A Beginner's Guide
A Beginner's Guide
The Beginner’s guide.
Okay, so you want to learn to hack, and be a "kewl haxor", right? Well, good luck on that one – you’ve got a long road ahead of you. A road in which you are expected to be your own teacher in almost everything. Don’t get me wrong, I’m not implying that no one wants to help you, because this world is full of intelligent and insightful mentors, what I mean is – if you actually want to learn it, and learn it in such a way that you understand it, and can make up your own rules, the only way to do it is by teaching yourself.
The road you have to walk down is not only long and filled with misinformation and old, out-dated information – it’s also fraught with dangerous temptations – the largest of which is the temptation to use power before you understand it. Never trust an easy explanation or answer. The only truths you will find in this world are the truths that you have earned by the sweat of your own brow.
Now, let’s see, I set out with this guide to give an easy jumping off spot – that I myself could have benefited from. I wanted to provide a centralized place to find tools and maybe a little bit more information than is available in one place elsewhere, and perhaps to give you a laugh or two while I’m at, so, here we go.
The idea is that I want to give you an idea of how to pack your bags before you begin your journey. You always want to pack before a long trip, right? All of the tools that you throw into the bag now, will at one point or another become very useful to you. You may not need the individual tools soon, but more than likely, if you continue down this road, you will at some point. Here’s the great thing about the bag – you don’t have to pack it yet, or you can leave out or add as many things as the bag will hold, that’s really up to you. But, as I said, I want to provide a jumping off place for the beginner on this journey.
First things first – Understanding your computer and browser.
What kind of operating system (OS) are you running? Is it Windows XP, or 98 or something that starts with the infamous initials “MS?†If so you might want to consider changing that. Not that there’s anything wrong with windows, it’s the comfort food of the computing age. It comes pre-loaded on almost every retail computer and most toddlers can become adept with it in a matter of minutes. It’s easy and, therefore, sometimes difficult to let go of. But, here’s a little secret. Come here, close, I have to whisper it in your ear. Closer. No, no, you’re really going to have to lean in close for this one. Are you ready? You don’t have to use windows… I know, I know, it seems inconceivable. It’s unreal right? Well, let me tell you, there are other OS’s out there that are, for yours and my purposes, better. And guess what? The better ones are invariably free.
“What?!!!!†You say.
Yes, that’s right, FREE. FREE. Freedom. They’re out there for the taking, and you don’t have to spend a single solitary dime on them. There’s this nifty online enterprise called Open Source software.
“But, NetSurj,†I hear you saying, “They can’t be as easy as windows. Surely, they must be archaic, and out dated. I mean, nothing free is good, is it?â€
This is what you should do. If you’re hooked on windows, but still are open to at least considering alternatives, go to Google (this little guy will very soon become your best friend, but we’ll get to that later) and type in “KDE,†or “Gnome†(with the quotes). They’re both open source (free) GUI’s (Graphical User Interfaces – essentially what windows is) and they have all of the same gadgets you’ve come to love.
“But, if it’s going to be so similar to windows, why should I consider the shift, NetSurj?â€
Well, here’s the thing. Linux, which is the Kernel that these particular GUI’s run on, is based on Unix. The shell, BASH (Bourne again shell) in linux, is what runs the entire system. And Unix along with it’s operations and commands is, probably, one of the most important systems that you can learn. So at least consider it. Linux will make you less dependant on your computer’s software and, therefore, more independent. On top of that, they’re smaller, and can make your computer faster.
If you insist on using windows (we know who you are – you there, in the back with the low unibrow and protruding front teeth) at least take some time to learn to operate in DOS. You can run it from within windows. You see that start button? Well, Look at the bottom of the screen. Now pan your eyes to the left until you reach the edge. Your eyes should be resting on the bottom left corner of the screen now. You see it? Oh, come on! It says START for God’s sake! You do? Good, click on it. Now go to ‘run’. Now type in “command.†Now there’s a big black square somewhere near the center of your screen with a c prompt in it. That’s it. Now, go to google again and look up basic Dos commands.
