLaVista (h++p://www.astalavista.com) will become your friends. You will find infinite text
documents explaining how to do things, how to hide yourself, how not to get busted (or Slarty's tutorial on how to get
busted) and a good background in security among many other things. Since these resources are abundantly available, use
them before running to other people to ask questions.

Now that I have succesfully bored you to death, we'll liven things up a bit- it's time to move onto pre-attack stuff so
you can be on your way with basic hacking.

Ping

Hopefully you know what and where the Command Prompt (or MS-DOS Prompt, on some OS's) is. Open that, as it will be a good
friend of yours, as will many things you'll uncover along the way. The first thing that I do once I've obtained a target's
IP is ping. Ping is a command that was originally designed (and still is used) in order to see whether a computer is
connected to the 'Net, or if the machine even exists. Ping is very simple, and is done from the Command Prompt.
NOTE: MS-DOS Prompt works the way as Command Prompt, but I only refer to Command Prompt because that's what I use- but
MS-DOS Prompt users, do the same stuff.

To ping a computer, you first need its IP address. Once that's done, go into Command Prompt and type:

ping IP address

where ping is the IP of the target. So, if you pinged IP 127.0.0.1 (you should know what that is by now) you would type
this-

ping 127.0.0.1

and hit Enter. If you get text below that says "Request timed out", it means the computer is not connected or doesn't
exist, and thus is not hackable at this point (if it doesn't exist, you won't be able to hack it at all.) However, if you
get something that says "Reply from (IP here)" and some other data, you're in luck. That means the computer exists AND is
connected- you don't have to worry about all the other stuff that appears, as "Request timed out" and "Reply from" are
really the important parts of pinging.

However, you may not have any clue how to get anyone's IP address, and I won't leave you hanging. Read on.

Obtaining an IP Address

There are numerous ways to get somebody's IP address, and the easiest way is to just ask them while you're on a messenger
service or something. If you ask them to go to h++p://www.ipchicken.com and tell you "those big numbers in blue", it's likely
they'll oblige if they're computer-illiterate. If your target isn't that braindead but you still want to use this method,
then think up a creative story- make sure you throw in some computer terms that they don't know (hell, YOU don't have to
know what they mean, so long as you can lie about their meaning) and hopefully you'll be able to persuade them in the end.
This type of info-gathering, just asking somebody to do something for you, is called social engineering.

If that doesn't work or seems too risky, go on a messenger. While talking with somebody, say you have an awesome file you
want them to see and click the messenger's option to connect to share files. Once you are connecting or connected, go into
command prompt and type netstat -n and hit Enter. You'll see a list of protocols (it says proto), IP addresses, and
connection statuses. Do netstat -n before connecting, and then while connecting or connected. The second time, look for a
new IP address with a connection status that says ESTABLISHED- you now have your victim's IP.

Don't fear if you need the IP address of a website- it's real easy. Go into Command Prompt, and ping the site in the same
way you would a computer. So, if you wanted to get Google's IP, type into Command Prompt:

ping h++p://www.google.com

and you'll see reply from (IP address here) [h++p://www.google.com] and that is the IP. Another way to get an IP of a website:
the netstat -an command (NOT netstat -n.) Just open that page up in a browser and type into Command Prompt:

netstat -an

Look for a connection ESTABLISHED between you and another IP on port 80. If you see a line like this:

TCP 127.0.0.1: 80 ESTABLISHED

it means that you have established a connection with IP 127.0.0.1 on port 80.

And that's about it for getting IP's. You should now have enough methods to successfully get pretty much anyone's IP
address. Back to more pre-attack stuff: port scanning.

Port Scanning

If you read the last part of the tutorial, you'll undoubtedly have a good handle on ports and their functions. You may
not know which port does what, but that's okay, as you don't need to memorize many- only a few ports will be of real
importance to you. Anyway, once you have an IP address, ping it. If it is connected, then it is time to do a port scan.
Port scanning is simply scanning a computer to find out what ports are open on that machine- remember that, since a port
acts like a door, you can only come in through an open door (active, open port.)

You'll need to download a port scanner first. There are many out there, and they do essentially the same thing- for many,
it's a matter of personal preference. Sure, some port scanners won't work on some machines for whatever reason, but there
are more than enough port scanners for you to find and stick with a certain one that you like. Here is a list of a few
highly regarded port scanners. Just search on Google for 'em and you'll find them in no time.

Blue's Port Scanner
Scanline
XScan
NMap

Once you have your port scanner, it's very simple to find out what ports a specific computer has open. For the sake of
saving at least some space, I'm only going to use the port scanner that I have, and my favorite one- Blue's Port Scanner.
While the directions will sometimes be specific to the layout of Blue's Port Scanner, every port scanner asks you for
the same info. Blue's is also a good one for newbies- it doesn't bombard you with advanced terminology, is fast, accurate,
and ridiculously easy to use.

