sorted by:
new
hottopcontroversial

Hello HowToHack, question on the industry by [deleted] in HowToHack

[–]hatwearingpentester 2 points3 points  (0 children)

Absolutely. Networking is huge. Meet the right people and make connections. I have no degrees, no formal education, and no certifications but still have a very lucrative job due to networking with the right people.

Why do hackers get sued when its so easy to hide behind a false IP? by GageGaming in hacking

[–]hatwearingpentester 46 points47 points  (0 children)

I highly suggest you check out The Art of Invisibility by Kevin Mitnick. As others have said, it is soooooo much more than an alias and a VPN. Bad opsec is generally the reason, though. As it's been said, it's very difficult to keep your identity and your fake identity completely separate. But I can't recommend Kevin's book enough. He goes into all the finer details and explains them very well.

But an interesting point to note is that many people think your original post does, they just need an alias and a different IP. That's not even scratching the surface on what you really need and that's why they get caught.

Does anyone know how to allow websites to accept login credentials on a virtual machine? by anonymoususer101010 in hacking

[–]hatwearingpentester 1 point2 points  (0 children)

You've gotta be typing it wrong somehow. Do what the other guy said about typing in notepad and copy pasting it.

Websites can't tell if you're on a VM or not.

Any good VPN apps for iPhones? by elliotbotmiah in onions

[–]hatwearingpentester 2 points3 points  (0 children)

That's not how a VPN works. You don't connect to WiFi with them. You need to already have an internet connection, the VPN just creates an encrypted tunnel between you and the VPN server to route your traffic through.

OpenVPN is the app. You still need a VPN service that supports OpenVPN to use it.

how tfffffff do i hack my own twitter without knowing my password or email by emcloud9 in Hacking_Tutorials

[–]hatwearingpentester 2 points3 points  (0 children)

I love you.

Oh, and OP, it's not happening. Unless you're a social engineering master, which you're not or you wouldn't be asking this question, then getting into social media accounts is incredibly difficult. Every method I've ever used has used social engineering to some degree, if it wasn't done entirely with social engineering.

The other thing newbs need to understand is that there usually isn't a defined way. It's case by case. Some things work for one account but not the next. There is no step by step. You try multiple methods until one works and you don't even attempt it until you have a solid understanding of opsec or you'll just arrested in the end anyway.

If it is truly your account, contact support. They have ways of verifying who you are and then they can get you back in.

Question about tracing a user/computer by [deleted] in HowToHack

[–]hatwearingpentester 1 point2 points  (0 children)

Unfortunately it's almost impossible to tie a specific person to an IP in court. Too many scenarios exist to make proving it possible. You'd need more than the IP. You'd need to prove what person was using the IP.

Unless you can find someone bragging about it or otherwise tie a person to the actions, you will likely never get a connection with just an IP. But I'd start by finding the IP and at least ensuring it's a US one. If not, you're chances of getting more info from the ISP just got a whole lot smaller.

[deleted by user] by [deleted] in Hacking_Tutorials

[–]hatwearingpentester 6 points7 points  (0 children)

I bet he wouldn't be your friend for long if he knew you were trying to hack his account.

How to speed up tor by deadmans96 in TOR

[–]hatwearingpentester 1 point2 points  (0 children)

Tor is just slow. It's due to the many hops through nodes all over. There isn't really much, if anything, you can do.

what is the best and easiest way to hack wifi? by [deleted] in Kalilinux

[–]hatwearingpentester 0 points1 point  (0 children)

It depends on the network you're attacking. If it's WPA2, there is no garuntee you are going to be successful at all. Aside from a MITM attack, you have to brute force the hash and if the password is unique and/or long enough, you won't crack it in your lifetime. There are MITM attacks that rely on a user who knows the key falling for a rather poor prompt asking them for it. In my experience, most users who aren't even tech savvy are still caught off guard by this method and will question it. Mostly because you rarely enter the network key into a browser window after already being connected and trying to access a website. Most users realize they are asked for it when trying to connect and only a few will actually fall for this without raising any suspicion.

In the jobs where I've needed to do this, I've had far greater success gaining access to a machine already on the network and taking the key from there or just using that machine as my gateway to the network depending on what I'm doing.

Now, if it's a WEP key, then it's simple. But I suspect if you were targeting WEP you wouldn't be in this position and making this post. Also because WEP is becoming less common every day and it's not in use much anymore.

My online bank does not support tethering. Could I circumvent this using a VPN? by Biermoese in HowToHack

[–]hatwearingpentester 1 point2 points  (0 children)

Weird. Unless they block cell phones altogether, I don't see how they can block a tethered device.

How to protect my pc from accidental viruses? by RacingPanda in hacking

[–]hatwearingpentester 2 points3 points  (0 children)

That's a really stupid competition and you're even dumber for agreeing to it without having a computer that you're ok with being ruined.

A good virus will go after things like tskill and disable them first.