Now, onto your web browser:
Okay, so far you have a fairly intimate knowledge of your browser. You probably know the back and forward buttons by heart, something you may not use very often but at least have a rudimentary knowledge of is the stop button – in case you don’t: it stops any process that’s in progress – you probably also know the refresh and home buttons by heart, and of course you know that if you type in addresses (usually ending in .com, net, org, gov, etc) into the url bar, your browser whisks you off to foreign locations.
I’d like to interrupt here for a moment – primarily because I want to make sure that everyone is on the same page. I’d hate to be talking about features that your browser doesn’t have, thereby confusing you before we even get started.
So you’re probably reading this through an Internet Explorer browser… You’re going to want to throw that browser out, it’s no good to you if you’re planning on staying on this road. Mozilla has a WONDERFUL browser that is adapted to this road. Using IE on this road is a bit like driving a go cart on the interstate. The go cart is perfectly designed for its own purpose, but it’s lousy at driving on the interstate. So, you’re going to want to pick up a fast, stream-lined, race car. Go here:
And click on the Download Firefox button. You’ll Love it. Well, since you’re there you might as well pick up a few handy-dandy extensions. Here are some of my favorites:
Web Developer: https://addons.mozilla.org/firefox/60/ User agent: https://addons.mozilla.org/firefox/59/ Great tools: http://www.net-force.nl/files/download/nftools/nftools.xpi
Okay, now you’ve got a lot of the stuff that you’re going to need for a little while. Take a little time and become acquainted with the new browser. You see that google toolbar? Brilliant isn’t it? Type in “firefox optimization†and take a look at how you can configure it for speed. Click on everything. Do whatever comes naturally. Play with it. Finesse it. Tickle it. Okay, you’ve gone too far – firefox is not a sex toy!! –that’s what google is for. Just kidding!!!…No, seriously… Haha. (Nods head)
On to Google. Google is your first, best, and, essentially, only completely honest mentor. Google is never wrong. If google gives you an incorrect answer it’s because you asked it the wrong question. Do not question Google’s omniscience. First things first, use google to look up google hacking. This is an artform in and of itself and you want to learn as much about it as possible. Google contains all of the information in the world, essentially. They say information is power don’t they? Well, if you can manipulate Google to give you what you want, when you want it, that makes you the most powerful person in the world doesn’t it?… Didn’t know it was that easy, did you?
Okay, come down from your throne, and listen. All joking aside, learn how to use google. It’ll save your life some day, I swear to god.
A couple of more things about Firefox. Learn how to view the source on a web page! Go click on View in the browser. You see down there? It says “view source,†doesn’t it? Good, now click on it – or you can skip this step all together by holding down the control key and pressing u. Now that you’ve got the source of whatever web page you happened to be looking at, look closely. You see all of that gobble-dee-gook? Most of it doesn’t even look like English does it? That’s what the internet is made of. That stuff, called HTML, tells your browser (hopefully firefox by now) what it’s supposed to do when you want to see the page.
Off for some more learning!!! Yay, learning! Go to www.w3schools.com (in fact go ahead and bookmark it while you’re at it) and click on HTML tutorials. Go through the whole thing. It’s important trust me. After a little while you will start to recognize the symbols in the source code, and before long, you will be saving the source code to your computer (right click on the page, click on save page, name it whatever you like – but be sure to add “.htm†or “.html†to the end of the name as you save it – without the quotes of course) and editing it. Not long after that you will be writing your own web site from scratch. Just take the time now, you won’t regret it. While you’re at it learn javascript, and at least get an idea of what cross site scripting (css) is.
