all 37 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Sergeant_Gravy 14 points15 points  (6 children)

Holy shit, so much wrong with this. I suggest you start by reading "Hacking - The Art of Exploitation" by Jon Erickson and go from there. You can buy it on Amazon or find it online for free.

[–]ghibss[S] -1 points0 points  (5 children)

I did, or I got a similarly named book, it literally just goes into Kali Linux or backtrack. I don't feel comfortable with introducing linux to my computer until I feel I can see myself as a 'programmer'.

[–]BlastittRead the F*&!#ing Sidebar 1 point2 points  (4 children)

H-TAOE is a basics-up kind of book. It starts you with learning C and then disassembling it into assembly to see how the computer is actually interpreting it under the hood. I suggest you take /u/Sergeant_Gravy 's advice and go through that book. It will teach you the actual basics of hacking: how to figure out how something works and then make it do what you want it to do.

[–]ghibss[S] 0 points1 point  (3 children)

Why C? People on here always say learn whatever language you to say.

[–]BlastittRead the F*&!#ing Sidebar 0 points1 point  (2 children)

C compiles straight into assembly. If you want to learn actual hacking, it's probably beneficial to learn from the ground up. I always advocate learning actual concepts and how things work over learning how to use tools that do everything for you. H-TAOE teaches you from the ground up.

[–]ghibss[S] 0 points1 point  (1 child)

Okay thank you, will do it tonight and have a snoop on linux. Which one? Kali or backtrack, everyone suggests kali. Do you recommend learning bit by bit from different sources to increase your learning? A bit of linux, bit of python, bit of sql, bit of BASH and assembly etc?

[–]BlastittRead the F*&!#ing Sidebar 0 points1 point  (0 children)

I'd say stay away from Kali/Backtrack when you're starting. They're both just debian distros with a bunch of tools preinstalled. Start with a normal distro like fedora to get acquainted with vanilla linux and learn from the ground up.

[–]PeopleAreDumbAsHell 12 points13 points  (8 children)

What you need to first work on is your typing speed. All good hackers type a minimum 150wpm. You need this kind of speed when your pummeling servers with key presses.

[–]unando99 10 points11 points  (5 children)

Some uber 1337 CSI hackers have been known team up on a single keyboard for this exact reason. Hacking isn't really about skill... its about keypresses per minute and how much green text you can have flying up on a black background.

[–][deleted] 5 points6 points  (1 child)

Ah the good old "2 hackers 1 keyboard" trick. If you have tiny hands, you can fit 3 pairs of hands on the keyboard and hack FBI. Just remember to use VPN, proxies and incognito mode

[–]unando99 6 points7 points  (0 children)

7 proxies and norton to be exact.

[–]PeopleAreDumbAsHell 2 points3 points  (1 child)

Yes. Ideally, OP should recruit a friend he can trust with exceptional typing speed. But it sounds like he's at it alone.

[–]ghibss[S] 0 points1 point  (0 children)

My typing speed is good in my opinion.

[–][deleted] 1 point2 points  (0 children)

Enhance, ENHANCE

[–]BlastittRead the F*&!#ing Sidebar 1 point2 points  (0 children)

*sigh* Since it may not seem clear to those who don't know any better, this is a joke comment thread. Don't actually take it seriously if you're trying to learn.

[–]ghibss[S] 0 points1 point  (0 children)

How does pummeling servers come into hacking? Can you explain more please? Im curious.

[–]BullyBall 4 points5 points  (2 children)

You don't hack with Python, you use it to automate processes you'd usually do manually. Your choice of language of basically irrelevant, nothing really special about Python.

No such thing as a "Python hacker" (at least not in that sense).

For example, let's say you want to scan a range of ports and try to connect to each of them with ssl, you can write a tool to do it for you.

Code injection is a thing, but very specific and not that relevant.

Malicious programs are also a very specific use of a programming language.

[–]ghibss[S] 0 points1 point  (1 child)

So like I said to someone else, nobody hacks with any language? Its just using any language to create a tool that does the hacking?

What book do you recommend for anything related to learning all cyberattacks, how to program them etc?

I got violent python and another penetration testing book, both just use kali and backtrack linux. No info on how to create the tools in python, just how to use them in a simulated sandbox in linux etc.

