Is there any zone for discussing and asking about hacking techniques in codeproject?
-
I'm sorry but I said that "I like white hats", my purpose is training only. You said as if you know how to hack, so how did you learn hacking? Haven't you tried hacking any site in your life yet? Even for practice only? You are persuading me that you could drive a car even without getting into any cabin to learn how to drive before! I'm absolutely white and innocent. The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
King Boy wrote:
The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
As others have said, you do not practice this sort of thing on someone else's site. Apart from being a criminal act in most parts of the world if you are a beginner you do not know what you are doing and could do a great deal of damage. Set up your own site or use one of those set up for people to practice on.
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.” I wouldn't let CG touch my Abacus! When you're wrestling a gorilla, you don't stop when you're tired, you stop when the gorilla is.
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
Every invalid "hacking" questions could be turned around to be a more valid computer/system/code security questions. i.e. I want to hack into X system ? to How can I improve this code to prevent such intrusion ? But If you feel that a web site has a security issue, just contact the web administrator and tell them about it. see this : http://www.wired.com/magazine/2011/11/mf_soghoian/[^] M.
Watched code never compiles.
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
'Nuff said.
Software Zen:
delete this; -
I'm sorry but I said that "I like white hats", my purpose is training only. You said as if you know how to hack, so how did you learn hacking? Haven't you tried hacking any site in your life yet? Even for practice only? You are persuading me that you could drive a car even without getting into any cabin to learn how to drive before! I'm absolutely white and innocent. The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
King Boy wrote:
Haven't you tried hacking any site in your life yet?
Yes, I did, back in the BBS days. And no, I wasn't a "white hat" back then. End of discussion. Is it worth it?? Hell no. How did I learn how to do it? By playing by the rules and learning how everything should be done. There is no "practicing" this stuff in the real world as any attempt, even as "practice" as you call it is gambling with getting caught and arrested. Trust me, the jail time and fines are a huge price to pay for "practicing". If you want to practice this crap, setup your own sites off the 'Net and have at it.
King Boy wrote:
You are persuading me that you could drive a car even without getting into any cabin to learn how to drive before!
I did. Couldn't you??
King Boy wrote:
I'm absolutely white and innocent.
The law makes no distinction about what color hat you wear.
King Boy wrote:
The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
Sure! Go ahead and spend more and more time in a system. The long you're doing it the greater the odds of getting caught. If you really think the owners of the system you're screwing with won't care about what you're doing, keep at it. I'm sure they'll just turn a blind eye to you and let you keep distrupting their business for as long as you want.
A guide to posting questions on CodeProject[^]
Dave Kreskowiak -
King Boy wrote:
Haven't you tried hacking any site in your life yet?
Yes, I did, back in the BBS days. And no, I wasn't a "white hat" back then. End of discussion. Is it worth it?? Hell no. How did I learn how to do it? By playing by the rules and learning how everything should be done. There is no "practicing" this stuff in the real world as any attempt, even as "practice" as you call it is gambling with getting caught and arrested. Trust me, the jail time and fines are a huge price to pay for "practicing". If you want to practice this crap, setup your own sites off the 'Net and have at it.
King Boy wrote:
You are persuading me that you could drive a car even without getting into any cabin to learn how to drive before!
I did. Couldn't you??
King Boy wrote:
I'm absolutely white and innocent.
The law makes no distinction about what color hat you wear.
King Boy wrote:
The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
Sure! Go ahead and spend more and more time in a system. The long you're doing it the greater the odds of getting caught. If you really think the owners of the system you're screwing with won't care about what you're doing, keep at it. I'm sure they'll just turn a blind eye to you and let you keep distrupting their business for as long as you want.
A guide to posting questions on CodeProject[^]
Dave KreskowiakThank you! I don't want to be arrested. In fact the time when I can hack some vulnerable site is so far from now and that's really an unrealistic dream to me. Not easy to me at all, you can imagine that they will never have to care whether an ant can kill an elephant. That's exactly my case. Now I am still trying to become a good programmer. Thank you again!
-
I'm sorry but I said that "I like white hats", my purpose is training only. You said as if you know how to hack, so how did you learn hacking? Haven't you tried hacking any site in your life yet? Even for practice only? You are persuading me that you could drive a car even without getting into any cabin to learn how to drive before! I'm absolutely white and innocent. The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
Ok, let's set the record straight here shall we? The term hacker has for a long time had the wrong conotation and I'd like to correct a few misconceptions. First off, the negative individuals should be appropriately named crackers which are black hats (they break security). The white hats are called ethical hackers - lest we forget that personal computing started with individuals like Steve Jobs and Bill Gates, both of whom by appropriate definition were indeed hackers. A hacker essentially for all intents and purposes is a programmer. Captain Crunch was a cracker, he cracked the security of phone systems. Now, to get the appropriate training on becoming an ethical hacker, I strongly recommend that you attend the SANS institute workshop on Ethical Hacking. If you want to practice hacking on your own, fire up a virtual machine and have at it. Never attempt to try practicing on any system unless you have explicit written concent from the target or you are setting yourself up for a fall.
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
-
Hackers are the pond scum of computing. Is this really the course you want to follow in your life? To be reviled by your peers, to be shunned by society, to be hunted and treated as prey by your government...is that really what you want from life? We won't help you, if this is your goal in life. Go away. You're trash not worth providing the time of day to. Shoo... be gone. And may you die a horrible death - soon.
Will Rogers never met me.
Roger Wright wrote:
Hackers are the pond scum of computing.
