Aller au contenu

Hacking / piratage

Happy_Elfster
 Partager

Déchet(s) recommandé(s)

FosseAsceptique

FosseAsceptique

  1. Un hacker sait que ce qu'il fait est illégal
  2. Un hacker n'irait pas s'exposer publiquement sur un forum tel que celui-ci, sachant qu'il est facile de découvrir son identité
  3. Un hacker est habituellement très autonome dans son apprentissage (cherche pis lis criss)
  4. Un hacker ne parlerait pas de ses "exploits" publiquement au risque de se faire identifier
  5. Un hacker n'irait pas demander conseil sur des choses aussi banales
  6. Un hacker sait programmer
  7. Un hacker connaît LA MACHINE et sait jouer avec de la manière dont il l'entend pour parvenir à ses buts
  8. etc.
  9. etc.
  10. etc.
  11. etc.

De toute évidence, tu es à la mauvaise place, t'as aucune idée de quoi tu parles, t'as aucune des compétences ou qualités requises.

Trouve-toi un autre passe-temps, genre collectionner des timbres.

  • J'aime! 1
  • HAHAHA! 1
Lien vers le commentaire
Partager sur d’autres sites
Gamin

Gamin

Citation

By learning ethical hacking on our free online hacking course and joining HackerOne, you can hack on some of the most challenging and rewarding bounties.

https://www.hackerone.com/start-hacking

Citation

Hacker101 is a collection of videos that will teach you everything you need to operate as a bug bounty hunter. The material is available for free from HackerOne. Taught by HackerOne’s Cody Brocious. Cody is a security researcher and educator with over 15 years of experience. While best known for his work finding several vulnerabilities in locks used by the majority of U.S. hotels, Cody has worked on security for countless companies and products and has directed that expertise into Hacker101. Get started learning with hacker101 and let us know your progress #hacker101.

https://www.hacker101.com/

De Reddit:

My guide to what you need to become a "hacker"

Révélation

First things first, dispose of any conception you have of what a hacker is. At its most fundamental level I think a hacker can be defined as: Someone who accomplishes a task in an unexpected manner. This is the definition I will be sticking to here.

You might be asking yourself, why should I trust you? Who am I? What have I done? All great questions. Well I'm not some elite pentester, or got a lot of vulns under my belt. But I do have a decent grasp on the basics to be sure.

Ok everyone gone? Cool, the basics are what allows you to succeed. The difference between a "script kiddie" and a "hacker" is understanding what they are doing, why, and how it works.

A lot of people seem so interested in the what, or the how, but not as much the why. That's because the why is often the part that makes you learn everything from C to python, from linux to Windows, from udp to tcp/ip. But I will tell you this. If have an appetite for knowledge and are ready to jump in then follow me down this rabbit hole.

To get started my suggestion is to learn how to use Windows better. Specifically learn the command prompt, PowerShell, registry editor, group policy editor, and if you can, the api calls for windows itself. why windows first? because most of you are probably most familiar with it.

next you will want to study mac and see how it works, get a hang of the terminal. then move onto linux, learn the tools and its pros and cons, find out why rm -rf / is a bad idea. install and uninstall programs, break linux and fix it. absorb all tje knowledge you can, and stay away from kali, your not going to need it.

now that you know windows, macos, and linux we can move on to programming. here you want to learn a few languages. i suggest one scripting language, a database language, and a compiled language to start. some scripting languages are: python and perl. as for database, i highly suggest SQL and for the compiling language i wholeheartedly prefer C. No i dont mean C++ I mean C. The reason being that C has far less overhead thus making it easier to decode your code when it comes to disassembly and reverse engineering.

Once you have a decent grasp on that, dive head first into the wonderful world of networking. learn the most common ports, learn the protocols, and find how to make your own computer and network secure. if you want to get into security, we must first know what a well secured network looks like, only then might we be able to spot what a vulnerable one looks like. more importantly, then we can understand why it is vulnerable.

so far thats a lot of stuff to learn right? yeah it is. this isnt something you can pick up in a day, a week, or months. its a process. does that sound like too much work?

if it does, and you are looking for a shortcut and dont want to go through all that, then go take your udemy courses, go read your book on just pentesting, good luck to you. but you wont ever be able to get a job like that sorry. if you decide to follow this advice than you have the respect of every computer security expert out there i know, because you are finally on the right track.

now for some more interesting stuff i suggest looking into assembly for x86 and 64bit architecture. to make it more interesting, set up a honeypot with your new skills and RE some malware. that will teach you assembly. learn how computers really work on the machine code level. this is the skill you need for developing your own payloads and exploits.

then move on to kali finally. learn how buffer overflows can be exploited, how do structured exception handling exploits work? can you make your program crash and display deadbeef? Great, your almost there. start reading more vulnerabilities, not just for info on how to exploit it, but how and why they work.

