Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: unixthc.txt

How to become a Unix Hacker (Excellent reality check)




How to become a Unix Hacker
Author: van Hauser / THC

So you've decided to become a unix hacker but you don't know how to start? Before you really begin make yourself the
following absolutly clear: 

   1.Hacking is much work. It's not a playground for kids who just want to
     have 15 nice minutes. You must learn how to operater and program a
     system. You must research how they react and read sourcecode. It's a
     long and hard way - so be warned.

   2.Hacking is illegal. At least in most countries - only the netherlands
     and argentine come to my mind which hasn't got laws against hacking -
     so far! But be sure they will come. Even just to log on a system with
     an account which is not yours is a crime and can be punished. Once a
     judge spoke you guilty commiting a crime, it is put into your record.
     Your whole life might be ruined because there are only few companies
     who accept computer criminals as their employer.

   3.Hacking is time consuming. You can't just do hacking half a year, then
     making a pause of 3+ month and then getting back to it. The time runs
     fast in the internet. New unix releases, new bugs and new fixes. Once
     you are outdated with your exploit data you must beg your chummers to
     give you the new stuff, and if you do that too often they won't be
     happy about that.

     50+ % of the hacking time you spend are actual information gathering.
     Speak to other hackers, read mailing lists and newsgroups, watch good
     www and ftp sites.

But what is the motivation to actual do unix hacking? Thats up to you. You
want to become one, so think about it why you want to become one.
Forget movies like "The Net" or "Hackers" - that's NOT reality! Forget
dreams about being the hero, hacking the pentagon and becoming the sexiest
man, getting every girl and ending with a cool payed job in the security
company ;-) This is NOT what will happen - so make yourself clear why you
want to do it and what you expect. Can you imagine your mom crying when the
police come to arrest you?

Keep these warnings in mind. This is to make sure that you know what you
are doing and want to become. 

Note too that I wrote this fast guide only because I was asked that often
from many guys, even successful phreakers/blueboxers, "how can I hack unix
?" - and time after time I got tired. So here it is. Don't blame me for
incompleteness and mistakes - I don't care. Only the toughest survive - so
try to get as much as possible out of this text if you are really new.


                  |-------------------------- HOW TO START ----------------------------|

   1.Get Familiar with it - or - How can you win a rodeo without learning
     how to handle a horse?

   2.Get a unix distribution. Get Linux, FreeBSD, Solaris, Sinix etc. for
     your personal computer. Linux und FreeBSD are cheap and derived from
     BSD, whereas Solaris and Sinix are expensive and derived from Sys V.
     Tip: Get a linux distribution which has got a good handbook. You must
     learn how to operate your unix. Learn the basics, like changing
     directories, copy and delete commands and using the editor, first.

   3.Motivate yourself to actual USE unix. How to do that - thats up to
     you. Maybe use a database which is in your unix distribution, program
     something in C for your school/university, what ever, you must learn
     to really use unix.

   4.Get some books to help you. There are many out there, so just go into
     a good shop, best near an university, where the guys working there
     know what the good and the bad books for using unix are. I personally
     like the O'Reilly Nutshell handbooks much but dislike nearly all the
     Addison Wesley ones - but thats a personal opinion.

   5.Get a real internet account with PPP and/or shell access. NEVER do
     hack or exchange hacking info not encrypted with PGP with this real
     account of your own! Try to configure your unix pc to connect to the
     inet provider. Some rare but good Linux Distribution have got a
     handbook (yes - something printed!) where they describe how to do
     that.

Once you have followed these 5 steps and know how to operate unix (this
should take about 2-8 weeks) then you should move to the next step:


                  |------------------------ LEARN THE BASICS -------------------------|

   6.Get some good books about unix and internet security. The best I found
     is "Practical Unix Security" by Garfinkel and Spafford, 2nd Edition,
     O'Reilly. Learn what the basic security problems, holes and features
     are unix have got, and what mistakes people make.

   7.Try to get all the information and files you can find in the inet.
     Examine www and ftp sites and use search engines. Subscribe to
     important security mailing lists and read the newsgroups which might
     be important. Ask around on irc for good sites.

     Here is something to start:
          http://underground.org
          ftp://onyx.infonexus.com
          nntp://comp.security.*

          And of course the links on the Security & Hackerscene page ;-) 

          bugtraq mailing list ->
          email : listserv@netspace.org
          message body : subscribe bugtraq you-real-name 

   8.Read and Analyze your files and data - and don't just collect them. 

     Once words like "suid", "sniffer", "buffer overflow", "firewall",
     "rdist", "nis", "nfs" and "satan" aren't secrets for you anymore and
     you really know what they mean and their consequences for you - move
     on.


                  |------------------------- BEGIN HACKING ---------------------------|

   9.Get an account which isn't yours - try to get it from some hacker you
     know/met. Remember don't try to hack with your own account!

  10.With this account you can try to hack your first system. Try your
     exploits etc. But remember the articles "How to cover your tracks" so
     your first illegal account isn't history after the 1st time using it.

  11.Use ypx, remote sendmail exploits, insecure NFS exports etc. to get
     more hosts. You get very successful with this "old" stuff if you use
     big host lists and write/find scripts which automate the testing for
     you. But where can you find hostnames to build the host lists? Many
     possibilities. Try irc, /etc/hosts, www, statistical analysis data of
     the internet or www access etc. This should give you many hosts with
     accounts on.

  12.Install a sniffer if possible on the system and you hacked root. That
  will give you many accounts to new hosts

  13.try your exploit scripts. Finally some should work. Goto 12. 



                 |----------------------- BECOME A HACKER ---------------------------|

What - you already hacked some systems root - and you aren't a hacker yet - why that? A Hacker isn't someone who just
hacks a site, installs a sniffer and goes on. A real hacker is someone who wants to understand a system, know how it reacts,
has got fun seizing control over it and is interested in discovering bugs and inventing new tools. He's so to say the Columbus of
Cyberspace. 

  14.Try to get into touch with other hackers and exchange information,
     experiences, accounts, exploits and files.

  15.Watch the discussions on the newsgroups, mailing lists and irc. Try to
     read some important RFCs, learn C and begin to program tools of your
     own.

  16.Don't become "31337" - you know that you are cool and you don't need
     to convince everybody else of that fact. Behave normal and help others
     who are now asking you "how do I hack unix?" ...

     ... 

  17.Don't get tired. Stay in the scene, keep an eye on newgroups mailing
  lists and friends, don't stop hacking. Goto 17

  Yep - thats all from me guys ... that text should gag every newcomer's
  mouth. It was quick and dirty but it has got all it needs.


Ciao... 


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH