A Beginner's Guide
A Beginner's Guide
The Beginner’s guide.
Okay, so you want to learn to hack, and be a "kewl haxor", right? Well, good luck on that one – you’ve got a long road ahead of you. A road in which you are expected to be your own teacher in almost everything. Don’t get me wrong, I’m not implying that no one wants to help you, because this world is full of intelligent and insightful mentors, what I mean is – if you actually want to learn it, and learn it in such a way that you understand it, and can make up your own rules, the only way to do it is by teaching yourself.
The road you have to walk down is not only long and filled with misinformation and old, out-dated information – it’s also fraught with dangerous temptations – the largest of which is the temptation to use power before you understand it. Never trust an easy explanation or answer. The only truths you will find in this world are the truths that you have earned by the sweat of your own brow.
Now, let’s see, I set out with this guide to give an easy jumping off spot – that I myself could have benefited from. I wanted to provide a centralized place to find tools and maybe a little bit more information than is available in one place elsewhere, and perhaps to give you a laugh or two while I’m at, so, here we go.
The idea is that I want to give you an idea of how to pack your bags before you begin your journey. You always want to pack before a long trip, right? All of the tools that you throw into the bag now, will at one point or another become very useful to you. You may not need the individual tools soon, but more than likely, if you continue down this road, you will at some point. Here’s the great thing about the bag – you don’t have to pack it yet, or you can leave out or add as many things as the bag will hold, that’s really up to you. But, as I said, I want to provide a jumping off place for the beginner on this journey.
First things first – Understanding your computer and browser.
What kind of operating system (OS) are you running? Is it Windows XP, or 98 or something that starts with the infamous initials “MS?†If so you might want to consider changing that. Not that there’s anything wrong with windows, it’s the comfort food of the computing age. It comes pre-loaded on almost every retail computer and most toddlers can become adept with it in a matter of minutes. It’s easy and, therefore, sometimes difficult to let go of. But, here’s a little secret. Come here, close, I have to whisper it in your ear. Closer. No, no, you’re really going to have to lean in close for this one. Are you ready? You don’t have to use windows… I know, I know, it seems inconceivable. It’s unreal right? Well, let me tell you, there are other OS’s out there that are, for yours and my purposes, better. And guess what? The better ones are invariably free.
“What?!!!!†You say.
Yes, that’s right, FREE. FREE. Freedom. They’re out there for the taking, and you don’t have to spend a single solitary dime on them. There’s this nifty online enterprise called Open Source software.
“But, NetSurj,†I hear you saying, “They can’t be as easy as windows. Surely, they must be archaic, and out dated. I mean, nothing free is good, is it?â€
This is what you should do. If you’re hooked on windows, but still are open to at least considering alternatives, go to Google (this little guy will very soon become your best friend, but we’ll get to that later) and type in “KDE,†or “Gnome†(with the quotes). They’re both open source (free) GUI’s (Graphical User Interfaces – essentially what windows is) and they have all of the same gadgets you’ve come to love.
“But, if it’s going to be so similar to windows, why should I consider the shift, NetSurj?â€
Well, here’s the thing. Linux, which is the Kernel that these particular GUI’s run on, is based on Unix. The shell, BASH (Bourne again shell) in linux, is what runs the entire system. And Unix along with it’s operations and commands is, probably, one of the most important systems that you can learn. So at least consider it. Linux will make you less dependant on your computer’s software and, therefore, more independent. On top of that, they’re smaller, and can make your computer faster.
If you insist on using windows (we know who you are – you there, in the back with the low unibrow and protruding front teeth) at least take some time to learn to operate in DOS. You can run it from within windows. You see that start button? Well, Look at the bottom of the screen. Now pan your eyes to the left until you reach the edge. Your eyes should be resting on the bottom left corner of the screen now. You see it? Oh, come on! It says START for God’s sake! You do? Good, click on it. Now go to ‘run’. Now type in “command.†Now there’s a big black square somewhere near the center of your screen with a c prompt in it. That’s it. Now, go to google again and look up basic Dos commands.
