Thursday, 29 January 2015

Becoming a hacker

Advice for starting out.
 
 
This is some advice to new aspiring hackers who are just starting out and trying to learn. I get a lot of people contact me especially from hackforums.net who like my tutorials and want some help over Skype (Skype: frostyhacks).
 

Agenda

First of all and most importantly, drop the agenda. More than 90% of the people who are contacting me have an agenda, they have someone they want to hack for some reason, they're learning not for the sake of gaining a deep understanding of how to hack but because they want the smallest number of steps to achieve their goal.
 
If you're new to hacking and your intention is to jump straight into doing illegal things and you have little knowledge then you're more than likely going to get into some serious trouble with the law. Hacking often isn't the hardest part, doing it safely and anonymously is a lot harder, picking on specific targets and remaining safe is something you should consider 6-12 months down the line.
 
You also need to get some perspective on the situation. Almost all hacking techniques are opportunistic, by that I mean vulnerabilities aren't something that always exist, you can test for them and if they exist you can exploit them, if they don't exist you have to move onto the next vulnerability. If you spend weeks learning SQLi and test your targets website, there's a good chance they won't be vulnerable to it. You may need to learn several different methods of attack before you find one that works. It's possible you may never be able to attack directly, some systems are just too secure.
 
If you're starting with an agenda then you may be extremely disappointed to know that after all that effort you still can't do it. It makes more sense to learn to hack because it interests you, if you just trying to learn to hack to get revenge on some one then just pay someone else to do it for you. You wouldn't bother to learn how an entire car works in order to fix a problem with your car, you just take it to a mechanic.
 

Manage your expectations

This is very important. Most people contacting me need a massive shift in their expectations with the time and effort it takes to get good at hacking. You're not going to blow through an SQLi guide in a few hours and be hacking like a pro, following instructions is not the same as learning! Computer hacking in my opinion is largely knowing more about security than your target, that means being smart, it means being educated and the path to that goal is to spend a lot of time learning and practicing.
 
If you're consumed with trying to meet your agenda of revenge then you're probably trying to blow through a tutorial or guide as quickly as possible and getting stuck and confused and probably extremely frustrated. If this sounds familiar you need to stop for a moment and re-adjust your expectations - you won't be hacking in a few hours or days, you need to consider that you'll spend weeks or months at getting good at a handful of disciplines.
 
If you're hopelessly lost on advanced tutorials then you'll have to go back and learn the basics first and I generally advocate this in my guides, you need to learn some JavaScript before you can do XSS and you need to learn some SQL before you can do SQL injection. Again with the car analogies, it'd be like trying to learn to tune your engine without first knowing what the components are and how they work.
 

Help yourself

Start learning to help yourself, don't rely on hand holding, go out and search for guides and tutorials in the types of hacking you want to do and be proactive. When people contact me for help one of the biggest factors as to how much help I give is down to how much work or effort you've done yourself.
 
If person A contacts me as says, "I've followed your guide and it makes sense but I'm stuck at step number 7, and I've tried X and I've tried Y but I don't quite understand" then I'm likely to help that person as best I can.
 
If person B contacts me and says "I've read your guide but I don't really understand it, can you  teach me?", my answer is going to be no. You've made no effort to learn yourself, if you need help with step 1 then you'll need help with all the steps and I'm not tutoring someone in hacking, at least not for free.
 
Demonstrate that you've made an effort to figure it out when you're stuck and if you still cannot figure it out then I'm happy to help explain specific steps or where you're going wrong.
 

Summary

Don't bother asking me for help if:
 
1) You're new to hacking and only want to learn to screw with someone.
2) You're frustrated and angry because you're stuck after only a few minutes
3) You've made no effort to help your self or work it out.

2 comments:

  1. Thank you this encourages me to do the hardworks

    ReplyDelete
  2. Gears me up to rock.. nice guide

    ReplyDelete