Eat, sleep, and breath all of what you have learned and never stop consuming information. find a preference for vim or emacs (required) and learn mfsvenom, learn apache, iis, and any other servers you can. have fun with nmap and dont be stupid. Master metasploit and go crack some boxes on ctf sites.

continue to always look for more books to read, more videos to watch, more bugs to exploit, and new tools to use. but never forget why you are doing something.

if youve gotten to this point you have gotten farther than probably 99.99% of all people who ever venture out to learn hacking. now is when you can begin to consider yourself not just another noob fumbling in the darkness.

from this point onwards, your education isnt so rigid, you can choose a specialty, learn more, and never stop doing so. And always remember, everything can be hacked, so good luck.

i hope you enjoyed this admitedly ranting and probably full of typos post. I hope it helps set some of you on the right path. as for resources to use? well i always prefer books, especially the longer ones that explain more.

specific books? sorry but i dont got a ton of reccomendations, i will tell you that you dont always want to rely on one source for anything.

Thanks again and good luck.

edit: will add resources when i have time in a few hours. sorry i wrote this on the way to work

The Essential Skills to Becoming a great Hacker

Révélation

This is my overview list of required skills to enter the pantheon of this elite IT profession. I've broken the skills into three categories to help you go from one rung to the other more easily—fundamental, intermediate, and intangible skills.

The Fundamental Skills

These are the basics that every hacker should know before even trying to hack. Once you have a good grasp on everything in this section, you can move into the intermediary level.

1 Basic Computer Skills

It probably goes without saying that to become a hacker you need some basic computer skills. These skills go beyond the ability to create a Word document or cruise the Internet. You need to be able to use the command line in Windows, edit the registry, and set up your networking parameters.

Many of these basic skills can be acquired in a basic computer skills course like A+.

2 Networking Skills

You need to understand the basics of networking, such as the following.

DHCP

NAT

Subnetting

IPv4

IPv6

Public v Private IP

DNS

Routers and switches

VLANs

OSI model

MAC addressing

ARP

3 Linux Skills

It is extremely critical to develop Linux skills to become a hacker. Nearly all the tools we use as a hacker are developed for Linux and Linux gives us capabilities that we don't have using Windows.

4 Wireshark or Tcpdump

Wireshark is the most widely used sniffer/protocol analyzer, while tcpdump is a command line sniffer/protocol analyzer. Both can be extraordinarily useful in analyzing TCP/IP traffic and attacks.

5 Virtualization

You need to become proficient in using one of the virtualization software packages such as VirtualBox or VMWare Workstation. Ideally, you need a safe environment to practice your hacks before you take them out in real world. A virtual environment provides you a safe environment to test and refine your hacks before going live with them.

6 Security Concepts & Technologies

A good hacker understands security concepts and technologies. The only way to overcome the roadblocks established by the security admins is to be familiar with them. The hacker must understand such things as PKI (public key infrastructure), SSL (secure sockets layer), IDS (intrusion detection system), firewalls, etc.

The beginner hacker can acquire many of these skills in a basic security course such as Security+.

7 Wireless Technologies

In order to be able to hack wireless, you must first understand how it works. Things like the encryption algorithms (WEP, WPA, WPA2), the four-way handshake, and WPS. In addition, understanding such as things as the protocol for connection and authentication and the legal constraints on wireless technologies.

The Intermediate Skills

This is where things get interesting, and where you really start to get a feel for your capabilities as a hacker. Knowing all of these will allow you to advance to more intuitive hacks where you are calling all the shots—not some other hacker.

8 Scripting

Without scripting skills, the hacker will be relegated to using other hackers' tools. This limits your effectiveness. Every day a new tool is in existence loses effectiveness as security admins come up with defenses.

To develop your own unique tools, you will need to become proficient at least in one of the scripting languages including the BASH shell. These should include one of Perl, Python, or Ruby.

9 Database Skills

If you want to be able to proficiently hack databases, you will need to understand databases and how they work. This includes the SQL language. I would also recommend the mastery of one of the major DBMS's such SQL Server, Oracle, or MySQL.

10 Web Applications

Web applications are probably the most fertile ground for hackers in recent years. The more you understand about how web applications work and the databases behind them, the more successful you will be. In addition, you will likely need to build your own website for phishing and other nefarious purposes.