The first thing you'll want to figure out is whether you want to port scan a specific IP address or an IP range (see
Terms section.) In general, since you want to have one specific target, I'd recommend a single IP rather than a range-
although scanning an IP range can sometimes help to find a target- whatever you prefer. For an IP range, enter the
beginning of one set of IP addresses in one box and the end in another. To clarify, if you wanted to scan from computer
127.0.0.1 to 127.0.0.255, you would input this:

First Box- 127.0.0.1
Second Box- 127.0.0.255

Some port scanners may just allow you to enter 127.0.0.x, but I don't know.

To scan a specific IP, put it into the first AND second boxes- make sure the IP is exactly the same in both boxes, or
you'll scan a small IP range.

Either way, you'll get results like:

TCP: 127.0.0.1 [80- http]

or another similarly-syntaxed result. The 80, in this case, is the open port- HTTP is the protocol, which you should
know. Some commonly known port protocols and numbers are:

Port 21- FTP
Port 22- SSH (encrypted server)
Port 23- Telnet (we'll get to this in a bit)
Port 25- SMTP
Port 80- HTTP
Port 110- POP3

There are tens of thousands of ports with different functions, ranging from AIM to KaZaA to trojans, anything you can
think of. However, you'll generally be connecting to a commonly-known port.

If you have an IP address and an open port, it's time to attack.

The Fun Part- Attacking

Okay- you've finally made it, after reading through lots of my incoherent babble from which you've hopefully learned a
few things. Now, since hacking is a crime, it's imperative that you cover your tracks. One thing you'll hear about is a
proxy. This simply serves as a middle man in your connection with a target- so, rather than a direct connect with a target,
you connect through the proxy server to your destination. Visually, here's a respresentation:

Non-Proxy Connection

You ------> Target (Directly Connected)

Proxy Connection

You ------> Proxy Server ------> Target (Directly connected, but through a proxy)

Hopefully, this makes it a bit easier to understand what proxies are all about. Since many sites log IPs of visitors, a
proxy helps because IT does the actual connecting to the site, and thus your IP is covered. It's one of the most important
things you can do. Download MultiProxy (h++p://www.multiproxy.org) and you can also establish a proxy chain, which is just
multiple proxies linked together. To visualize a proxy chain:

You ------> Proxy 1 ------> Proxy 2 ------> Proxy 3 ------> Target

You can link as many proxies together as you want- the more proxies you have, the more protection and anonymity you are
afforded. However, note that there is no way to be fully anonymous- even the most careful hacker can still get caught.
Generally, if you take enough precautions, you should be okay, but never fall into the mental trap that you're safe- you
never are fully protected. That is a myth that I want to clear up for your sake. There are many other tutorials devoted
solely to anonymity, so I won't explain any more about it- read them, because the most important thing you can do is hide
yourself in every way imaginable.

With that said, let's hack...

Telnet Hacking

I've already explained Telnet in the Terms section, so you know (hopefully) what it is. All Telnet hacking can be done
directly from the Command Prompt, and it's really quite simple. Note that you should always take anonymity measures before
hacking- I won't explicitly state that, but you should do things like connecting to proxies before hacking in any way.
Back on the subject of Telnet, it's real easy to use, and since you have a few ports you can use with Telnet, it's an
excellent and versatile method of hacking.

Open up your Command Prompt and get ready. You must have the IP address of the victim as well as an open port. Just using
Telnet from the Command Prompt, you can only access 5 ports- 21(FTP), 23(Telnet), 25(SMTP), 80(HTTP), and 110(POP3). Just
so you know, POP3 is Post Office Protocol 3 and is a mail transfer protocol based on SMTP. The syntax to connect to
somebody's computer through Telnet is as follows:

telnet (IP here) [port]

Obviously, without the parentheses and brackets. So if you want to connect to IP 127.0.0.1 on port 25, then you would type
the following command:

telnet 127.0.0.1 25

And that's it. TELNET is the command that tells the machine to make a remote connection with another through the Telnet
utility, in this case to IP 127.0.0.1 on port 25, the SMTP port- through this port, you can send mail to people, but I
won't explain that here. Make sure that you enter the right port number, because as I stated above, only a few ports work
with Telnet. To get connected to a few more ports like port 22 (SSH) you need to download PuTTY- it's an excellent tool
that allows for connections to be made that are beyond Telnet's capabilities.

