Should we learn hacking too?

[Tasty Champa]

xD
We could have master classes, bitcoin kits,
learn how to run metasploit with zero-day hakz!

I think the reason so many of us have gotten so upset, (besides just being upset because everyone's so suspicious and acting nutty) is because we don't know just how much there is under the surface of the facebook.
There is seriously cool stuff you can do with just iphones and androids, even wifi routers and of course your very own computer.

What we should do here is open up a hacking part of the forum to keep tabs on all the shit going on right this moment. pull this hive mind together we have created an focus it into a LAZER HIZE MIND.
We don't have to be afraid when we arm ourselves with the tools readily available to us at the end of our fingers. We can be proactive with super strength.

I would post a hell of a lot of info right now but I don't want to do that and get the thread deleted.
so I'm asking instead.

[1714044877]

1714044877

[1714044877]

1714044877

[1714044877]

1714044877

[1714044877]

1714044877

[1714044877]

1714044877

[1714044877]

1714044877

[beeph]

im mad cuz the hax0rs hax0r'd me b4 i could learn hax0ring and hax0r them first.
teach us the ways of the hax0r oh mighty hax0rl0rd
I'm afraid to learn hax0ring cuz u gotta go t0 a hax0r site that has a FPROT YOUR TARBALL script that instantly hax0rs your computer THRU A JAVA INJECTION and then automatically runs a gay walrus porn server on your computer and the FBI comes in with bazookas, seizing your computers.

PS i searched for LAZER HIZE MIND on yahoo and this thread came up #1 already indexed within 30 seconds lol

I also predict that new mt gox passwords will be longer than the hashes, else password rejected as insecure

password: 12iu1287fas90sdfouisdfoiuwejz93jlkjad93mlsafd9
hash:       j12j90asdfuoi1u29123912j1lk1291jl129j11jhr

sorry password is insecure, please include capital letters

[0x00]

Sounds like a good idea to me. I think we need a security part of forum. I see a bunch of topics about hacked accounts or stolen bitcoins pop up  every day. We need people to learn about security and for protecting yourself it may be useful to have some understanding of the possible attacks. So this security  board could have the hacking part as well as some vital information about protecting your wallet and your information in general.
 

[d.james]

I don't hack, I don't know how.
But after they Goxed me so many times I wish I took hacking classes.

[ikonic]

password: 12iu1287fas90sdfouisdfoiuwejz93jlkjad93mlsafd9
hash:       j12j90asdfuoi1u29123912j1lk1291jl129j11jhr

sorry password is insecure, please include capital letters

Its not just about the length... its the width that counts as well. don't let anyone tell you different

And if you aint packing upper and lower case, numbers and special characters, then you can't join the party

[allinvain]

now open: l33t k1tt3h h4x0r sk001!

[marcus_of_augustus]

yes, we need a btc foreign legion security hax force ... vigilantes welcomed.

forewarned is fore-armed ... "they" be coming first for the bitcoins

[RodeoX]

Hacking sure is different than back in the day. Now it's a synonym for vandal and thief. There was a time when a hacker was just a zelotous amature. Someone who did new things with their computer for the love of pushing the envelope. I miss the golden days of the phrack.

[lonestranger]

I think a thread(s) to discuss hacking is a good idea. I am interested.

[SirArthur]

H4x0Rz of the World, unite! For the lamers are already united... 

[PCRon]

I agree a security section would be a good idea. Until we get security under control Bitcoin can't go very far.  Well, they can go far from the owner.

[imperi]

I already know how to somewhat, but now I'm out of college and working full time, don't really feel like doing this.

[jgraham]

I'm willing to lend a hand.  While not a security expert IT security is part of my job.

I posted this elsewhere as an intro to how many exploits actually operate and are executed: http://www.amazon.com/Shellcoders-Handbook-Discovering-Exploiting-Security/dp/0764544683

[finack]

I guess I don't understand. Recommended practices for defensive security are pretty well known, I see them posted here all the time (more or less). Mostly you find intrusions have happened to people who either chose not to follow them or made a mistake. I can't imagine what you'd hope to gain by teaching a class in exploiting SQLi's, session cooking stealing or browser exploit kits except to encourage a bunch of new criminals or half assed vigilantism that would probably land the noobs in jail.

[cypherdoc]

yes, but a good defense depends on knowing your attackers offense.

[Capitan]

I am not interested in personally "hacking" anything. But I am interested in learning about how to do it in theory, just so I know what to protect myself from. Even though I try to follow security best practices as much as possible I get the sense that there is more I could be doing to protect myself. It also just seems like an interesting thing to know a little bit about.

[Tasty Champa]

This won't help you console cowboys, but you don't need any help anyway, but you can help.
Primary reasoning behind this is for everyone else to know what the others have access to.

before we really spike this, I want to talk about games first.

current games like
Hacker Evolution http://www.exosyphen.com/page_hacker-evolution.html
and
Uplink. http://www.introversion.co.uk/uplink/

these 2 games teach console and gui based hacking, with an underlying use of shell commands, proxies and TOR.
In my mind it's alright to post these 2 links, as these guys while I doubt they make much money are making games to sell, they are good games even on steam but we have to be careful about what we point to so it doesn't take down servers of people doing things for free, running them out of their own pocket.

web-based games too, teach how easy a web-coding mistake gets you and others into websites.

There are many of those, I don't want to recommend any one in any certain order, so I'm not going to post any. These would be best posted by people that know it would be okay to post or simply search for them.
"website hacking game"


Now that we have the beginner's stuff covered, and I didn't get banned, let's pierce the veil.

setup a VM.
http://www.virtualbox.org/

setup a proxy, level the playing field.
https://www.torproject.org/

Huge. Videos. Tools. Scripts.
http://www.securitytube.net/

HACK THE PLANET!
http://hak5.org/

more tools and scripts.
http://www.securityxploded.com/

scripts, tools, info, scary.
http://www.pentestit.com/

info, scary.
http://securityforthemasses.blogspot.com/

more tools, more info, more scripts.
http://esploit.blogspot.com/

download the ISO and run BT5 in virtualbox, choose gnome.
http://www.backtrack-linux.org/
once you setup the VM, and it is working with the net, run "apt-get update" then "apt-get upgrade".
Many tutorials for every aspect of this, however the linux community is huge and sometimes tutorials can become outdated, so make sure to check dates if something is not working.


Most of the above is going to look like jibberish to beginners, so I recommend the video games and web hacking games to get acclimated.
During this hak5 is quite an entrance into this, they have been sponsored by the US Airforce before. For anyone that doesn't know, the US Airforce is where they keep a lot of military hackers, can only really speculate as to who and what they are, however we can be sure they are military grade, with military grade tools. After that securitytube it's huge, mostly powerpoints and lectures... but there are some console screen recordings.

I'm gonna leave you now, because I know you are busy.

[Anduril]

People need to remember this: