A stupid question

einax17 · Post by **einax17** » 06 Nov 2008, 01:28

So umm.. i want to 'hack' or.. 'deface'( i know its lame but.. i just want to try .. ive never hacked anything in my life

) a website or what ever..

And... I got their IP, open ports/services and.. Sql injections, Xss, RFI/LFI and google doesnt work.. what do i do now? and i dont want to DoS it

Im sorry i couldnt tell you the website.. because.. i dont have any targetted site..

Post by **ayu** » 06 Nov 2008, 01:45

Well, the best option is to setup a test server on your own computer, and maybe use some vulnerable version of PHPBB or PHP-NUKE or whatever, and then use known exploits on it. And maybe use a vulnerable version of the server as well, and try some exploits on that. Because as you said, it's lame to just randomly hack others sites/servers ^^

Even if it's fun as hell, it makes life a lot harder for someone else. If you want more tip on how you can achieve this, then just say and me or someone else, will supply you with some useful links to get you started =)

einax17 · Post by **einax17** » 06 Nov 2008, 05:06

ooh thanks..

Lyecdevf · Post by **Lyecdevf** » 06 Nov 2008, 08:27

Yeah, after you do a banner grab on the for said site try to create an exact replica of the site using a virtual machine. If you need any help with that PM me!

Post by **DNR** » 06 Nov 2008, 10:25

So umm.. i want to 'hack' or.. 'deface'( i know its lame but.. i just want to try .. ive never hacked anything in my life ) a website or what ever..

You have never hacked anything in your life? And you want to deface a website? Although my friends here are willing to help you learn - they forget to mention there is a ethical side to this topic. Hacking is not about destroying or defacing someone else's work. Hacking is a realm of learning and creating useful things, and defacing a website is not. Cracking, defacing, stealing copyright/personal data, or even just peeking at someone else's computer is considered black hat. It is just plain offensive to group hackers together with crackers.

Why don't you learn how to build a webserver or learn how protocols work, FTP, SMTP, SSH, PHP, HTML, Java - sort of the best way to learn how things are cracked.

Anyone can give you a tip on how to deface a webpage, but you'll never really know how it worked. Hence, you'll never be a hacker.

Welcome to the Forums.

DNR

Post by **bad_brain** » 06 Nov 2008, 14:43

exactly....if you don't know how to build a website or how to manage a server you will never get beyond the skiddie-level. hacking is all about learning how things work, it takes a lot of patience and effort, and you will be never done with learning (which is the most fun part imo).
people that want to "learn how to hack" just to destroy usually get annoyed very quick because they underestimate what it takes.

let's say you don't like your neighbor and you want to get revenge on him by destroying his nice new shiny car....the equivalent of a skiddie would grab a sledgehammer and beat on the car with it until the cops arrest him or the neighbor comes out with a shotgun in his hands.
but the equivalent of a hacker would get all info about how this car is built and learn how it works until he has found the weak spot of it...then he would sneak out at night and remove one little screw which will cause a nasty motor damage after a few days....

so if you are the latter type you can expect a lot of help and support here....

Nerdz · Post by **Nerdz** » 06 Nov 2008, 15:04

Start by reading some of our sticky post. Most of them will show you where/how to get the knowledge you need.

Nice analogie b_b

Still_Learning · Post by **Still_Learning** » 06 Nov 2008, 19:30

There are also wargame sites that you can practice hacking on without getting into trouble, such as hackthissite.org or enigmagroup

einax17 · Post by **einax17** » 06 Nov 2008, 23:53

i know 'HOW TO'... but ive never tried before..

and Ive never 'Learnt to Hack'

==EDIT==
Ok wait wait, Ive never said i want to 'hack' a random website to .. well, show off... and ive never said i want to 'hack' some huge companies.. i just want to .. 'TRY'.. umm like.. joomla something.. or some really old websites

Oh and.. HTS is .. kinda easy and ive done most of the level there, well MOST, not all

==EDIT 2==
I dont know why..but, im abit scared to.. i dont know why, so umm.. i need someone to .... tell me what to do next.. i dont even dare to TRY it.. i.. dont know ... why =(

Umm.. i.. am not a n00b

i know how websites/web servers work, SRSLY.. i know how SQL and.. PHP HTML Javascript works..

sorry for my bad english.. i.. ..

Post by **bad_brain** » 07 Nov 2008, 04:38

well, the set up a home server (best on Linux) and set up test sites on there with old and vulnerable joomla-, phpnuke-, etc, versions.
then try the usual stuff like SQL injections, XSS, RFI:
http://ha.ckers.org/xss.html
http://ha.ckers.org/sqlinjection/
http://en.wikipedia.org/wiki/Remote_File_Inclusion

DON'T try this stuff on sites without permission, the chance such attack attempts are logged are very high and this can lead to big trouble....that's why a home server is the best way to start...

einax17 · Post by **einax17** » 07 Nov 2008, 06:45

Yea thats why im scared to TRY..

Thx for the links

but ive already know those

Still_Learning · Post by **Still_Learning** » 07 Nov 2008, 08:22

Sounds to me, since you allready say you know what to do, that you just need to grow a pair of balls and do it

j/k

plus defacing sites is lame, unless it is a pedo site or a site which represents something very bad or evil

einax17 · Post by **einax17** » 07 Nov 2008, 18:59

Yeaa i know

Post by **DNR** » 08 Nov 2008, 10:43

EOF

DNR

suck-o.com

A stupid question

A stupid question

another skiddie?

This ain't IRC, one-liners SUCK!!!