If anyone is looking for some books

[Taz]

I dont like reading.

[The Unintelligible]

I dont like reading.

y .

[323]

I dont like reading.

Why? It's how I learned how to program and hack and stuff, it's helpful o:

[The Unintelligible]

Why? It's how I learned how to program and hack and stuff, it's helpful o:

But you don't know how to program or "hack." Right now you're somewhere on the script kiddy border. If anything you're learning, but judging by your recent threads/questions I sort of doubt that as well.

[323]

But you don't know how to program or "hack." Right now you're somewhere on the script kiddy border. If anything you're learning, but judging by your recent threads/questions I sort of doubt that as well.

And since when have I posted anything about hacking here on LG? The closest I've ever come to it was posting a PHP backdoor that I had translated and updated a bit somewhere, but that was back when I was just experimenting with PHP. I just finished Chris McNab's Network Security Assessment, and I'm now reading Eric Cole's Network Security Bible. At the moment I've been learning about Network Security, because I already know most of what there is to know about web-based security, whether its XSS, RFI, SQL Injections, getting past file type uploading restrictions, etc, so I'm now refining my skill in true hacking, such as things like buffer overflows, utilizing current-gen exploits, DNS zone transfers, reverse DNS sweeping, SMTP probing, etc.

Sure, my programming skills might not be up to par with what is considered a true programmer's, but hey - I don't program much, and what I do program is just quick little stuff that I may use once or twice, and are either private for only me or are used by a few people at most.

[The Unintelligible]

And since when have I posted anything about hacking here on LG? The closest I've ever come to it was posting a PHP backdoor that I had translated and updated a bit somewhere, but that was back when I was just experimenting with PHP. I just finished Chris McNab's Network Security Assessment, and I'm now reading Eric Cole's Network Security Bible. At the moment I've been learning about Network Security, because I already know most of what there is to know about web-based security, whether its XSS, RFI, SQL Injections, getting past file type uploading restrictions, etc, so I'm now refining my skill in true hacking, such as things like buffer overflows, utilizing current-gen exploits, DNS zone transfers, reverse DNS sweeping, SMTP probing, etc.

Sure, my programming skills might not be up to par with what is considered a true programmer's, but hey - I don't program much, and what I do program is just quick little stuff that I may use once or twice, and are either private for only me or are used by a few people at most.

lol. I do believe you have long milestones to go in the world of computing. Simply reading books on the topic isn't going to help you much. "Knowing is not enough, you must apply; willing is not enough, you must do." -Bruce Lee

At best the most you've done is scratch the surface of what those things truly entail. Do you know what causes XSS holes? Do you know of any way to exploit them other than using pre-made queries (i.e. the traditional <script></script>)? Have you experienced hands on what causes stack overflows and things of the like? Most likely not. None of the things you mentioned are near significant.

Programming is a prerequisite to "hacking." Anyone who believes otherwise is not truly a hacker. To be a hacker you need to understand the ins and outs & nuts and bolts of these things. You also misuse the term "hacker." Hacking is any act of playful cleverness. Not the exploitation of security.

[323]

lol. I do believe you have long milestones to go in the world of computing. Simply reading books on the topic isn't going to help you much. "Knowing is not enough, you must apply; willing is not enough, you must do." -Bruce Lee

At best the most you've done is scratch the surface of what those things truly entail. Do you know what causes XSS holes? Do you know of any way to exploit them other than using pre-made queries (i.e. the traditional <script></script>)? Have you experienced hands on what causes stack overflows and things of the like? Most likely not. None of the things you mentioned are near significant.

Programming is a prerequisite to "hacking." Anyone who believes otherwise is not truly a hacker. To be a hacker you need to understand the ins and outs & nuts and bolts of these things. You also misuse the term "hacker." Hacking is any act of playful cleverness. Not the exploitation of security.

And when did I say I was using the term hacker as anything but? I enjoy this, and I do it for fun. I find attacking computer networks to be fun and entertaining, and I'm not even trying to be malicious. Yes, I know how to exploit XSS holes besides the pre-made queries like <script></script>. Using that is dumb - if anyone is looking at search history at all, they see that and they'll immediately know they have a hole, and patch it. I believe I know what causes XSS holes, but I'm not 100% certain. Yes, I know what causes stack and buffer overflows. You're trying to write too much data to something that can only hold too much, so the data ends up being written to the stack (Was that it? I believe it was something of that sort.)

