Anyone feel like helping me?

[323]

Posted this on /r/hacking, Hackforums (Don't ask, it was a last resort) and now I come to you, LG.

So, I know a ton about hacking, have read tons and books and tutorials and stuff on it, and have and know how to use most programs like Metasploit and Nmap and all of that. The only problem I'm running in to? I can't apply it. I would REALLY like to apply my skills to a real-world situation (aka, actually hack a server or computer or something) without it being something dumb like hacking a virtual vulnerable server, or hacking computers with something dumb like spreading a RAT. The problem I'm having is that all of the metasploit and hacking exposed books and online tutorials and everything like that assumes one key thing beforehand: That you have a server with some dumb super specific vulnerability.

So, I guess you could almost say that I'm just having a problem finding targets. I can never find any vulnerable targets, and all of the websites that I'm interested in hacking are locked down pretty good, no vulnerabilities to speak of. I know I'm going to get those dumb canned responses of "Just use google dorks, and an SQL or XSS vulnerability scanner or something!". The problem with google dorks is that the first like 100 pages of each dork are most likely all already hacked, as I've found that to be the case before. Unless you can find some new, 0day dork, google dorks leave you SOL.

So, how do you guys get practice/find targets/hack your first server/computer?

Thanks a ton.

[The Unintelligible]

TL;DR.

Please, no one pay this thread any attention. Just another "Flare" thread.

So, how do you guys get practice/find targets/hack your first server/computer?

Programming. Actually knowing what these things are and what they mean.

[GAMEchief]

Only read last two sentences.

Hack your own servers, bro. You should always be your first target. Hacking is not about learning to destroy. It's about learning to protect. Learn how to protect your data, how people can attack you, and in turn you learn how to attack others. Though you shouldn't. But at least you'll know how. The benefit, again, is being able to protect yourself. So attack yourself. You're your target. Good luck.

[The Unintelligible]

Hack your own servers, bro.

Oh god, now I know why I left this place lol.

[Stapled]

Hack Google.

[GAMEchief]

Oh god, now I know why I left this place lol.

You left?

[323]

And this is why I normally don't use LogicalGamers to actually find useful information. Unintelligible is always the first to reply, and normally their posts result in the off topic discussion that derails the thread, or the post just makes other posters not want to help me because they feel that if they do, they risk loosing respect in Unintelligible's eyes, or worse, pissing Unintelligible off.

It's quite annoying, but quite a good tactic if you ask me. And of course, instead of bringing the thread back on topic, I would rather debate The Unintelligible and question why they always derail my threads and refuse to help me.

Unintelligible's special brand of COINTELPRO at it's finest.

[Stapled]

Hack Facebook.

[ya bish]

Facebook pay people to hack them for 500 dollars. ._.

[The Unintelligible]

And this is why I normally don't use LogicalGamers to actually find useful information. Unintelligible is always the first to reply, and normally their posts result in the off topic discussion that derails the thread, or the post just makes other posters not want to help me because they feel that if they do, they risk loosing respect in Unintelligible's eyes, or worse, pissing Unintelligible off.

It's quite annoying, but quite a good tactic if you ask me. And of course, instead of bringing the thread back on topic, I would rather debate The Unintelligible and question why they always derail my threads and refuse to help me.

Unintelligible's special brand of COINTELPRO at it's finest.

Lol what. You have the wrong idea. I don't mind you or anyone else asking for help. I'm surprised you haven't figured this out yet, but it's typically threads of this particular GENRE that I don't condone.

When you've posted material about programming and such, guys like Artificial and me are usually glad to help you. Topics like this are the type of skid topics I don't approve of.

Like seriously, "how do i hax servers guise??!111" Does nothing seem wrong here to you? Read a book, study, program. Simple. But unspecific threads like this aren't the way to go.

This has nothing to do with me at all. And I doubt anyone really cares what I think lol. I'm not some all-knowing deity who controls everyone here. People I can think of here at the top of my head whuld oppose me without hesitation: Artificial, Isonyx, GAMEchief (but who cares about him, he's an idiot), etc.

NEVER hesitate to ask questions or for help, but I advise you to think twice about the content you post before you post it.

[GAMEchief]

the post just makes other posters not want to help me because they feel that if they do, they risk loosing respect in Unintelligible's eyes, or worse, pissing Unintelligible off.

Whoa, whoa, whoa. Hold the phone. People care about what The Uninteilingeble thinks?