You'll get messages if you're connected, like asking you for a username/password, or if a server name is at the top of
your screen- just watch out you don't fall into a honeypot. You can tell sometimes by the server name (if it's unrealistic)
or the fact a certain computer seemed too easy to hack into. Sometimes, however, you'll get a blank screen. This means
that either the port is somehow dead or unusable, or the target computer has a firewall up, thus blocking incoming
connections. For right now, do not mess with firewalls- just keep trying until you can get a good target.

That's it for my fairly brief description of Telnet- the Telnet Hacking tutorial by Th3_R@v3n is an excellent resource
for more detailed information.

Trojans

I know trojanning is not hacking, and I detest the script kiddies who use trojans to "hack", but I figure since many
people, some of them undoubtedly script kiddies will be reading this, I decided to throw in this section to hopefully
quell the immense flood of questions about using trojans.

A trojan horse (trojan for short) is a program that is installed on another computer. It is open on a certain port, and
once the virus (the actual trojan) is executed, you may connect to it from any computer- generally, yours. You can do any
number of things with a trojan, ranging from deleting files to changing settings to deleting the Registry (NOT ADVISED) to,
well, anything you want to do- however, you will get no respect from real hackers through the use of trojans, because
they are so easy to use and require no knowledge of how computers work. Anyway, there are limitless trojans, but all work
the same way. You must know the IP of the target and the port the trojan runs on- it may have it already filled in, though.
If you don't know the port, check a port list- if you have Blue's Port Scanner, click the question mark and you'll see a
full port list. Search (could take a LONG time) for the port. All you have to do is fill in the IP in one field and the
port the trojan runs on in another and send it. First, make any modifications- add your email address in for notification,
and filter any actions/ create passwords, basically just make the server how you want it. Then send it to somebody-
remember that AV programs will always catch a trojan that you use, because the AV programs will have those trojans, which
are viruses, defined as a virus. This is another reason trojanning is discouraged- because of the fact that moronic script
kiddies use 'em, they almost always get caught- even if they eventually figure out the complicated workings of buttons
and info fields.

Anyway, there are a few ways to send them. You can send them through file sharing on a messenger, through a link in email,
whatever- if you can't figure those out, trojans may be too advanced for you- in other words, sell your damn computer.
You'll want to bind a file to the virus with a tool called a (very aptly named, I might add) binder. Just select the files
you want to bind, and do it. The file you bind to the executable trojan must also be an executable file type, of .exe.,
.scr (screensaver), or any other file that is executed.

And that's it for trojans- although I resent having to throw that section in, hopefully it'll save the stupid questions.

C++ Lesson 1

That's it for the hacking stuff, but learning a programming language is a big help to yourself, and will earn you respect
if you code tools that can be used easily and get results. Many people say that C++ is too hard to learn to be your first
language, but I'm proof that that's a myth. C++ was my first programming language, since HTML is not programming. Anyway,
C++ can be learned like any other language if you just get a solid grasp of the basics and build on everything you do. The
best thing you can do for yourself as a programmer is, quite simply, WRITE PROGRAMS. Not only does it hone your
programming skills and know-how, but it also improves upon your creativity, and creativity is really the key to
programming.

Anyway, this section can be found at the end of not only this tutorial, but ensuing tutorials as well, and it will give
you an understanding of C++. However, I'm not saying that these sections will replace a C++ book that's a jillion pages
long, because I can't cover everything- I can't be totally thorough without using up a jillion pages in the forum. So
here's your first little C++ lesson- there are exercises at the end that will test you on what you've learned- if you do
them and self-initiated programminng projects, you're doing yourself an immeasurable favor.

The first thing we're going to cover is basically stuff that you will need to put in all of your programs in order to
make them run. Here's the Hello, World! program, and I will dissect it afterwards.

#include <iostream>
using namespace std;

int main()
{
cout<<"Hello, world!";

return 0;
}

And that's it. The syntax may be a bit daunting, but program enough C++ and you'll get the hang of it. Anyway, let's
dissect the program. The #include statement defines header files (you'll learn about them later) for the program to use-
<iostream> is a header file that allows you to input and output data, using the cin and cout statements, respectively.
So put that in all your programs- we'll cover other header files, too. A namespace is basically something that defines
all statements that can be used- otherwise, the compiler'll have no idea what you're trying to do. For example, the code

#include <iostream>

int main()
{
cout<<"Hello, world!";

return 0;
}

Would create one massive screw-up of a debugging line. You may ask why- after all, the header file <iostream> is used
and the cout statement is the same. However, you'll probably notice the absence of the statement USING NAMESPACE STD,
and that's what creates errors- sure, you have the header file, but without the std namespace, the compiler won't know
what commands like cout are- so add the line, and make sure you put a semicolon at the end. This is an error of many
new programmers (even experienced ones.) Every time you want to terminate a statment (can be single-lined or a block of
code), you must use a semicolon (.

