[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Extra juicy! | Home]

ask a hacker anything

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.

Thread replies: 100
Thread images: 11

File: threatbutt2.png (122KB, 1680x1050px) Image search: [iqdb] [SauceNao] [Google]
threatbutt2.png
122KB, 1680x1050px
real hacking thread
>>
>>51538762
Looks like page 10 is about to get even lower in quality for a minute
>>
File: leet.png (114KB, 337x217px) Image search: [iqdb] [SauceNao] [Google]
leet.png
114KB, 337x217px
>>51538762
Did your mommy buy you a puter for Christmas?
>>
>>51538821
>>51538857
^ Fuck them OP listen to me:

How do I become a mega-hacker such as you? I'm legit interested.
>>
>>51538857
yes she also got me a book on how to exploit heap-based buffer overflow vulnerabilities and defeat a non-executable stack with ROP, how did you know?
>>
>>51538901
also, i'm not interested in learning asm or other deprecated tech. i'm more an html kinda guy ya know.
>>
>>51538924
yeah nigga got that html5sec.org rite for ya
>>
>>51538946
>html5sec.org
nice thank you.

also, i changed my mind. where is a good asm resource for learning?

i wish to make a commercial ps4 emulator and make mega dosh on steam.
>>
>>51538910
What the fuck are you talking about. I wanna learn these shit
>>
Which sites have you hacked?
>>
>>51538981
https://www-ssl.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-manual-325462.pdf
>>
>>51539027
LOL

>>51539005
memory corruption exploitation
>>
>>51538910
Compromising your own system this way is pretty unimpressive to the already-initiated.
Also what version of windows is that? It could be 7 with themes turned off but I'm doubting that.

>>51538901
You read books, watch tutorials, and/or go to school.
How the fuck do you expect to be good at anything without practicing?
Life isn't like video games.
>>
File: twat.jpg (14KB, 320x294px) Image search: [iqdb] [SauceNao] [Google]
twat.jpg
14KB, 320x294px
>nmap3r

sad cunt
>>
Recommended sites / books for learning?
>>
>>51539068
yeah nigga anything that isn't a use-after-free in the latest Chrome version with a sandbox bypass and EMET turned on is lame, rite
>>
File: what.png (27KB, 1171x666px) Image search: [iqdb] [SauceNao] [Google]
what.png
27KB, 1171x666px
>>51538946
The irony is killing me.
>>
>>51539104
you sure got me
>>
>>51539120
u just mitigated a beef hook my friend

>using firefox for security purposes
>>
>>51539053
>lol

Come-on OP. Why are you so shy?

Also few more legit questions. Why do you hack? Or is that teeny spirit not over yet? What do you do for a living? What's your normal day routine?
>>
>>51539110
who said anything about chrome?
I don't care about chrome...
Also it's easy enough to look at an existing POC, load up windows 98 on a VM, and then find the vulnerability that someone else found years ago.
That's the entire fucking reason why I asked what version of windows that was you moron.

It's one thing to actually develop your own POC when you know that a specific module is vulnerable versus having to find the vulnerability in the first place.

Also your handle is pretty shitty.
Don't base your handle on a pen-testing tool for fucks sake.
>>
>>51539182
>I don't care about chrome...
lol ok, everyone else in the infosec industry does according to their fucking 0day payouts
>Also it's easy enough to look at an existing POC, load up windows 98 on a VM, and then find the vulnerability that someone else found years ago.
are you joking? this is a non-disclosed vulnerability in a popular application, why do you think ida was open?
also, we've pretty much got this to run on any modern system except windows with EMET due to the control flow integrity checks

>Also your handle is pretty shitty.
nigga my handle is elite, dont talk shit
>>
>>51539163
Hacking websites is beyond easy, the state of web application security is a joke (besides a few really clever and advanced attacks) please /quit now thank you very much
>>
>>51538762
xp, reading memory, are you hacking a dos game?
>>
File: lad.png (41KB, 1013x414px) Image search: [iqdb] [SauceNao] [Google]
lad.png
41KB, 1013x414px
>>51539150
https://html5sec.org/payloads.js
Oh you mean this?