Now, onto your web browser:
Okay, so far you have a fairly intimate knowledge of your browser. You probably know the back and forward buttons by heart, something you may not use very often but at least have a rudimentary knowledge of is the stop button – in case you don’t: it stops any process that’s in progress – you probably also know the refresh and home buttons by heart, and of course you know that if you type in addresses (usually ending in .com, net, org, gov, etc) into the url bar, your browser whisks you off to foreign locations.
I’d like to interrupt here for a moment – primarily because I want to make sure that everyone is on the same page. I’d hate to be talking about features that your browser doesn’t have, thereby confusing you before we even get started.
So you’re probably reading this through an Internet Explorer browser… You’re going to want to throw that browser out, it’s no good to you if you’re planning on staying on this road. Mozilla has a WONDERFUL browser that is adapted to this road. Using IE on this road is a bit like driving a go cart on the interstate. The go cart is perfectly designed for its own purpose, but it’s lousy at driving on the interstate. So, you’re going to want to pick up a fast, stream-lined, race car. Go here:
And click on the Download Firefox button. You’ll Love it. Well, since you’re there you might as well pick up a few handy-dandy extensions. Here are some of my favorites:
Web Developer: https://addons.mozilla.org/firefox/60/ User agent: https://addons.mozilla.org/firefox/59/ Great tools: http://www.net-force.nl/files/download/nftools/nftools.xpi
Okay, now you’ve got a lot of the stuff that you’re going to need for a little while. Take a little time and become acquainted with the new browser. You see that google toolbar? Brilliant isn’t it? Type in “firefox optimization†and take a look at how you can configure it for speed. Click on everything. Do whatever comes naturally. Play with it. Finesse it. Tickle it. Okay, you’ve gone too far – firefox is not a sex toy!! –that’s what google is for. Just kidding!!!…No, seriously… Haha. (Nods head)
On to Google. Google is your first, best, and, essentially, only completely honest mentor. Google is never wrong. If google gives you an incorrect answer it’s because you asked it the wrong question. Do not question Google’s omniscience. First things first, use google to look up google hacking. This is an artform in and of itself and you want to learn as much about it as possible. Google contains all of the information in the world, essentially. They say information is power don’t they? Well, if you can manipulate Google to give you what you want, when you want it, that makes you the most powerful person in the world doesn’t it?… Didn’t know it was that easy, did you?
Okay, come down from your throne, and listen. All joking aside, learn how to use google. It’ll save your life some day, I swear to god.
A couple of more things about Firefox. Learn how to view the source on a web page! Go click on View in the browser. You see down there? It says “view source,†doesn’t it? Good, now click on it – or you can skip this step all together by holding down the control key and pressing u. Now that you’ve got the source of whatever web page you happened to be looking at, look closely. You see all of that gobble-dee-gook? Most of it doesn’t even look like English does it? That’s what the internet is made of. That stuff, called HTML, tells your browser (hopefully firefox by now) what it’s supposed to do when you want to see the page.
Off for some more learning!!! Yay, learning! Go to www.w3schools.com (in fact go ahead and bookmark it while you’re at it) and click on HTML tutorials. Go through the whole thing. It’s important trust me. After a little while you will start to recognize the symbols in the source code, and before long, you will be saving the source code to your computer (right click on the page, click on save page, name it whatever you like – but be sure to add “.htm†or “.html†to the end of the name as you save it – without the quotes of course) and editing it. Not long after that you will be writing your own web site from scratch. Just take the time now, you won’t regret it. While you’re at it learn javascript, and at least get an idea of what cross site scripting (css) is.
