Hack Me Once, Shame On You. Hack Me Twice, Shame On Me.

We hear the word ‘hacking’ all the time. Most people think that hacking is something smart, cool and wrong. But what exactly is hacking? Is it just smart coders breaking into websites? The hacking culture is great and it inspires creativity, but why limit it to just a few people? People actually do it everyday in different ways and different capacities. It is in our inherent nature to get around the rules if we don’t get something we want. There’s a hacker in every one of us, we just don’t know it yet.  

Why hacking?

Hacking refers to the process of finding out weaknesses in a system and taking advantage of it. The system can be a website, a software or any machine for that matter. People can take advantage of this in a good way or a bad way, thus giving rise to white-hat hackers and black-hat hackers. The first question that comes to mind is: Why does hacking exist? Why don’t they make the systems robust? Well, hacking exists because of lazy programmers. The people who create websites, softwares, gadgets etc become lazy sometimes and not think about all the loopholes in their system.

Enough with the history. How do I hack?

Alrighty! So once you have decided to hack into something, here’s what you need:

  • Know thy enemy. To gain access into a system, you first need to know what the system is. Determine what operating system they are using and what they are using for security. When you are on a network, you can use NMap to get the general details. Find an open port in their system through which you can get in.
  • You need to learn programming languages suitable to the requirements. Python for scripting and automation, Java and C for Android, PHP for web applications, Shell scripting to manipulate the servers and so on.
  • Linux or Unix terminal for commands. It’s more flexible, reliable and secure.
  • Get root privileges (it will give you full control of the system). It’s not very straightforward, but doable. I have discussed the drawbacks of SSL encryption in this post.
  • Now you need to put in your code into the system so that it can do things for you. One way to do it is by causing a memory dump in the system and injecting your code. This way the target will not know that something extra got injected. It’s not as easy as it sounds and you’ll have to be sneaky.
  • Once it’s done, create a backdoor for yourself so that the next time you come back, you don’t need to do this all over again.
  • Lastly, and most importantly, cover your tracks. You cannot let the system find out that there was an intrusion.

The most common form of hacking people are aware of is password-cracking. Unless you have some knowledge about the password’s background, brute-force is the way to go. Using brute-force on a password is the process of trying every possible password with the help of a software. I have discussed more about password-cracking in this blog post. I just want to point out that there are often much easier ways to hack into a system than password-cracking.

I read this post and I don’t see it. Where’s the hacker in me?

I’m sure most of the people have encountered cracked software in their lives more than once. You just use a piece of code written by someone else to hack into the software. Some of you would have fiddled with your TV cable reception to get those few extra channels without actually paying for them. Many a time, gamers have to use patches to get things working on their computers. There are many other examples where people try to get around the system in their day-to-day lives by doing something which is not allowed. There’s a hacker in every one of us, it all depends on how far we wanna go with it.

————————————————————————————————-

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s