wew.
>>
>>51539384
my friend runs that site that's so mean :(

>>51539380
no
>>
Learning:

http://www.securitytube.net/

http://creator.wonderhowto.com/occupythewebotw/

http://n0where.net/

http://www.offensive-security.com/metasploit-unleashed

http://www.exploit-db.com/

http://resources.infosecinstitute.com/

http://www.windowsecurity.com/articles-tutorials/

http://www.securitysift.com/

http://www.sans.org/reading-room/

http://packetstormsecurity.com/files/

https://www.corelan.be/index.php/articles/

http://routerpwn.com/

http://opensecuritytraining.info/Training.html

https://www.blackhat.com/html/archives.html

http://magazine.hitb.org/hitb-magazine.html

News:

https://threatpost.com/

http://www.deepdotweb.com/

Wargames:

http://overthewire.org/wargames/

https://www.pentesterlab.com/

http://www.itsecgames.com/

https://exploit-exercises.com/

http://www.enigmagroup.org/

http://smashthestack.org/

http://3564020356.org/

http://www.hackthissite.org/

http://www.hackertest.net/

Distros:

https://www.kali.org/

http://sourceforge.net/projects/metasploitable/

https://tails.boum.org/
>>
File: 1437327259726.jpg (65KB, 523x592px) Image search: [iqdb] [SauceNao] [Google]
1437327259726.jpg
65KB, 523x592px
>Hacker
>Windows XP

le lol
>>
https://www.linkedin.com/pulse/hacking-myth-dispelled-secrets-revealed-kim-guldberg

Thought it was an interesting read. Basically says just learn tinker learn tinker learn tinker, repeat. There's no secret recipe to become "le 7337 haxx0r".
>>
>>51539535
there are actually some decent resources in there, im surprised
but:
>http://www.securitytube.net/ - sure if you want to listen to a fucking indian
>http://creator.wonderhowto.com/occupythewebotw/ - cancer
>http://www.hackthissite.org/ - shit
>https://www.kali.org/ - people should laugh at you for using this
>https://threatpost.com/ BUZZWORDS 101


>>51539541
did you even read above? also VMs are cool aren't they
>>
File: haha no.jpg (37KB, 250x250px) Image search: [iqdb] [SauceNao] [Google]
haha no.jpg
37KB, 250x250px
>>51539604
Nice try linkedin admin.
>>
>>51539608
I only compile my own custom gentoo from source, along with any tools.
>>
>>51539669
wow you're such a hacker
i bet you don't even use grsecurity/pax or hardened cflags for compilation
>>
>>51539705
I made my own
>>
How old are you
Are you living in a basement
What have you hacked
Are you the infamous anonymous
You sound like an autist
The last one isn't a question
>>
>>51539827
LOL you made your own grsec/pax? are you fucking high?

>>51539829
-1 (i sure hope that's a signed integer)
yes
nothing
lol
i am
ok :)
>>
>>51538762
>windows
>hacker
>>
>msf shellcode
>buffer overflows in 2015

jesus..
>>
>>51540520
That's a big wiener.
>>
>>51541786
What's the problem breh, still happens all the time
>>
>>51538901
>^
Are you writing this at the beginning of your post so your leet haxor script can find the beginning of your post using regex?
>>
>>51538924
Die in a fire
>>
File: 1437866121069.png (158KB, 454x404px) Image search: [iqdb] [SauceNao] [Google]
1437866121069.png
158KB, 454x404px
>Run random executable python script
>You can do bad shit with it

Wow, who would have guessed. Did you also know you can shutdown a computer using batch scripts?
>>
File: 1441560903703.jpg (44KB, 934x524px) Image search: [iqdb] [SauceNao] [Google]
1441560903703.jpg
44KB, 934x524px
>>51538762

So what do you run, OP? I'm actually on KDE myself.
>>
>>51538762
where to start gaining the knowledge?

where to learn, what to read etc??
>>
>>51541947

well of course it does, but there hasnt been a good remote bof for anything actually useful, some good clientsides have appeared and there will also be stuff vuln on local side, but really those days are dead. now its all webapps & SE and kids acting hard because they can say exploitation terms & overwrite a basic strcpy() vuln1.c program or follow some indian metasploit win XP tutorial to "write" an exploit for an FTP that someone in sri lanka wrote. hacking scene is now dead m8.
>>
>>51542088
It's not dead mate, it's evolving
Industrial security is complete shit
And you're wrong, there's exploits being released every single day
https://www.exploit-db.com/remote/

The days of launching an attack against and windows machine to own it is over yes, it's become a bit harder yes, but it's not dead
>>
>>51538762
> hacking

Then why does your pic show cracking?
>>
>>51542070
Ah, KDE or GNOME... It's like arguing who's a better waifu - Asuka or Rei?
I say use whatever suits your needs and it should be fine, as long as it's not Shinji (Unity).
>>
>>51542199
He's writing an exploit for a buffer overflow you nigger
>>
>>51542148

i meant for something actual useful like some big time httpd or ftpd, back over 10 years ago, you'd be surprised, people actually hacked back then, came up new techniques to get around protections and there was a real active underground. barely any famewhores and whatnot, people made a name for themselves but not like kids do these days, nowadays kids can read and react on vuln software what hackes did in the past but still will never be equal to them because they came up with it themselves, figured it out of raw knowledge, not a google search for some hacking tutorial and because of that, information disclosure/tutorials killed it all, and well, people on big projects started coding alittle less retardedly plus is based on code that is well audited but im not going to get into that.