I would rather debate The Unintelligible and question why they always derail my threads and refuse to help me.

Welcome to forums.

[Stapled]

Whoa, whoa, whoa. Hold the phone. People care about what The Uninteilingeble thinks?


Welcome to forums.

Welcome to The Junkyard.

[Isonyx]

The reason what he says discourages some people to reply isn't necessarily about what he says, it's because his replies are normally very technical and detailed, especially when it comes to programming. Other people are afraid to run the risk of posting and looking like an idiot.

It actually discourages people from talking about things they know nothing about. Which is always good.

On topic though, the issues you've brought up were the same ones I ran into when I delved into the field of ethical hacking.
Like GAMEchief was saying though, put some effort into securing your machine, and if I were you, I'd just branch out and learn the technicalities of hacking. Sure, you may know how to use Metasploit, but anyone can learn what exploits do and which ones are appropriate to use in what situation. I mean, with Armitage it's literally point and click hacking.
Instead try learning about how to write a buffer overflow exploit or something

Also try getting better at programming, strive for efficiency and perfect the way you design your applications.
There's so much more to do then just wasting time trying to exploit a machine.
After that little flurry of shits and giggles you get from thinking you're a hacker the thrill will be gone.
Invest your time in something that will last longer.

[The Unintelligible]

The reason what he says discourages some people to reply isn't necessarily about what he says, it's because his replies are normally very technical and detailed, especially when it comes to programming. Other people are afraid to run the risk of posting and looking like an idiot.

It actually discourages people from talking about things they know nothing about. Which is always good.

It isn't that either lol. Sure, I dislike charlatans (i.e. Personoid/GAMEchief) and try to correct them whenever possible, but in this instance that isn't really relevant.

I just generally condemn topics like this and I'll try to get that across as often as possible. To each his own, but Flare has made hundred of topics like this and I've grown weary of it.

That said, nice advice. Maybe this will satiate Flare for a while.

[ya bish]

Personoid is GAMEchief?

[The Unintelligible]

Personoid is GAMEchief?

No. Might as well be though. Both mediocre programmers/web developers, both pretentious, both dumb, both wannabe psychologists, both horrifically ugly, both pseudo intellectuals, around the same age range, etc. The list goes on.

Regardless, that was just an example. When I said "charlatan" those were simply the first two people to come to mind.

[ya bish]

Oh I misread the way you wrote it.

[GAMEchief]

Personoid is GAMEchief?

Oh shit the jig is up

[GAMEchief]

No. Might as well be though. Both mediocre programmers/web developers, both pretentious, both dumb, both wannabe psychologists, both horrifically ugly, both pseudo intellectuals, around the same age range, etc. The list goes on.

Regardless, that was just an example. When I said "charlatan" those were simply the first two people to come to mind.

This guy.

is 12

[ya bish]

Oh shit the jig is up

Its funny because that's one of Kendrick Lamar's song.

[323]

Lol, I was trying to ask for legitimate computer security help (I've tried and couldn't solve this problem on my own, so fuck it, I'll go back to android programming if I can't do this shit, I'll wait two months and ask again somewhere else) and this got super derailed. Why do you guys feel the need to constantly debate everything?

[The Unintelligible]

Lol, I was trying to ask for legitimate computer security help (I've tried and couldn't solve this problem on my own, so fuck it, I'll go back to android programming if I can't do this shit, I'll wait two months and ask again somewhere else) and this got super derailed. Why do you guys feel the need to constantly debate everything?

Android Programming sounds like a plan.

And this thread wasn't about security help. It wasn't related to security per se, it was about "hacking" servers which is unethical (depending on your purpose).

If you want to learn about that stuff, learn about the programming and security that this endeavor entails. But your question was more or less unspecific and wholly displeasing.

As per debating - wasn't debating anything; just insulting. No rebuttals, refutations or anything of the like was involved. I did it because I can.

P.S. Man I sound like a self-important douche right now. Reminds me of a few certain people. *Cough cough*

[323]

Android Programming sounds like a plan.

And this thread wasn't about security help. It wasn't related to security per se, it was about "hacking" servers which is unethical (depending on your purpose).

If you want to learn about that stuff, learn about the programming and security that this endeavor entails. But your question was more or less unspecific and wholly displeasing.

As per debating - wasn't debating anything; just insulting. No rebuttals, refutations or anything of the like was involved. I did it because I can.

