How To Hack – 1.2 – Hacking
All right. So before we go into hacking, first we have to know what does hacking actually mean. What is hacker in general? Well, my favorite definition comes from Bruce Schneider’s book Secrets and Lies and he wrote, “A hacker is someone who thinks outside the box. It’s someone who discards conventional wisdom and does something else instead. It’s someone who looks at the edge and wonders what’s beyond. It’s someone who sees a set of rules and wonders what happens if you don’t follow them. A hacker is someone who experiments with the limitations of the systems for intellectual curiosity.” Now, you might not know but hacking doesn’t just apply to computer systems. It could apply to a really broad amount of topics and subjects but since in this hacker we are going looking at computer hacking also get a simple more targeted definition of hacking. A hacker is someone who likes to tinker with electronics or computer systems. Hackers like to explore and learn how computer systems work. Finding ways to make them do things better or do things that they were not intended to do. When someone developed Windows XP, it was made for that person that used it on his computer to be able to access. It wasn’t meant for someone remotely to access that person’s computer. That wasn’t intended to be done. Also, you can look at a toaster. If someone hacks the toaster to play music, it obviously wasn’t meant to do that but now that it does it, it was hacked to do this. So just a little definition of hacking. Now that we know what hacking is, let’s look at the types of hackers out there and the first pair we look at it white hat and black hat hackers. Now just kind of simply put white hats are the good guys. Black hats are the bad hackers and this comes back from those western movies where the good guys were the white hats and the bad guys were black hats. The white hats are usually the people that work for security companies. They could be ethical hackers who are hired by companies to hack those systems to find ways in that the company didn’t know existed and then show them how to fix that hole and they found it in the first place. They could be security researchers. They could be just working for computer companies like antivirus companies and there is a large amount of job titles out there for white hat hackers. Now the black hats are usually the criminals or usually the people that are out there to get money illegally via hacking, maybe hacking a bank or they maybe do spam or they send out a large amount of spam with attached Trojans and then they take control of people’s computers and look for credit cards or things like that. So they are the bad guys and usually these are the guys who are part of organized crime, mafias, all these things you hear about in news or they could be your normal 13 year old boy who is out there hacking people’s computers illegally and just messing with their things, accessing information that is confidential and then lastly there is the grey hat hackers and these guys are in between. They are not exactly bad but they are not completely ethical. They are not good because they don’t follow the rules exactly and just giving the example a grey hat hacker could be someone that gets into a company servers just an act of getting someone’s servers without their permission or without the knowing about it is illegal. So that part is illegal on their side but they don’t get into servers to do any harm. They don’t get into those servers to [inaudible 00:03:39] the website or steal information or take the servers down. No, they can get into the servers just to prove a point and maybe they will send them email or call up let them know that I was able to get into server. This is how I did it. This is how you should fix it and that’s how grey hat hackers usually are. They like to experiment, maybe do some edgy, borderline legal, illegal things but they are not out there to cause harm. So those are the two types of hackers. The white hats, good guys, black hats, bad guys, and grey hats, the guys in between. All right, now let’s look at the hacker hierarchy. Now, a lot of people might have a different definition of the hacker hierarchy but it’s pretty much … They are very similar once you hear all of them. So first of all on the hacker hierarchy, the very bottom, we will go from the bottom to the top. First off the bottom is the script kiddies. Now, this is where usually people start off when they get into hacking. This might be where you are right now. Don’t let it discourage you because the goal is to get out of the script kiddy rank and a quick definition of a script kiddy is someone that doesn’t really understand what hacking. All he understands what hacking don’t get into people’s computers but he doesn’t understand what he is doing. He is out there taking people’s program that they created and he just runs them against people’s computers and if it hacks, it’s cool. If it doesn’t, he goes finds another program. So basically script kiddy is someone that has really no knowledge at all of what’s happening on these programs run or why out technology works, how does it work, why is he able to get into this computer by running this program. He or she doesn’t really understand any of that. He doesn’t have any skill. All he or she knows is how to take a program and run it and if it works, if it doesn’t, he doesn’t know what to do from there. He goes find another program. So script kiddies are the very lowest. They have absolutely no skill, usually just click and go kind of point and click programs. Now, this is where most people usually start but don’t get the [inaudible 00:05:43] as I said