Tutorial DISCLAIMER: This page is soley for informational purposes. I in no way encourage any sort of illegal activity, and any actions taken upon the reading of this document are not my responsibility. If you don't agree with this, leave. How Can I Become a Hacker? It seems that more and more people every day ask this question on newsgroups, through email, and in chat rooms. There is no simple answer, since everyone must follow their own path. But there is one thing that you must have to even fathom reaching hacker status: determination. You must be willing to find information and to teach yourself. You can't rely on others, and you can't rely on school. Typing class will get you nowhere. One document isn't going to give you everything you need to know. We're talking volumes of information and understanding, not a couple kb of step-by-step instructions. This tutorial isn't intended to provide all the information necessary, but instead to push you in the right direction. Getting Help Now it's true that there are thousands upon thousands of "hacker" web pages on the internet. If you ever tried to email one of them, one thing certainly becomes evident- a lack of knowledge. See, anybody can put together a web page, taking links, text files, etc. from others, pick a handle, and call themself a hacker. They might be able to give you the URL to the latest warez page, but ask for help on writing a shell script to exploit a bug and you'll be sorely disappointed. Sure, there are a few genuine hackers out there, and if you manage to find them you could ask them for help. But then you'll end up depending on someone else for everything. A hacker must be self-providing. A Few More Necessities It's important to accept that you will be under some fire from others who hear about your interest in becoming a hacker. It's to be expected: you are trying to become part of a minority that is hated by the general public because of bad sterotypes, (see Hype and you therefore must be willing to put up with some negative comments and judgemental people. Finally, one must be humble to become a hacker. It's absolutely necessary to admit that you know a fraction of a percent of what there is to know about computers in order to have the drive to learn more. Ever notice how people with big egos usually are morons? Guess why? If you think you know everything, why should you bother to keep learning? A hacker has an unsatiable thirst for information. They are obsessive about something, be it the phone networks, the internet and computers, or whatever. That is why a hacker constantly craves for more and more information. So you need free time to devote to learning. What should you learn about? Taking the First Steps A misconception about hacking is that you have to be a programming genius. That's untrue. Sure, the more you know the better, you -do- definitely need to know some basic shell scripting and C. Here's what I believe is most essential in understanding computer hacking: First, you must learn about the UNIX operating system. UNIX is one of the most commonly used OS on internet servers. Accessing a UNIX system via telnet or a terminal client is not going to present you with a nice graphical interface- it's text based like DOS. No graphics, no frills, just a simple and extremely efficient operating system that was way ahead of it's time when first designed. Of course one can set up X-Windows on UNIX machines and run a huge variety of graphical applications, but that is irrelevant to this discussion. You need to have a hardcore understanding of the operating system. Knowing how it works in detail is essential. Source code is freely distributed for UNIX and its variants, so you should even study that. Buy books, search the internet, get information from whatever sources you can. Just be able to use UNIX like you've used it all your life. A lot of people skip the basics and think they only need learn about the security measures of the operating system. That is futile. How can you break into a system if you don't understand how to use it for rudimentary tasks such as switching directories, listing files, seeing who is connected, etc. Furthermore, as I mentioned before you need to be experienced with shell scripting. The better you are at that, the more accomplished hacker you'll become. Knowing a little C is also imperative, since you'll need to code overflows, some socket programming if you want to do spoofing and fragmentation attacks, etc. Once you know the fundamentals of UNIX, learn about it's networking functions- primarily with internet protocols. It is essential to understand how computers communicate with one another through the internet. The next step is to specifically learn about security on UNIX systems, which includes permissions and firewall design. Again, all of this information can be found in those magical things called books. Now that you have a total understanding of UNIX systems, you can start to understand how to get around security on them. There are many archives on the internet discussing the latest bugs, such as bugtraq, and 8lgm.org . Start to keep a mental track of flaws in various services and daemons so that when