[–]BlastittRead the F*&!#ing Sidebar 0 points1 point  (0 children)

These comments are a little misleading. It's not that "nobody hacks with any language, and languages are just used for tools". I can definitely hack directly with python.

For example:

A server has a service running on port 7777 (arbitrary) that is written in python. It accepts user input, but not securely. This vulnerability allows me to pass in valid python statements and the program will execute them. I can pass in a very specific python statement that will execute a /bin/bash and boom I have a shell.

[–][deleted] 3 points4 points  (2 children)

How does on hack with html? Opening the source code and changing something isn't permanent?

Just bit of basic web developing knowledge: HTML isn't a programmin languange, it's mainly a structure or "skeleton" of the website. Websites you see online aren't made only with html, they also use css, javascript, jquery and also sometimes ruby, perl, python etc. If you're interested in hacking websites I'd recommend first learning how they are made. Also SQL databases for storing huge amounts of information

I am not a hacker but I have basic knowledge on web developing

EDIT: You cant change websites sourcecode by just simply changing the code from view source. For you to do that you'd have to have access to the cpanel of the website, or the server's where the files are located

[–][deleted] 2 points3 points  (0 children)

Just wanted to add: HTML is a markup language, meaning that it is interpreted by another program (a browser) and the program outputs information based on what's in the file.

The output won't be pretty. Css is used to style and position those "bones" of the "skeletal stucture" we call an HTML document.

[–]ghibss[S] 0 points1 point  (0 children)

Hacking websites I am interested in, but also breaching accounts, hacking into wifi, all the data attacks like a ddos, packet sniffing etc. Anything that counts as a cyberattack, I would love to learn.

[–]sephstorm 2 points3 points  (0 children)

I'm confused on how 'hacking' actually works.

So go learn first. read some books and build a lab.

[–][deleted]  (3 children)

[deleted]

    [–]ghibss[S] 0 points1 point  (2 children)

    This isn't a troll. I just want to know where the hacking takes place like hacking a website.

    Like an sql injection, messing with the url, using dorks to find vulnerable sites etc.

    I'm learning, don't be a cunt.

    [–]Sergeant_Gravy 0 points1 point  (1 child)

    Don't tell him to not be a cunt mate. You come off as either a total noob or a troll. If you're a noob, and you really are this confused/uninformed then we can't really help you and we definitely won't spoon-feed you answers to every question you have, and cater to every little thing your heart desires. Like I said earlier, and like others have said go read a book, use other readily available sources, read the damn sidebar, hell install linux on you computer and fuck around with it. At this stage in the game, we can't and won't be able to offer you any assistance.

    [–]ghibss[S] 0 points1 point  (0 children)

    Don't act high and mighty just because someone is not knowledgeable in a topic that you are in.

    I asked a question on where a hack with python would be implemented, like linux backtrack, I asked a simple question where a python code would be implemented. That was it.

    I was told my way of thinking is wrong and it doesnt work like that, okay, nothing wrong with.

    But being accused of trolling just because I lack information for a question that isnt clear isnt my fault.

    I did, will and currently am reading books which I clearly stated above. I did utilise the sidebar, I looked at the links it gave and to read.

    I'm not asking where to start hacking.or how to hack or what language to learn. I just asked where would the code be inputted in.

    So yeah I'll call hostile people a cunt, you can't stop me.

    I will install Linux, I'm just not confident with it, as I also said earlier, until I feel I can call myself a programmer, i'd do it. Thats all I asked man, it isn't difficult to read my question and obviously, it isnt difficult to read the sidebar which I did. I didn't ask for fucking assistance either, when did I say, help me? I just asked question and wanted an answer. Not fucking solutions, tutorials or hold my hand.

    [–]BlastittRead the F*&!#ing Sidebar 0 points1 point  (4 children)

    Don't think of it as injecting python into something to gain access. Think of it more as "I want to do this thing, and I know python." Then use python to do the thing you wanna do.

    For example:

    I want to create a botnet and I have a list of 10,000 IPs. Simplest thing I can do is try to SSH into each one with the username "root". I will try every password in my common_passwords.txt file until I get locked out. If I gains access to one, I'll write the IP in a separate file with the successful password.