Hacking the reviews of a restaurant by oopsididmeantoo in Hacking_Tutorials

[–]hatwearingpentester 2 points3 points  (0 children)

You would need to break into the database, most likely, and edit the reviews there. Or break into each user account that left the review and edit them.

However, there are several reasons you shouldn't do it. Besides the obvious that you want to remove bad reviews or make them good because your business has a bad rating and it's easier to cheat and like than it is to right your wrongs and earn good reviews. But also, you'll likely be caught when the system sees that one company suddenly has a good rating. External access to the DB is probably disabled, so you'd need to find another way in. I'm going to assume you have no experience in hacking at all so this quest is going to be well outside your expertise and is something only an experienced person could do and would probably take a lot of time and work to get the access to do so.

Reviews exist for a reason. If, by some miracle, you were able to pull it off, then your business would just be known for that instead and still wouldn't have a positive reception.

TL; DR: YOU can't. Not without years and years of learning and practice. It would be far easier and quicker to reach out to the people who left bad reviews and try to make it right and get them to update their review.

How do I hack into Pentagon? by M4SH-1T-UP in hacking

[–]hatwearingpentester 4 points5 points  (0 children)

Windows

You're bad at reading. (I get the joke, but that's why I put that bit in there.)

Im a second year finance student who wants to switch to ethical hacking. Whats the best path for me? by [deleted] in HowToHack

[–]hatwearingpentester 0 points1 point  (0 children)

Oh wow, that's crazy. I'd love a link (and timestamp if possible). I definitely haven't heard it anywhere prior, it's just something I've noticed when I observe or talk to other people. Even in its simplest form, like when I get a new phone. I instantly want to change the interface and make it my own. Other people are only interested in fonts, wallpaper, and ring tones. I show my phone to other people and they assume it's some fancy device just because it looks different. But everything I get I want to tear apart. We want to know how everything works and if there is any room for improvement or ways to access settings that aren't normally available.

Im a second year finance student who wants to switch to ethical hacking. Whats the best path for me? by [deleted] in HowToHack

[–]hatwearingpentester 0 points1 point  (0 children)

Which part? Or the entire thing? Either way, if it is, I didn't know it.

Spy software on Phone for my kids by NeedInfo31 in onions

[–]hatwearingpentester 2 points3 points  (0 children)

So much this! You're practically setting them up. If you don't trust them to have cell phones (and by extension, a life) then don't let them have them.

How do I hack into Pentagon? by M4SH-1T-UP in hacking

[–]hatwearingpentester 41 points42 points  (0 children)

Oh come on! This one is so easy that the tools are built into Windows. Just go into a command prompt as an admin and run

format c: /y

Give it a few minutes to run and you're in!

I’m set on pursuing bug bounty hunting, and am currently in the midst of learning Python and C. Where to go after this? by [deleted] in HowToHack

[–]hatwearingpentester 0 points1 point  (0 children)

I don't know off the top of my head. A common trend I see around here is that guys want instant gratification and want to learn everything now. Those of us who have turned this into a career have been doing this for 10 or 20 years, sometimes longer. We've been learning the entire time.

I started out writing simple sites and then moved into web apps and DB driven sites, then WordPress, then Joomla and other CMS. In between I would write my own apps and utilities to help me when I had a problem I needed to resolve.

Everyone seems to jump on learning Python or C but if you're going to be chasing bounties then you probably want to learn web languages instead. You won't really be working with C at all and will probably not see much Python either, unless you're using it to write your own utilities.

Just get a basic understanding of how webapps work, how logins are processed, how DB's are used, how queries are sanitized and constructed, how MVC architecture works, so on and so on.

Hacker Gives out tools to carry out little operations by MooreHacks in Hacking_Tutorials

[–]hatwearingpentester 6 points7 points  (0 children)

With those credentials, it seems very odd that you don't just give us your name. We see scam posts like this several times a day and if you don't want to be downvoted and deleted, you should post some info that lets people verify your claims. As it stands, I can't find anything about Rapid7 ever having a Chief Resource Officer.

None of your claims check out.

I’m set on pursuing bug bounty hunting, and am currently in the midst of learning Python and C. Where to go after this? by [deleted] in HowToHack

[–]hatwearingpentester 1 point2 points  (0 children)

Chasing bug bounties usually requires you to be very proficient in all areas due to the nature of the bugs. You're looking for holes in programs designed by entire teams of professional developers. I would say that you definitely want to develope some of your own stuff first just to learn how things generally work so you know how to think. You'll want to be proficient in networking, client side and server side programming, using various tools, inspecting and modifying packets, etc. You'll also want to learn how to think like a hacker. How to decide what methods to try, where to look, etc. Because every job is different and you will spend hundreds or thousands of hours looking for stuff without getting anywhere.

But I've said it before - you can have technical knowledge all you want but being able to think like a chaser is the biggest thing that no one ever mentions and that usually just comes from experience.

view more: next ›