11 Forensics

To become good hacker, you must not be caught! You can't become a pro hacker sitting in a prison cell for 5 years. The more you know about digital forensics, the better you can become at avoiding and evading detection.

12 Advanced TCP/IP

The beginner hacker must understand TCP/IP basics, but to rise to the intermediate level, you must understand in intimate details the TCP/IP protocol stack and fields. These include how each of the fields (flags, window, df, tos, seq, ack, etc.) in both the TCP and IP packet can be manipulated and used against the victim system to enable MitM attacks, among other things.

13 Cryptography

Although one doesn't need to be a cryptographer to be a good hacker, the more you understand the strengths and weaknesses of each cryptographic algorithm, the better the chances of defeating it. In addition, cryptography can used by the hacker to hide their activities and evade detection.

14 Reverse Engineering

Reverse engineering enables you to open a piece of malware and re-build it with additional features and capabilities. Just like in software engineering, no one builds a new application from scratch. Nearly every new exploit or malware uses components from other existing malware.

In addition, reverse engineering enables the hacker to take an existing exploit and change its signature so that it can fly past IDS and AV detection.

The intangible skills

15 Think Creatively

There is ALWAYS a way to hack a system and many ways to accomplish it. A good hacker can think creatively of multiple approaches to the same hack.

16 Problem-Solving Skills

A hacker is always coming up against seemingly unsolvable problems. This requires that the hacker be accustomed to thinking analytically and solving problems. This often demands that the hacker diagnose accurately what is wrong and then break the problem down into separate components. This is one of those abilities that comes with many hours of practice.

Problem Solving Is an Essential Hacker Skill

17 Persistence

A hacker must be persistent. If you fail at first, try again. If that fails, come up with a new approach and try again. It is only with a persistence that you will be able to hack the most secured systems.

So...You Want to Be a Hacker eh?

I really hope this gives you some guidelines as to what one needs to study and master to ascend to the intermediate level of hacking.

I might have missed some key points though.

Sinon demander à @Dantes

Lien vers le commentaire
Partager sur d’autres sites
RBC

RBC

Myrmidons insalubres des noirceurs les plus pures de l'empire obscur. Un ventre gorgé de désir pour annihiler son prochain cybernétiquement. Je suggère le social engineering avant d'agir en script kiddie tel un mafia boy. Inspirez-vous tant que vous voudrez de Mr Robot et autres Hackerz de Ian Softley. Force est d'admettre tout commença avec Kevin Mitnick et le phracking dans les années 80. La littérature sur des cas d'anthologie comme Kevin Poulsen ou Adrian Lamo devrait vous être assez utiles pour comprendre les bases ainsi que les intentions. Devrais-je avoir à mentionner le hacker manifesto rédigé en 1986 ? Voulez-vous jaser du Chaos Computer Club ? Avez-vous déjà téléchargé Tor pour masquer votre présence sur le darkweb ? Avez-vous tissé sur Silk Road ? 

  • J'aime! 2
  • Malaise. 1
Lien vers le commentaire
Partager sur d’autres sites
Gamin

Gamin

Il y a 21 heures, Chicken of the infinite a dit :

Câlisse @Gamin, arrête de l'encourager en lui donnant des points.

Je lui ai donner un point parce qu'il a raison. (Et aussi parce qu'il m'amuse, lui)

Le social engineering est beaucoup plus important en hacking que de savoir écrire des scripts. Il a raison aussi de dire que le hacking n'est pas juste là pour faire des attaques cybernétiques tel qu'on le voit dans des oeuvres de fictions comme Hackerz et Mr.Robot, que la réalité est que ça commence avec Kevin Mitnick et le phreaking... t'sais quoi, je vais pas te faire une traduction.

Est-ce que ça serait cool si RBC se forçait à réellement vouloir partager son savoir plutôt que de juste essayer d'avoir l'air cool? Oui. Mais c'est pas parce qu'il utilise des mots qui vont pas nécessairement aux bonnes places que forcement ça annule tout ce qu'il a à dire. 

En plus, on va être franc, y'a juste trois messages pertinents dans ce sujet là et, que t'aime ça ou non, RBC en fait partit.

  • J'aime! 2
Lien vers le commentaire
Partager sur d’autres sites

Veuillez vous connecter pour commenter

Vous pourrez laisser un commentaire après vous êtes connecté.



Je veux revenir!
 Partager
Aller sur la liste des sujets
×
×
  • Créer...