Okay, so you’re running a fast, stream-lined OS and web browser right? Good. Now, onto a few other tools. Let’s say that you have a friend. This friend of yours has written a really great program (not copyrighted of course) – the only thing is, is that he has written it so that you can only use it for 30 days. At the end of the allotted time, the program will collapse in on itself, and stop working… Not a very good friend is he? Now, let’s say that you want to use your friend’s program for longer than 30 days (after all there are no laws protecting it), what can you do? Well, you can disassemble it, that’s what. Take it apart, see what makes it tick, and change it. That’s what you can do. This handy little practice is what’s known as reverse engineering, reversing, or cracking. Think of it as cracking open the program, rearranging it, and closing it up again. To do this you’re going to need a debugger. What, you can’t afford to buy one? No problem, go here:
OllyDBG: http://www.ollydbg.de/
Ollydbg is an extremely handy debugger. To learn to use it go to google again. I told you that you would become close to google. You also might want to begin learning ASM. Google it.
Another helpful cracking tool is a Hex editor. You’ll find the one I use at:
XVI32: http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm
Okay, you’ve hopefully learned some cracking, and a little bit about HTML, javascript, css, and assembly language (ASM) now. Good job, you’re well on your way, hopefully you’ve completed challenges on a few websites, without asking for too much help, and you’re probably getting more and more confident with your abilities.
Last, but not least, is a good password cracker:
JTR: http://www.openwall.com/john/
This one has a learning curve, so be prepared to spend a little bit of time just learning the commands. But, all in all, it is a great resource.
Well, there you have it, the beginning hacker’s toolbox. I’m sure that you’ll find many other tools that will be more appropriate for your purposes than some of the ones I listed, but I just wanted to give you an idea of where to start. The challenges on this website are really helpful. Here’s a hint, try to complete them without any help whatsoever. Try and try and try, and, only after you have become completely stumped, check the articles and forums – this is really to your benefit – it’ll strengthen your skills.
Lastly, don’t be afraid to ask for help. You’ll see it everywhere: everyone here has been right where you are now, and doesn’t mind lending a hand from time to time.
That’s it for now. I think I’ll work on a tutorial for some of the applications I’ve mentioned in this article. Please take a few moments and let me know what you think of this one.
Thanks, NetSurj
ghost 17 years ago
Some excellent points up here, quite a few i already knew about but others i didn't. Thank you, you are an inspiration to n00b's everywhere :)
ghost 17 years ago
Some excellent points up here, quite a few i already knew about but others i didn't. Thank you, you are an inspiration to n00b's everywhere :)
ghost 16 years ago
It's really great, I like everything you've said, everything, I enjoyed it and it helped me a lot, I'm starting to learn how to be an hacker (truly), I'm also doing computer science (school), I just want to thank you for this article!! B)
pt00 16 years ago
One of the greatest articles I've read for beginners. So funny and so helpful. 5/5
ghost 16 years ago
The article is great and this site is one of the best free resources I've ever gotten involved. Thanks a bunch!
ghost 16 years ago
This article is written in excellence. Good to add humor to things. A bit long but eh your going to be reading alot to learn.
ghost 16 years ago
This is one of the best articles I've read to help start out on (newbie here) however, I have this little problem. all of the symbols are not what they should be, instead of getting " or ( or what not I get tm symbols ae symbols and one that looks like perdomiter going from 00 to 90 pr something. can I get a message explaining this and possibly how to fix it? I'd much enjoy the information thats messed up ^^
ghost 15 years ago
I have the same problem as the guy above me, can anyone tell me how to get rid of those symbols?
Thanks
ghost 15 years ago
[img]http://www.metarl.com/index.php?referral=dameert[/img]
i have no idea… same here :(
ghost 15 years ago
I guess he wrote it in a word-document or something, using some non-ascii symbols.
When he copy-pasted from his document, and submitted his article, those symbols got converted to ascii.
Unfortunately theres nothing you can do about it.
southafrica1 14 years ago
Awsum article! I couldnt post a comment at first bcse i ddnt hav enough points, so i went nd completed a few challanges so that i could tel you how grateful i am for this article :D Thanx alot!
ghost 14 years ago
http://www.openwall.com/john/ this program caused a threat on my computer, my security program said a threat detected when the file was opened. Any ideas?