Okay, so you’re running a fast, stream-lined OS and web browser right? Good. Now, onto a few other tools. Let’s say that you have a friend. This friend of yours has written a really great program (not copyrighted of course) – the only thing is, is that he has written it so that you can only use it for 30 days. At the end of the allotted time, the program will collapse in on itself, and stop working… Not a very good friend is he? Now, let’s say that you want to use your friend’s program for longer than 30 days (after all there are no laws protecting it), what can you do? Well, you can disassemble it, that’s what. Take it apart, see what makes it tick, and change it. That’s what you can do. This handy little practice is what’s known as reverse engineering, reversing, or cracking. Think of it as cracking open the program, rearranging it, and closing it up again. To do this you’re going to need a debugger. What, you can’t afford to buy one? No problem, go here:
OllyDBG: http://www.ollydbg.de/
Ollydbg is an extremely handy debugger. To learn to use it go to google again. I told you that you would become close to google. You also might want to begin learning ASM. Google it.
Another helpful cracking tool is a Hex editor. You’ll find the one I use at:
XVI32: http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm
Okay, you’ve hopefully learned some cracking, and a little bit about HTML, javascript, css, and assembly language (ASM) now. Good job, you’re well on your way, hopefully you’ve completed challenges on a few websites, without asking for too much help, and you’re probably getting more and more confident with your abilities.
Last, but not least, is a good password cracker:
JTR: http://www.openwall.com/john/
This one has a learning curve, so be prepared to spend a little bit of time just learning the commands. But, all in all, it is a great resource.
Well, there you have it, the beginning hacker’s toolbox. I’m sure that you’ll find many other tools that will be more appropriate for your purposes than some of the ones I listed, but I just wanted to give you an idea of where to start. The challenges on this website are really helpful. Here’s a hint, try to complete them without any help whatsoever. Try and try and try, and, only after you have become completely stumped, check the articles and forums – this is really to your benefit – it’ll strengthen your skills.
Lastly, don’t be afraid to ask for help. You’ll see it everywhere: everyone here has been right where you are now, and doesn’t mind lending a hand from time to time.
That’s it for now. I think I’ll work on a tutorial for some of the applications I’ve mentioned in this article. Please take a few moments and let me know what you think of this one.
Thanks, NetSurj
solo 18 years ago
fantastic:) inspired me too much to do things by own… u written a great article:happy:
ghost 18 years ago
Nice article, but at some parts you where being a little too close minded, if u know what I mean. U say what you believe, and that nothing else is right. Personally, Im pissed off at FF. Use IE quite a bit. And Windows is an OS jst like Linux, using Linux wont make you a better hacker… All in all, well written :happy:
richohealey 18 years ago
I really liked this article, I have tried to mentor numnerous people who would have benefitted hugely from reading this.
I would have included the refer spoofer plugin though, it's very handy.
ghost 18 years ago
Google will not lie but people do. Linux should be the last thing to think about as far as learning to hack. If the goal is to learn to hack then why go through the unecessary process of learning an Os that you have no idea how to use, it is more work to achieving a goal, remember people less work is a good thing.
ghost 18 years ago
knut, thats a little contradictory, seing as google finds information that people put on the internet ;)
ghost 18 years ago
It is in no way contradictory. Google can not lie. Only people lie. If you can't understand that then I can't help you.
ghost 18 years ago
I'm a newbie at hacking and this site and I must say that this was the first article that I read and it was beyond helpful and informative. Especially with the links to various tools that I'll need, i know that alone saved me so much time! So I'd have to say grade A++++ article and thanks for helping me start my journey!!! ;)
ghost 18 years ago
noob right here. you all were once im sure, that aside i wanna say that this is an amazing resorce.:D amen
ghost 17 years ago
all you've got is positive feedback and Im just going to add to that…YOU ROCK. I've used jtr but doesnt it just do hashes?
ghost 17 years ago
im a noob to anything hacking really, but i really enjoyed the read. See the main problem was the fact that i didnt know wat kind of OS to use or browser, but now that you have shed light on the subject of tools and things, i understand now why it has been so hard. great article though