P.S. Man I sound like a self-important douche right now. Reminds me of a few certain people. *Cough cough*

I got it to say "Hello World!" on the Android Emulator!

Haha but anyway, Android programming with Eclipse is actually pretty cool, I think I'm gonna stick with this for now. Who knows, maybe I could make a game or something if I get good enough. Now, to find out how to make buttons and stuff...

Also, why am I a self-important douche? lol

[The Unintelligible]

I got it to say "Hello World!" on the Android Emulator!

Haha but anyway, Android programming with Eclipse is actually pretty cool, I think I'm gonna stick with this for now. Who knows, maybe I could make a game or something if I get good enough. Now, to find out how to make buttons and stuff...

Also, why am I a self-important douche? lol

Nice, nice.

And I'm not referring to you lol. It should be obvious who I'm alluding to. GAMEchief being the primary person the statement is designating.

Edit: What Android emulator/SDK are you using? I could never find a good emulator to program on.

[323]

Nice, nice.

And I'm not referring to you lol. It should be obvious who I'm alluding to. GAMEchief being the primary person the statement is designating.

Edit: What Android emulator/SDK are you using? I could never find a good emulator to program on.

I figured it was towards GAME, but I wasn't positive.

I'm using what I believe to be the official Android SDK, it even comes with it's own version of Eclipse called ADT. I got it from here: Android SDK | Android Developers

It's been working really well so far, I enjoy it. And here's the page about the Emulator: Android Emulator | Android Developers

[The Unintelligible]

I figured it was towards GAME, but I wasn't positive.

I'm using what I believe to be the official Android SDK, it even comes with it's own version of Eclipse called ADT. I got it from here: Android SDK | Android Developers

It's been working really well so far, I enjoy it. And here's the page about the Emulator: Android Emulator | Android Developers

Yeah, I think this was the one I was using.

Much obliged. When I get back into development I'll probably be using this for Android app programming.

[323]

Yeah, I think this was the one I was using.

Much obliged. When I get back into development I'll probably be using this for Android app programming.

Oh that's cool, what are you thinking of making in terms of apps? I've been brainstorming ideas, but all I've come up with so far are games. I need to come up with a useful app that hasn't been made before, with useability and features that make it stand out.

[The Unintelligible]

Haven't thought of anything in particular. A couple of friends and I were just considering the possibility. (i.e. Gaia bots for the Android platform.)

[ya bish]

Could you post some tutorial links that could help me with the making of Android Apps (if you know any) ?

[323]

Haven't thought of anything in particular. A couple of friends and I were just considering the possibility. (i.e. Gaia bots for the Android platform.)

Oh, that reminds me of something. There's a patriot hacker named th3j35t3r (You can find him on twitter, @th3j35t3r) and he hacks jihadist websites. He develops his own tools, and made a really interesting DDoSing tool that goes through Tor, and worked extremely effectively. When something appeared on wikileaks that endangered troops' lives, he took it down. Half way through this attack, he had bragged that his platform of attack was a single 3G phone.

It just seems interesting, what if you could make bots/hacks/computer security tools/video game hacks that could run on a mobile phone? As long as they didn't have visual interface or something like that, we could do it infinitely fast, as there are now android phones that have four cores and stuff. Sending out thousands of HTTP requests and stuff, easy bot. As long as we have a minimal interface that just shows bot stats, it could be a great platform for botting. If people have unlimited data plans, they could run a bot 24/7 without even being on their computer. Or, you could take the side of some of the high-end Diablo III bots. They have apps on the android store and apple app store that allow you to monitor the bot running on your computer. You can view stats, items it picked up, gold so far, and even grab a screenshot from the bot.

Could you post some tutorial links that could help me with the making of Android Apps (if you know any) ?

Just google "How to make an android app", that's what I did. I found some really good tutorials on the actual Android Developer website. Other good tutorials are scattered around the web and youtube and stuff, just use google.

[The Unintelligible]

Oh, that reminds me of something. There's a patriot hacker named th3j35t3r (You can find him on twitter, @th3j35t3r) and he hacks jihadist websites. He develops his own tools, and made a really interesting DDoSing tool that goes through Tor, and worked extremely effectively. When something appeared on wikileaks that endangered troops' lives, he took it down. Half way through this attack, he had bragged that his platform of attack was a single 3G phone.