most of those exploits are webapp and hardly anything fun to own would run such obscure softwares that are vuln to bofs these days. of course not entirely impossible, but rare indeed.

every year they're getting harder to exploit, mostly because of the core code of the software is secure, suchas the linux kernel, each release, more fewer the vulns, back before 2.6 it was plagued, mostly now you'll exploit some kernel module. kids these days should focus on learning how actually shit works and to try and find something entirely new. those leaked documents of the NSA developing rootkits that affect the actual processor softwares, rather than kernel space of the OS, they're doing something different, so as the new generation of hackers today should do, rather than brag and overwrite the EIP copy with AAAA and cause a segfault of that doesnt matter and act like something out the matrix
>>
>>51542617
That's because back then they would just throw you in jail, now they offer the best job to the biggest attention whores in the industry

>responsible disclosure kills the zero day industry
>>
>>51542617

*of some software that doesnt matter
anyway tired as shit to explain atm
>>
>>51542617
You know nothing of the underground, go home child. You cannot overwrite EIP
>>
>>51538924
>I'm more an html kinda guy
Kill yourself
>>
>>51543212
>overwrite the EIP copy

i said, "overwrite the EIP copy", do you know how the stack works?

>>51542660

im pretty sure there are still active blackhats making even more, but alot of sec industry famewhores brag about techniques that just completely ridiculous and would not work in the real world.
>>
>>51542043
Just leave. Holy shit, if you don't see how this is an issue you're dumb. The python file just creates the file which is loaded into the executable. Shut the fuck up.

>>51542199
Shouldn't you be ricing

>>51542660
Agreed.

>>51543253
No I have no idea how the fucking stack works, also it was stated several times this was a heap overflow. Oh you meant the saved return address... which is stored in the stack. Okay sure, I didn't read. Apologies. You're still a moron

>>51543253
You clearly haven't seen anything interesting then, BIOS rootkits developed by security researchers, find me a blackhat that can do that please.
>>
>>51543253
Guy that called you a moron here, got xmpp/jabber? I'd be happy to prove you wrong
>>
>>51542070
Eliot was a kiddie. Deal with it.

>>51541982
Woah you just learned regex! Impressive!!!!
>>
File: 1448293892062.jpg (57KB, 500x667px) Image search: [iqdb] [SauceNao] [Google]
1448293892062.jpg
57KB, 500x667px
>>51543317
>find me a blackhat that can do that please
You already have enough black hats, fag.
>>
>>51543404
So cute. Since you can't come up with a real response get the fuck off the thread please :)
>>
>>51543385
Elliot was a kiddie. Zero Cool was the real deal, right?
>>
>>51543419
since when do we discourage shitposting? Did this community reach lvl 36?
>>
File: SLL_keygen_success.png (825KB, 4000x2560px) Image search: [iqdb] [SauceNao] [Google]
SLL_keygen_success.png
825KB, 4000x2560px
>>51538762
Poor ollydbg man.

Need to get back to finishing this keygen, I can generate valid serials. But the activation code required is machine specific, it uses env variables.
>>
>>51543419
I'm not the guy you replied to, I just saw how you act and decided to make fun of you a bit :)
>>
>>51543447
Of course man, Zero Cool was elite as fuck! He didn't run metasploit!

No but really I get all you fags are angry that your new favourite show actually depicts a moron who's about as skilled as your average 16 year old, talking about old (albeit hilarious) movies isn't going to get you anywhere

>>51543449
sry :(
>>
>>51543466
Hey hey hey! Is that IDA copy legitimately licensed?!?!?!?! You filthy fucking pirate.

>>51543404
u sure got me!
>>
>>51543466
Also in all seriousness env variables..? They're easy enough to get.. I don't see the issue here
>>
>>51543474

Maybe I'm being a bit elitist, just wanted to show him security researchers do seriously cool stuff and blackhats.. they're sort of boring. Maybe there's the odd one or two with skill.
>>
You're delusional. Now go back to Hacker news and stay there.
>>
>>51543625
No thank you
>>
>>51543317

>find me a blackhat that can do that please

you think blackhats dont have skill? let me tell you, that there were a group of blackhats back when the real underground was active that could remotely exploit the network stack to a specific OS that i wont say. also i was talking about memory corruption in general, stack based bof was the first thing that came to my mind in explaining memory corruption issues today.

>>51543359

same guy idk? i was talking about stack based bof, again. i also would, but what im currently on is very limited and i dont have much time left anyway.
>>
>>51543691
Nowadays? Honestly..? Nope I don't think they were. I think they used to be no doubt, but making money became much easier (spam) and they all just moved over to that.