I know a lot ABOUT programming, I just don't do it. As in, I know a fair amount about how computers and operating systems function. Just because I don't program doesn't mean I don't know how programming languages work, or what certain things do. You don't need to program to understand computer security and the internals of a computer. In fact, I would say it's the other way around. You should know all about the internals of a computer and its operating system and how they work before you even attempt to begin programming. Otherwise, you'll end up choosing an extremely high-level language just because it's "easy to learn", and all of your programs will run slowly because you'll have no idea how to optimize them to get them to run more like a low-level program.

Take Java for example. You don't have to do any explicit handling of memory or anything, and it's programs are run in a virtual machine. These two things combined make the language extremely high level, and a lot slower than a more low-level language such as C or C++.

[The Unintelligible]

And when did I say I was using the term hacker as anything but? I enjoy this, and I do it for fun. I find attacking computer networks to be fun and entertaining, and I'm not even trying to be malicious. Yes, I know how to exploit XSS holes besides the pre-made queries like <script></script>. Using that is dumb - if anyone is looking at search history at all, they see that and they'll immediately know they have a hole, and patch it. I believe I know what causes XSS holes, but I'm not 100% certain. Yes, I know what causes stack and buffer overflows. You're trying to write too much data to something that can only hold too much, so the data ends up being written to the stack (Was that it? I believe it was something of that sort.)

I know a lot ABOUT programming, I just don't do it. As in, I know a fair amount about how computers and operating systems function. Just because I don't program doesn't mean I don't know how programming languages work, or what certain things do. You don't need to program to understand computer security and the internals of a computer. In fact, I would say it's the other way around. You should know all about the internals of a computer and its operating system and how they work before you even attempt to begin programming. Otherwise, you'll end up choosing an extremely high-level language just because it's "easy to learn", and all of your programs will run slowly because you'll have no idea how to optimize them to get them to run more like a low-level program.

Take Java for example. You don't have to do any explicit handling of memory or anything, and it's programs are run in a virtual machine. These two things combined make the language extremely high level, and a lot slower than a more low-level language such as C or C++.

You're attributing the term hacking to security exploitation - hence your response when I said you don't know how to hack. You don't know how to hack because you're not really doing anything. Getting past file extension restrictions in uploading in vulnerable systems is not hacking. SQL injections are not hacking. XSS is not hacking. That all falls under cracking. You don't have to practice any genuine knowledge of those things to be a hacker. If you understand how those things actually work then you're closer to the definition of a hacker. Linus Torvalds is a hacker. Richard Stallman is a hacker. Even Mark Zuckerberg is technically a hacker. The list goes on. Is it because they're able to exploit simple security fallacies (and ones exclusively in web applications at that)? No. It's because they have a profound understanding as to how those things work. They're programmers.

You insult the hacker culture by suggesting you're hacking by "attacking" susceptible networks. For my sanity and yours, don't call yourself a hacker. You are not a hacker. It would take a day tops to understand what you currently know provided the right resources.

And no, that isn't what a stack overflow is. You write data that overflows the allocated buffer on the stack. Speaking of which, do you even know what a stack is? Please explain to me what a buffer even is, lol. And being able to search for queries go for anything (that includes anything that involves injecting or otherwise sending data from the client). <script></script> is just a simple way to diagnose XSS.

And yes, you need to understand programming to understand certain aspects of a computer (e.g. you probably don't understand ASM at all, so your understanding of the inner-workings of memory are probably limited). I also find it funny how you think you know how operating systems work internally. You've used Windows, right? What is the Windows API? What is OLE/COM? What is winsock? What are sockets, how do they work, and what are their purpose? What about Linux? How does the kernel function? What is its equivalent to the Windows API?

Right now you have a rather naive mindset and disposition on what hacking/programming truly is. You seem to think it's all easy. An example of your folly is the fact that you're seeking help on the subject of Gaia botting/packets. If you were legitimately a hacker you would already understand these things.

If you don't stop this at once you're going to have quite the rude awakening.