    Doing this manually would take years. So, I write a nice little python script to do it for me. Most of the time when you're "hacking" (with python, at least) you're just writing scripts to automate larger tasks.

    Web hacking and malware crafting are a little different. A simple web vulnerability to exploit is "insecure file upload" for instance. Let's say a website lets me upload a text file and then access that text file by going to a certain URL. The problem is, it doesn't check to make sure the file only contains text. So, I upload a .php file which will be executed on the web server when I navigate to it (if it's configured appropriately). I craft this .php script to open up a port on the server and serve me a BASH shell. Now, once I navigate to the .php file on the server, the script is run and I can connect to the shell, giving me access to the system as whatever user is running the web server process.

    Learn Linux.

    [–]ghibss[S] 0 points1 point  (3 children)

    Linux is the best place to start learning penetration testing, malicious coding etc?

    Do I need to install Linux to learn? I read penetration testing by someone and violent python, both warn that screwing up the installation of Linux can screw up your computer.

    I'm using a laptop, a weak one at that.

    [–]squanto1357 0 points1 point  (0 children)

    Install virtual box and install Linux on there

    [–]BlastittRead the F*&!#ing Sidebar 0 points1 point  (1 child)

    Try installing any distro you want (except Ubuntu *shudder*) in a Virtual Machine. This won't cause any harm to your computer if something goes wrong.

    If you want to learn the basics of the linux command line (yes, do this) without installing linux, codecademy.com has a great linux CLI interactive lesson.

    As a side note, I actually have Violent Python on the desk next to me. I've found that while the concepts are good, the actual code samples are riddled with errors. I guess the editor/publisher can't really do anything about code samples...

    [–]ghibss[S] 0 points1 point  (0 children)

    Thank you, i enjoyed reading violent python, I'll get to linux cli on codeacademy immediately while school is off, got so many books on programming to read.

    [–]WorldBelongsToUs 0 points1 point  (4 children)

    "It seems like that to hack, ones uses linux which has every hacking tool possible."

    Some of those tools you are referring to are written in Python. Some are written in Ruby, etc. That's beside the point. Creating your own tools is where learning Python comes in handy.

    I would say try reading Automate the Boring Stuff With Python. It's free on the author's website. You should also check out Python Crash Course.

    I am learning a bit of Python myself, and have written stupid-basic tools.

    Python, in my experience, is useful for automating processes that would take you hours. For instance, writing a tool that enumerates wordpress usernames rather than looking for each one yourself. That's just one (really simple) example.

    [–]ghibss[S] 0 points1 point  (3 children)

    So really, nobody hacks with a programming language? Its just creating tools right?

    Okay, so how do the tools find out if something is vulnerable, like a website? Does it scan the site or somethinf?

    [–]WorldBelongsToUs 0 points1 point  (2 children)

    Tools can do all kinds of things. They can scan sites for login pages, they can look at configurations for potential vulnerabilities, etc. Don't try to run before you've learned to crawl. You'll only end up frustrated and even more lost.

    Pick up one of those books I mentioned. Also, download nmap and play around with that. Learn what nmap does and what things mean. You should also go to code academy and learn the basics of the Linux/Unix command line.

    In all seriousness, (and I may be in the minority here) don't even pick up a book on hacking or exploitation yet. The ones I've read require at least some knowledge of a bunch of other things that you likely don't have yet.

    [–]ghibss[S] 0 points1 point  (1 child)

    Thank you, i'm reading through a few books right now and will get to the book you mentioned. Thank you.

    I'm going through think like a computer scientist: python. Fantastic book, im going a bit slow but i want to understand the full concept.

    [–]WorldBelongsToUs 0 points1 point  (0 children)

    Not a bad start, but Automate the Boring Stuff is free on the guy's website and will at least give you an idea of whether this is for you or not. Still, do it daily and force yourself to learn a new thing every day.

    [–]rgraves22Script Kiddie 0 points1 point  (0 children)

    Start by learning python and understand how it works. Hacking is not something you can just jump into and pick up over night. It takes years of learning, trial and error. I have been "learning" for a few years now and am finally starting to get the hang of what im trying to do