you inspect a system they will come to mind. The Psychology of Hacking It's important to understand how the human brain works in other people. To get an idea of how to compromise a computer's security, you must step into the administrator's mind and think how you'd secure the system if you were in charge. You must also take into account that most people are stupid, and this comes in handy if you're trying to figure out passwords. Use common sense. Never Stop Learning Don't stop there. After you've got networking and UNIX down, keep learning more. What's left? VAX/VMS, which is yet another operating system found on some internet connected computers. You can start exploring the world of cryptography (which is suicidal if you hate math). Keep up to date on the newest developments in technology. Put simply: learn everything you can every day. Making the Connection I get asked one question VERY often by newbies: "How do I connect to a system?" or "How do I use telnet?" To explain some basics: You can connect to any internet linked machine with a Telnet program. Most programs default to the telnet service when you connect to a machine. For example if I run my program and connect to xyz.com, it will connect me to port 23, the telnet port, of xyz.com. Telnet simply is a way of using a UNIX terminal as if you were sitting at one. Imagine dialing up a DOS machine and getting a C:\> prompt. It's essentially the same thing. When you learn about UNIX you'll see that it has other services (also known as dameons), and you can use a telnet program to connect to many of them. Where can you get such a program? Go to www.tucows.com, they have a whole slew of them. If you can install a UNIX variant such as Linux on your computer, I strongly suggest you do so. This is the best way to learn the operating system. Furthermore, Linux has excellent utilities that come standard, such as the GNU C compiler. I'd also like to address one common mistake newbies make when learning from text files. Do NOT confuse TELENET with TELNET. Telenet is a huge network of servers, now also known as SprintNet. It has a special operating system, and is accessible by dialing access numbers with a Terminal program. Once connected you can access different servers by their NUA (Network User Address). Hacking through networks like SprintNet/Telenet is somewhat of an risky practice, mainly because it's so much easier to trace: you're dialing directly into the network from your home phone line. Then again, a server can just record your IP address if you connect to it through the internet, and use the ident client to possibly get your username from your ISP. How Not To Get Caught The one mistake probably every busted hacker makes is that he/she became too cocky and/or popular. Don't start shouting about being a hacker in school. Trust as few people as possible. The less people that know you're into it, the better. Don't do moronic things like hack from your own home to some high-security system. Although this method is now rather out-dated since there are easier ways to hide your identity when hacking over the internet, people used to use acoustic coulpers and hack from payphones. It's getting difficult to find a coupler these days. There are many ways to make it harder to be traced when hacking internet connected systems. One is to go through several servers with telnet access before hitting your target. This will make it much harder to trace you. Try to connect to international sites. Use more or less intermediatary links mattering on the level of hack your doing. NEVER hack a government institution, you WILL get caught and WILL go to jail. Don't be stupid and think you're too good to get caught. NEVER talk about hacking accomplishments on the phone, especially a cordless. You never know who is listening. Encrypt your email messages. Be a little paranoid. The more paranoid you are, the less chance you will get caught. Last but Most Important I always say that knowledge is only half of what makes up a hacker. The other part is ETHICS. You can be a total genius but if you don't have them, you're on the same level as a criminal. Every hacker has an ethical code. You can check mine out- click here Don't become a virus spreader or warez collector. The media already has field days with them, and the last thing the internet needs are more. Those people aren't true hackers, for they hold no ethics. Further Reading A fellow hacker named Revelation has written an excellent tutorial on how to start hacking, and I strongly recommend you read it. Like myself, he holds to the true hacker ethics, the old school way. Check out "The Ultimate Beginner's Guide to Hacking and Phreaking." , and also read another doc by him "How I Knew when I was a Hacker" Be sure to visit Texts, a virtual library of security data, and Dictionary, a glossary of hacking and security terminology. You might want to see the Products section as well- it contains many excellent books and CDs filled with useful information. And most importantly, go to Linux and get a copy of the OS on your system. Good luck and start learning. Remember to RTFM Feel free to distribute this as long as credit is given to me.