Are you talking about the Solaris bug? It wasn't published
>>
Where to buy ransomware? Give skiddy forums please. Or how to find said forums? On Tor is okay
>>
>>51543752
Write it yourself you fucking skiddie cunt, there's literally opensource cryptoware everywhere
>>
>>51543827
my time is too valuable senpai. nice troll thread though.
>>
>>51538762
being hacker on Windows is really fucking easy. Even with an antivirus installed, and even more easy if you know ASM, C, and you know well the winapi(Reference manual can do)...

For example, I wrote a simple program which install a modified version of Radmin3server on the machine. Then it adds some values to the registry (Login credentials, elimination of unistall entry, etc), and voila, I have full control of the PC even with antivirus, if I need to access the PC from a remote location, just hack the wi-fi with Reaver(WPS) and open a specific port. Now you can access the PC from everywhere.
>>
>>51543721
>naming yourself hacker
>underestimating people
You should never underestimate people, there are alot of shit white/Gray hats too.
>>
>>51543721

nope, also you havent heard of ZF0, ~el8, h0no? jeez, they raped whitehats from left to right.
>>
>>51543852
have fun in jail kid
>>
>>51543888

Uh... no. You need to leave now. That's not how it works at all. Also up for some quiz questions on the windows API?

>>51543910
I said they WERE skilled. Not nowadays. Nice name dropping though, let's bring phrack into this too! Why not right?

>>51543907
Go away
>>
>>51543930
Dude, I tested the malware on a friends machine and i can see it all the day, he will never notice, i can transfer files and delete system files, i can use a telnet to even play sound on the remote machine, i can do a full control section, shutdown it, etc... If you somehow get the admin privileges on your program, you can do anything at all... Im not calling it hacking because that's just stupid security guards of windows
>>
>>51543987
No... No... Just no...
>>
>>51543930

phrack has nothing to do with those groups, pHC had some affiliation with the older groups, anyway even though phrack now is far more greater than what you see at your defcon/blackhat or whatever pentesting con, i can line up any "officially" certified white hat hackers, ceh, offsec certified or whatever scam cert is today to some blackhats still active and theyd get their ass handed to them
>>
>>51544016
Do it then. I get that pHC != Phrack. Even then what about people that work for:

immunity inc
zerodium
exodus intelligence
ZFI
VUPEN
Google Project Zero
>>
>>51544011
Hey, im not saying that my friend is a programmer or something he is just a normal PC user, which uses windows and have avast installed, is not that hard to install malware on a computer like that. I also tested the program on a friend computer with some antivirus called 360 and it worked just fine. This is not god-tier hacking or using metasploit to inyect some module in explorer.exe. Just a normal program which needs to be executed once with administrator privileges.
>>
>>51544071
I REALLY hope you're trolling
>>
>>51544078
No dude, im not trolling. That's simple how it works, and it works... Is not a masterpiece code of hacking but it works for my purposes...
>>
>>51544103
You're either trolling or you're fucking brain dead.
>>
>>51544109
Hey why don't you explain WHY he's braindead instead of just acting like a 12 year old?
>>
>>51544109
I think you are confusing Hacking with Cracking. Is not the same thing.. Do a read up on wikipedia. Also i didn't call this hacking is just some software that i wrote in my spare time...
>>
>>51544122
It's not even worth explaining, anyone with more than one braincell can see why this person shouldn't have access to any device that uses the TCP/IP protocol

>>51544136
I think you need to stop embarassing yourself
>>
>>51544147
*embarrassing

That is the definition of irony... fuck me.
>>
>>51544147
>hes so stupid im not even going to bother explaining!
aka youre a fucking moron who has no idea what hes talking about either
>>
>>51544171
Yup. You got me
>>
Lol, idk why anyone would target the main server when you can target the idiot with the password and access the server. >>51544136 If you ask me, I guess it would work since people these days don't even know how a computer works and if you get access to the dumb with the password you can acess your main target (if there is one), im just saying...

What does /g/ thinks that Hacking means? In practical purposes...
>>
>>51544056

some of the ppl working at those places were in the underground, pretty much the advancement of memory corruption and bypass techniques originated in the underground, i was just talking about your general defcon white hat spokesperson talking about some super secret elite hacker methods like DNS issues or bit fiddling and everyone just hypes over it and fearmongs companies into buying their useless protections against such ridiculous hacks. there are still blackhats that sit on top of everything, believe me. anyway im off, nice talking to you, btw.
>>
>ask a script kiddie anything
fixed that for you
>>
>>51543910
>ZF0
Whoever wrote their ezine was the Bill Hicks of hacking scene.
And their dissing of Mitnick and Kaminsky was analogous to Eazy-E's buttblasting of Dr Dre and Snoop Dogg. You can't read that and don't want to hack a Gibson...
>>
>>51538762
Can you suck my cook?
Thread posts: 100
Thread images: 11


[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.