Variables

A variable, very simply put, is a bit of code that stores a value- it can be numbers, letters, sentences, or anything
else, depending on the type of variable:

int- integer number, used generally for smaller numbers. (1 byte)
short- a 2-byte number variable.
long- a 4-byte number variable that is used for large numbers.
float- refers to a floating point (decimal) variable.
double- used for larger decimals, this is an 8-byte variable.
char- used to store one character (letter).
string- a string is a string of words, like a sentence.

With those variables, you should learn calculations, which are performed with the numerical operators:

+ (addition)
- (subtraction)
* (multiplication)
/ (division)
% (modulus)

The modulus you may not know about- it is simply the remainder of a division problem. You do not need to divide and
then use a modulus operator- it will divide and output ONLY the remainder. Now we'll look at a program that declares two
variables and calculates the modulus of the two, to illustrate my point about what the modulus operator does:

#include <iostream>
using namespace std;

int main()
{
int x = 10;
int y = 3;

cout<<"The modulus of x and y is "
<<x % y
<<" . Does it make sense now?";

return 0;
}

This will produce the following statement:

The modulus of x and y is 1. Does it make sense now? Note how variables are declared- just put the vraible type, the
variable name (can be anything you want that begins with a letter and uses only letters, numbers, and/or underscores)
and then an equals sign and the value of the variable. Also note that you must place a semicolon after variable
declarations.

And that's it for the first part of the C++ tutorial, and the second part of the TNHG. I hope you learned a few things
here and there- this tutorial is way late so I had to put less in the C++ section than I had wanted to, but next time
we'll get into some exciting stuff- I promise!

Credits go to GTOzoom at c4z.

Edited by /kansas, 14 August 2006 - 09:18 PM.


#2 _WIZARD

_WIZARD
  • Members
  • 8 posts

Posted 01 July 2006 - 06:34 PM

Nice one Zeppellin, really helpfull advice.

#3 killerbunny

killerbunny
  • Members
  • 288 posts

Posted 01 July 2006 - 06:42 PM

MM, isn't this from a site? I beleive i've read it before.
If so, you can better link to the site because it will give better text make up, with large and bold text and such.
Posted Image Thank you Zarkan!
"The highest form of power is to control death"

#4 Nilkimas

Nilkimas
  • Staff
  • 808 posts

Posted 02 July 2006 - 04:39 AM

Nice Tut for the younger ones. It's a bit difficult to read it because of the formating.
|-------------------------| | _.-< nylki >//._.'\_____\STK/ |____________|

#5 Suddoo

Suddoo
  • Members
  • 609 posts

Posted 02 July 2006 - 09:33 AM

2 questions:

is there a mac alternative to multiproxy?

once connected via telnet, i cant seem to be able to bring up the command list: niether 'help' ot 'info' telnet seems to work. :(

Anyone help?

~/Sddo

:EDIT: 3rd question: what is the difference between netstat -n, and netstat -an? Also, cant just 'netstat' be used? Thanks!

Edited by Suddoo, 02 July 2006 - 09:35 AM.

Posted Image
31337

#6 kody quintana

kody quintana
  • Members
  • 308 posts

Posted 02 July 2006 - 09:39 AM

good tut but its for windows, because it keeps talking about MS-DOS or command prompt will the commands there work in terminal?

#7 Suddoo

Suddoo
  • Members
  • 609 posts

Posted 02 July 2006 - 10:53 AM

Yes, the majority of them will (all of them in the TUT above will ^^)
For the port scanner guys, remember that us mac users have 'Network Utility' that you can use, instead of downloading any other programs. :D
Posted Image
31337

#8 Sparky

Sparky

    Moderator

  • Members
  • 266 posts

Posted 02 July 2006 - 01:17 PM

For multiproxy on mac you can just use http://tor.eff.org/ which does basically that

Edited by Sparky, 02 July 2006 - 01:18 PM.

Posted Image

#9 kody quintana

kody quintana
  • Members
  • 308 posts

Posted 02 July 2006 - 01:47 PM

dont ppl have websites made so you are allowed to try and hack them for practice?

#10 Suddoo

Suddoo
  • Members
  • 609 posts

Posted 02 July 2006 - 03:38 PM

yes, google " Hacker Wargames" into google. But, to try to enter one, or to hack a box you must first be a competant hacker. For example you must be able to simply delete a picture on a desktop. Basicly, what I'm saying is that you must be ABLE TO ENTER your system in MORE than one way before you even try with another one!!!

~/Sddo


:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:
:_:_:_:_:_:_:........IS THERE A PART III????......:_:_:_:_:_:_:_:
:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:_:

Edited by Suddoo, 02 July 2006 - 03:45 PM.

Posted Image
31337




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users