It just seems interesting, what if you could make bots/hacks/computer security tools/video game hacks that could run on a mobile phone? As long as they didn't have visual interface or something like that, we could do it infinitely fast, as there are now android phones that have four cores and stuff. Sending out thousands of HTTP requests and stuff, easy bot. As long as we have a minimal interface that just shows bot stats, it could be a great platform for botting. If people have unlimited data plans, they could run a bot 24/7 without even being on their computer. Or, you could take the side of some of the high-end Diablo III bots. They have apps on the android store and apple app store that allow you to monitor the bot running on your computer. You can view stats, items it picked up, gold so far, and even grab a screenshot from the bot.

The Jester is a skid lol. Anyone can DDOS, and anyone can deface/root unsecured websites. The tools he creates are horrendously written and pretty frivolous (at least that one "Lulz Sec Hunter" tool he made in PHP a while ago is).

Even Lulz Sec, who are ironically skids, called him out as a skid before when they highlighted the fallacies in the code he released.

Making a tool that sends a TCP/UDP flood through a Tor node is easy. Just pipe the requests/packets through a VPN or the Tor network. But keep in mind that using Tor isn't a completely safe procedure as the traffic can be sniffed and in turn analyzed. It's actually a bit pointless using Tor considering you can just use a simple proxy. And doing so through Tor should be marginally slower since it's a longer process.

And yes, you can. There is no such thing as a platform that isn't susceptible to some form of malware (as evident by recent Mac malware epidemics). That's why it's most important to try and secure your computer yourself and not rely solely on AV software. You could make programs as well since software can be made on pretty much any full-featured OS (and malware is a form of software, might I add).

But 1000x subsequent HTTP requests would do pretty much nothing to any server worth salt. And GUIs on Android shouldn't really bog down Android phones much.

All the stuff you mentioned are completely feasible to make. Good ideas though.

[GAMEchief]

It just seems interesting, what if you could make bots/hacks/computer security tools/video game hacks that could run on a mobile phone?

Controlling something from a phone isn't the same as it being carried out by the phone. He likely used an interface on his phone to send commands to an actual computer/server which performed the actions.

[Isonyx]

Making a tool that sends a TCP/UDP flood through a Tor node is easy. Just pipe the requests/packets through a VPN or the Tor network. But keep in mind that using Tor isn't a completely safe procedure as the traffic can be sniffed and in turn analyzed. It's actually a bit pointless using Tor considering you can just use a simple proxy. And doing so through Tor should be marginally slower since it's a longer process.
But 1000x subsequent HTTP requests would do pretty much nothing to any server worth salt. And GUIs on Android shouldn't really bog down Android phones much.

I could be wrong but I don't believe Xerxes or Saladin simply send a TCP/UDP flood over Tor to take down targets.
He's likely using malformed packets and web server exploits to carry out his "hits".
You wouldn't need 1000x requests because it isn't simply the volume of requests that takes down the target.

Oh, that reminds me of something. There's a patriot hacker named th3j35t3r (You can find him on twitter, @th3j35t3r) and he hacks jihadist websites. He develops his own tools, and made a really interesting DDoSing tool that goes through Tor, and worked extremely effectively. When something appeared on wikileaks that endangered troops' lives, he took it down. Half way through this attack, he had bragged that his platform of attack was a single 3G phone.

It just seems interesting, what if you could make bots/hacks/computer security tools/video game hacks that could run on a mobile phone? As long as they didn't have visual interface or something like that, we could do it infinitely fast, as there are now android phones that have four cores and stuff. Sending out thousands of HTTP requests and stuff, easy bot. As long as we have a minimal interface that just shows bot stats, it could be a great platform for botting. If people have unlimited data plans, they could run a bot 24/7 without even being on their computer. Or, you could take the side of some of the high-end Diablo III bots. They have apps on the android store and apple app store that allow you to monitor the bot running on your computer. You can view stats, items it picked up, gold so far, and even grab a screenshot from the bot.



Just google "How to make an android app", that's what I did. I found some really good tutorials on the actual Android Developer website. Other good tutorials are scattered around the web and youtube and stuff, just use google.

The thing about what you're saying Flare, is there are already hacking tools that have been released for various mobile platforms such as iOS, Android, and if I'm not mistaken Symbian.

Quad core processors don't enable something to run "infinitely fast", and even with quad core processors nothing sets a mobile device with a quad core apart from a desktop or a laptop with quad core processors other than mobility.

Either way though, what your purposing has and is already being done.
Look at some Android application development forums and see what you can find on automated hacking tools.

By the way, you can bot without being at your computer anyway, that's the beauty of automation scripts.