How to become a Unix Hacker @ Matarese.com

Click here to find books related to 'unix'.

How to become a Unix Hacker Author: van Hauser / THC So you've decided to become a unix hacker but you don't know how to start? Before you really begin make yourself the following absolutly clear: 1.Hacking is much work. It's not a playground for kids who just want to have 15 nice minutes. You must learn how to operater and program a system. You must research how they react and read sourcecode. It's a long and hard way - so be warned. 2.Hacking is illegal. At least in most countries - only the netherlands and argentine come to my mind which hasn't got laws against hacking - so far! But be sure they will come. Even just to log on a system with an account which is not yours is a crime and can be punished. Once a judge spoke you guilty commiting a crime, it is put into your record. Your whole life might be ruined because there are only few companies who accept computer criminals as their employer. 3.Hacking is time consuming. You can't just do hacking half a year, then making a pause of 3+ month and then getting back to it. The time runs fast in the internet. New unix releases, new bugs and new fixes. Once you are outdated with your exploit data you must beg your chummers to give you the new stuff, and if you do that too often they won't be happy about that. 50+ % of the hacking time you spend are actual information gathering. Speak to other hackers, read mailing lists and newsgroups, watch good www and ftp sites. But what is the motivation to actual do unix hacking? Thats up to you. You want to become one, so think about it why you want to become one. Forget movies like "The Net" or "Hackers" - that's NOT reality! Forget dreams about being the hero, hacking the pentagon and becoming the sexiest man, getting every girl and ending with a cool payed job in the security company ;-) This is NOT what will happen - so make yourself clear why you want to do it and what you expect. Can you imagine your mom crying when the police come to arrest you? Keep these warnings in mind. This is to make sure that you know what you are doing and want to become. Note too that I wrote this fast guide only because I was asked that often from many guys, even successful phreakers/blueboxers, "how can I hack unix ?" - and time after time I got tired. So here it is. Don't blame me for incompleteness and mistakes - I don't care. Only the toughest survive - so try to get as much as possible out of this text if you are really new. |-------------------------- HOW TO START ----------------------------| 1.Get Familiar with it - or - How can you win a rodeo without learning how to handle a horse? 2.Get a unix distribution. Get Linux, FreeBSD, Solaris, Sinix etc. for your personal computer. Linux und FreeBSD are cheap and derived from BSD, whereas Solaris and Sinix are expensive and derived from Sys V. Tip: Get a linux distribution which has got a good handbook. You must learn how to operate your unix. Learn the basics, like changing directories, copy and delete commands and using the editor, first. 3.Motivate yourself to actual USE unix. How to do that - thats up to you. Maybe use a database which is in your unix distribution, program something in C for your school/university, what ever, you must learn to really use unix. 4.Get some books to help you. There are many out there, so just go into a good shop, best near an university, where the guys working there know what the good and the bad books for using unix are. I personally like the O'Reilly Nutshell handbooks much but dislike nearly all the Addison Wesley ones - but thats a personal opinion. 5.Get a real internet account with PPP and/or shell access. NEVER do hack or exchange hacking info not encrypted with PGP with this real account of your own! Try to configure your unix pc to connect to the inet provider. Some rare but good Linux Distribution have got a handbook (yes - something printed!) where they describe how to do that. Once you have followed these 5 steps and know how to operate unix (this should take about 2-8 weeks) then you should move to the next step: |------------------------ LEARN THE BASICS -------------------------| 6.Get some good books about unix and internet security. The best I found is "Practical Unix Security" by Garfinkel and Spafford, 2nd Edition, O'Reilly. Learn what the basic security problems, holes and features are unix have got, and what mistakes people make. 7.Try to get all the information and files you can find in the inet. Examine www and ftp sites and use search engines. Subscribe to important security mailing lists and read the newsgroups which might be important. Ask around on irc for good sites. Here is something to start: http://underground.org ftp://onyx.infonexus.com nntp://comp.security.* And of course the links on the Security & Hackerscene page ;-) bugtraq mailing list -> email : listserv@netspace.org message body : subscribe bugtraq you-real-name 8.Read and Analyze your files and data - and don't just collect them. Once words like "suid", "sniffer", "buffer overflow", "firewall", "rdist", "nis", "nfs" and "satan" aren't secrets for you anymore and you really know what they mean and their consequences for you - move on. |------------------------- BEGIN HACKING ---------------------------| 9.Get an account which isn't yours - try to get it from some hacker you know/met. Remember don't try to hack with your own account! 10.With this account you can try to hack your first system. Try your exploits etc. But remember the articles "How to cover your tracks" so your first illegal account isn't history after the 1st time using it. 11.Use ypx, remote sendmail exploits, insecure NFS exports etc. to get more hosts. You get very successful with this "old" stuff if you use big host lists and write/find scripts which automate the testing for you. But where can you find hostnames to build the host lists? Many possibilities. Try irc, /etc/hosts, www, statistical analysis data of the internet or www access etc. This should give you many hosts with accounts on. 12.Install a sniffer if possible on the system and you hacked root. That will give you many accounts to new hosts 13.try your exploit scripts. Finally some should work. Goto 12. |----------------------- BECOME A HACKER ---------------------------| What - you already hacked some systems root - and you aren't a hacker yet - why that? A Hacker isn't someone who just hacks a site, installs a sniffer and goes on. A real hacker is someone who wants to understand a system, know how it reacts, has got fun seizing control over it and is interested in discovering bugs and inventing new tools. He's so to say the Columbus of Cyberspace. 14.Try to get into touch with other hackers and exchange information, experiences, accounts, exploits and files. 15.Watch the discussions on the newsgroups, mailing lists and irc. Try to read some important RFCs, learn C and begin to program tools of your own. 16.Don't become "31337" - you know that you are cool and you don't need to convince everybody else of that fact. Behave normal and help others who are now asking you "how do I hack unix?" ... ... 17.Don't get tired. Stay in the scene, keep an eye on newgroups mailing lists and friends, don't stop hacking. Goto 17 Yep - thats all from me guys ... that text should gag every newcomer's mouth. It was quick and dirty but it has got all it needs. Ciao...