Saturday 19 February 2011

Art of hacking 2 - spyd3rm4n's guide to hacking

Earlier I posted the spyd3rm4n's guide to hacking part 1 over HERE. This is the 2nd part of the guide. Enjoy the guide.

Part II

[0x01] Common_Knowledge
[0x02] How


Sub Common_Knowledge{
It is customary that a hacker know how to hack, but it is mandatory that a hacker know how to hide his/her ass.

You DO NOT want to get caught because:
A) I'm sure you don't want to pay that hefty fine.
B) I'm positive you don't want a criminal record.
C) You probably don't want to be put on probation.
D) You put everybody you have contacted on the internet within your past at risk of being caught.
E) You WILL be frowned upon as a terrible hacker. Everyone knows, you're dumb as shit if you get caught.
F) If you find any reasons why getting caught would be a good idea, please consider the following:
Go to the local gunshop.
Purchase a powerful weapon (remember, you don't want to screw this up.)
Purchase a small magazine.
Go home, place the clip into the weapon, take off the saftey and look into the barrel of the gun and email me back
the color that flashes inside the barrel when the trigger is pulled.
}

Sub How{
What are some ways you can hide your ass? Well, good question, but there are many answers.

I have to say, that the most common way for a person to hide their e-dentity is via a proxy.
Now, one problem with the proxies, is that anyone with common sense can find out your real IP. This is the start of Forensics.
The easiest way for a person to find your IP is the find the provider of the proxy, most like CDN (CoDeeN), seeing that they are
the largest proxy releasing company on the inet. Once they contact CoDeeN (who keep records of all IP's logged into their proxy
at all times), they can find your IP and with a simple whois, can come up with the location of you or your ISP. After that, it's just
a long talk between you and your ISP to find out your information. That's if there has been illegal activity and/or you caused some 
pretty hefty damage. ISP's can't release a persons information without a court order as that is an invasion of privacy. But there are
some loop holes in this system. I'm sure you have all read your ISP's fine print and Terms of Service correct? Well, it will most likely
contain something stating that hacking is illegal and that if caught, they can and will report you to the authorities etc.
Another reason is because of the easy PHP function, $_SERVER['HTTP_X_FORWARDED_FOR'] which can be used to grab your real
IP and/or block your attempt at viewing the site.

Another way of hiding your ass, which I suggest as a first part, because it is the easiest, is find a VPN. VPN stands for Virtual Private
Network. Large companies/businesses have these VPN's for their employees to operate on a local network (LAN) over WAN (Wide
Area Network). They will mask your IP with the IP that the VPN is setup on. I.E. My IP is 66.77.88.102 and the VPN IP is 24.12.21.64,
when I log into the VPN, my IP will become 24.12.21.64. This covers your IP over every protocol, it whoops Socks 4 and Socks 5 proxies
rearends. The one thing you have to worry about with a VPN, is that they too, if setup correctly, can log every IP that has used the VPN
at anytime of the day.

Now that the 2 most common ways of hiding your ip have been discussed. Let's not rule out some of the other ways. One being VNC tunneling.
This is the process of logging in to a remote administrative tool repeatedly on other servers.
Example:
Server 1 IP: 1.2.3.4
Server 2 IP: 1.2.3.5
Server 3 IP: 1.2.3.6

All servers have VNC running. I will then log into the VNC for Server 1, then I will use Server 1's VNC to log into Server 2, and repeat the process until
I am logged in on Server 3. This will hide my IP 3 times and make tracing it back even harder. But, once again, you've guessed it. It records everything.

Well, Since I'm getting pretty desperate here, why don't I go balls out?

I will hop on a VPN, then I will VNC tunnel into about 2 or 3 Servers, while logging into a VPN on each of those, then, finally, when I'm tunneled into
Server 3, I will put a VPN on, log into a Socks 4 proxy, put on a anonymous proxy, if I have to, even goto a well known web proxifying site that runs
a CGI or PHP built proxy to view the content needed. Now, picture yourself as that person who has to find your real IP. Yeah, it's gonna be a blast.
The only bad part about this is the fact that the more you log into, the slower and slower it will get. Best done on a high-speed line.

Finally, since this is a mini-book on hiding your ass, I might as well tell you that everything of anything on the internet is logged. Don't forget to clear them.
Example: SSH-
don't forget to rm -rf /var/logs*
}

- Credits : Kr3w of TheDefaced.