before because people look down upon script kiddies because they are usually the ones that get into that position. They stay there. They don’t want to learn more. All they want is get into someone’s computer or hack some email and they don’t care how it is done. They want something or someone to do for them. So the goal is to learn and work your way up. Next we have is the intermediate hackers. Now, these are the people… They know about computers, they know how it works, they know networks, how network works. Maybe they have some sort of programming knowledge and understand that relatively what a script might do. But they still use premade programs and exploits and if you don’t know what exploits is, it’s a piece of code that takes advantage of a bug and a piece of software, computer and they allow that person that runs it, take control of that computer system and we will be getting into these definitions later on in the hacker institute. So they can’t really develop their own exploit. They can’t really find these bugs and they don’t know how to find them, what they look like, they might have an idea what they look like but they don’t have enough knowledge to hack there and find them and make them working exploits for them and they can’t really make their own programs, hacker’s programs. They still use other people’s programs that already made them, these premade programs. So intermediate hackers, they are much more expert because they have real knowledge, they aren’t just at that level where they can create their own programs and their own exploits. Lastly, at the very highest of the hacker hierarchy, we have the elite hackers and these are the most skilled hackers. They know how to write their own tools. They know how to find bugs and codes in programs, in software, in computer systems and they know how to make exploits for them to attack these bugs. These people they know how to hide their tracks when they get into computer system so that no one ever know they were there in the first place. They can even make it look as if someone else did that hack and it’s pretty scary if the bad guys are elite hackers because they could be in and out. No one ever knew they were there, and now they have a lot of money. But most of the time, security researchers usually are at the skill level because to be able to find and research for vulnerabilities, also known as bugs and create exploits for these bugs and make your own tools. You have to be very good in understanding hacker. Now in the hacker institute, I will be able to easily get you up to the intermediate level. Now, I am not saying you can’t get to the elite hackers stance kind of level here at the hacker institute. You can. You definitely can. I will give you that information at resources to get there but it’s really up to you. It’s how much time you are going to dedicate to becoming a hacker. It’s how much time you are okay to learning and in the end, it’s up to you. I can’t force you to learn, I can’t force you to go out there and do things, learn things, apply what you learnt. It’s up to you. So I can get you to the intermediate stage very easily just by following along what I show you but to be an elite hacker, it’s up to you. You have to go out there to practice, running programming which try out. It’s up to you and so if you want to get to that point, then you sure as hell can. Next up we have, what does to become a great hacker an elite. I kind of ran over this just in the last part about being an elite hacker but you have to understand becoming a really great hacker isn’t an overnight thing. It takes time, you have to really understand that. You have to understand that there is no secret out there. There is no little secret if you know this one thing, you will know how to hack everything. You have to understand that hacking is a huge topic and that’s discouraging because you have to know everything to be a hacker and in the end, once you have learned the main topics, little bit of all the main topics, in the end you have to choose, what interests you the most, network hacking. Choose one topic and really get into it and master it and that will make you a great hacker, like I said, it takes time. You have to dedicate time to it. You have to be consistent. Don’t pick up hacking right now and in a week, drop it off for a month and try to come back because you will lose information. You will have to start go back and re-track, back track and learn the things you have learned before. You have to be dedicated and stay consistent. Keep learning. Maybe an hour, maybe two days. A certain amount of time where you can sit down, gobble information, try it out, keep learning, apply it, listen and apply and the formula that I came up, not a formula but just a little phrase is read, apply and share. This I believe is really the way to success becoming a great hacker. We have to read a lot. You can’t learn things about reading. But that’s not enough because if you read a lot of things, you will know all the theory and the steps to how things work but you won’t really know how to do them until you actually go out there and apply them. That’s where you will really learn. You will go out there and actually try those techniques. Sit down on your computer and try that, do that I gave you. Set a computer and program that thing. Do what you learn. Don’t just read but once you read something, stop. Don’t go on until you really know how it’s done by doing it yourself and last up, we have, share, read, apply and finally share. When I say share, I mean, share as in go out there and try to teach others, what did you just learn? Can you go out there and explain it to someone in a very beginner like language so that they can understand it too because if you can, that means you really do understand it and you can do this in a couple of ways. You can start your own blog. Learn something, apply it and then write a blog post about what the technology is, what that hack is, how it works, and then show them your example. Show them the steps you took, why things work, why things didn’t work and once you go out there and put this out pen or paper, or type it out and go through the process, this really assures you that you really know what you learned and when you go out there and go over it and put it down on something else like blog post or pen and paper, then it’s that better because you are repeating what you have already learned and it kind of sticks into your mind and you really do learn it. Just as I have to be a blogger, you can start your own podcast, you can talk about what you learned or you can go out there on forums and just write a little tutorial and post it on forums for others to read about and hopefully you will do that here at the hacker institute once the form is up if it already isn’t. So once again read as much as you can, apply what you learned and I provide you with lots of labs here at the hacker institute so you can actually go ahead and do that and then lastly share. Share what you have learned, write a blog post, write a tutorial, post on a forum, post on our forums to help other people understand what you learned and maybe show some struggles you went through before you finally realized it and what helped you finally make that light bulb go off, make you finally understand what you learned. So once again, read apply and share. Finally, let’s look at what you can do with hacking. So you learned how to hack here. But okay, what’s the point of it? What can you do with it? All right, first off, my favorite one is a hobby for fun. You do it because you enjoy because it’s fun at least I do. I love hacking. It’s really a hobby of mine. I do it for fun. I enjoy sitting down and looking at scripts finding place, finding ways to hack things and get into a system. I just find it fun and next we have you can stay secure. It helps you open up your mind to hacking security. It allows you to stay safe online. Now that’s a really big thing out there protecting yourself online because you hear it everyday people get hacked, people get their bank accounts, personal information stolen, money stolen. So it’s up to you to stay aware of security and allows you to stay on top and keeps your information secure. Next, we have, it can be a career. You can actually make money with hacking. Now, there is a lot of job titles out there. It can be an ethical hacker or someone who goes out there and is hired by companies to hack their systems legally and find ways in so that you could show them how you got in and show them how to fix their hole so that when a real bad hacker comes along, a black hat hacker comes along, then they will be secure. Next up we have a computer system security analyst, a computer network defense support, IT admin security researcher. Now a lot of these job titles computer systems, security analyst, these job titles have lots of different names but they are really the same job. So you might go on, let’s see monster.com to find the job and a lot of these same jobs have a lot of different names. So you have to understand. It’s usually the same thing. You are out there to keep your system secure, defense from hackers or go out there and hack systems legally to find the ways in so you can secure them for other companies that don’t have that sort of knowledge. If you don’t have that , you might be thinking, I don’t have a degree. I am already passed college, I can’t afford college or maybe I already got a degree something else and I enjoy security so much I be rather doing security. Then you are still fun because there are many types of certifications you can still get ethical hacker certification, CSAP, there is a lot of different securities certifications you can get there. I will go over them and later on in the hacker institute. But even that doesn’t do. It just helps people share that you have some sort of knowledge. Now, if you want to get a job with a real security researching company or maybe an ethical penetration testing which is also what ethical hacker is. Penetration tester which is the guys who go out there and hack systems legally to find ways in which is necessarily an ethical hacker is but it’s kind of goes one on one but if you get hired as a penetration tester or a researcher, then the good thing for you is these real security companies, not the companies like normal companies, corporations out there that just have a certain branch of computer specialist who take care of the network, those guys usually do have a degrees. But I am actually talking about actual knowledgeable security researchers and penetration testers. These people don’t care much for a degree because they will hire someone with real practical knowledge over someone with a degree college any day because you have to realize that when people come out of college, they don’t only have that much practical knowledge. It’s usually just theory they learn in college and wants to get out of college. That’s when they start learning how to really hack and when you really get into the more practical things that you do on day’s job. If you have the skill, if you can show the employer that you have real skill, they will hire you anyway over someone with a degree. So that’s it for this audio. Hope you enjoyed it. If you have any questions comments, go ahead and come here and inform. Let us know what you think.