Not every hacker is a scum. And the definition of a hacker is too blurry and with too many different beliefs to disqualify everyone. Many hackers out there are helping to improve security. Others disclosing vulnerabilities and some are doing the scum stuff. So please, hold on your words a little. This kid might not be starting right, but that doesn't mean you have to disqualify everyone. And kid, like others have said, if you found out a vulnerability it's your duty as a member of this proud community to report it to the site owner. Would you be happy if bad guys new how to get into your house through the back door? Would you be happy to have an unknown vulnerability to the safety of your home? Be responsible and report it. If you want to learn and practice, build your own web site in a vulnerable way and then you can explore its vulnerabilities the way you see fit, without the risk of being prosecuted or causing loss to anyone. There are plenty of books on security and web development that you can use to do things in the wrong way and explore that. Once you're a good hacker, use it to the benefit of the society. You can even earn some money that way, being a good kid. Edit: If you have missed it on CP's daily news, here is a fine example of a good Samaritan hacker: Hacking google for fun and profit.[^]
"To alcohol! The cause of, and solution to, all of life's problems" - Homer Simpson
-
Thank you! I don't want to be arrested. In fact the time when I can hack some vulnerable site is so far from now and that's really an unrealistic dream to me. Not easy to me at all, you can imagine that they will never have to care whether an ant can kill an elephant. That's exactly my case. Now I am still trying to become a good programmer. Thank you again!
Well... You never know... Curiosity and testing can take you far... "Hmm, I wonder what happens if I test a ' or 1=1 here..?" "Oh WOW!" "Hmm, I wonder what happens if I 'DELETE FROM..?" "Oh WOOOOW!... .... Oh SHIIIITTTT!!!!! I never imagined.... Oh shit, it worked..." I don't think there is any one formula to "learn to hack". If you're programming, and have an interest in securing your own work and a general interest in security... You start analyzing other's work... You find holes in your own work... And before you know it, you're there. Fun: Start with firebug, and find javascript insertion points in your target; ways to inject some code. Then create an iframe with javascript. Then load up some popular website and try to read input boxes. Then send the content of those boxes to some other page with a querystring. Abusing existing javascript functions on the page can also sometimes yield fascinating results. [..self censorship, was getting too evil for this website..] If all this doesn't sound like fun, then you will never be a hacker. It would be fun to have such a section in The Code Project. What's the harm of talking about it? Acting on it with malicious intent is something else...
-
He was also about as street-smart as the average house brick. He goes hacking through US computers looking for "secrets" immediately after the attack on the twin towers, and he expects them not to be annoyed with him? Pillock!
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
Obviously you are not aware that WTC was an inside job perpetrated by the Bush Administration to give an excuse to invade Iraq and introduce draconian legislation like the PATRIOT Act. :laugh:
Psychosis at 10 Film at 11 Those who do not remember the past, are doomed to repeat it. Those who do not remember the past, cannot build upon it.
-
I'm sorry but I said that "I like white hats", my purpose is training only. You said as if you know how to hack, so how did you learn hacking? Haven't you tried hacking any site in your life yet? Even for practice only? You are persuading me that you could drive a car even without getting into any cabin to learn how to drive before! I'm absolutely white and innocent. The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
Quote:
The reason I don't report the vulnerability to the webmaster is I don't want to loose a chance to practice what I have learnt.
So let's follow that trail where it leads. 1) Mr. A finds a vulnerability on Mr. B's web site. 2) Mr. A spends a bunch of time messing around on that web site trying out hacking techniques, mainly just to learn about security in the hopes that he can understand better what things to know and watch out for when administering systems. 3) Evil Mr. X also finds the same vulnerability on Mr. B's web site. He does malicious things. He also is more experienced, and leaves few traces of himself or his identity. 4) Mr. B discovers X's intrusion and studies server logs, which point him to...Mr. A, who can be seen all over those logs systematically testing the web site for vulnerabilities! 5) Police show up at Mr. A's house. Career and family fun ensue. Even a softer version is this: 4) Mr. B loses a lot of money at the hands of Mr. X, who exploited a vulnerability that Mr. A could have warned him about. 5) Mr. A lives with guilt for having used his neighbor's weakness for his own gain instead of giving him a heads-up that his back door was unlocked ahead of the thieves showing up. Bad idea all around. Set up your own system and try attacking that.
-
Obviously you are not aware that WTC was an inside job perpetrated by the Bush Administration to give an excuse to invade Iraq and introduce draconian legislation like the PATRIOT Act. :laugh:
Psychosis at 10 Film at 11 Those who do not remember the past, are doomed to repeat it. Those who do not remember the past, cannot build upon it.
Your name is Captain C Sharp and I claim my Five Pounds! :laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
start here :-D
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
Checkout www.sans.org... They're training is expensive, but some of the best I’ve found. They teach white, gray, and black hat hacking. This is one of the places governments go to learn hacking. No joke, I seen ICE and FBI agents attending! This year I found people from Hong Kong's police force. (Talk about :wtf: moments.)
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
Just set up your own server, you don't know you can have free virtual machine whit which you can play as much as you want? Take some vulnerable codes from the internet or write your own. If you don't know that you can setup your own virtual machine with any OS and server you want then STOP doing "hacking" right now and go back to school and do your homework!
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
I can't believe a software development forum would hate so much on a question like this. If you work for a dev company, theres a good chance your company hires a few of these "scum" to harden their product. Just a FYI, security is the most booming field in computers right now. Stop hating scrubs. To the author, setup a couple of different virtual machines and start plugging with metasploit or something.
-
I'm starting to study how to hack into a system (local and remote) and I have started with Sql Injection technique (the next is Cross-Site-Scripting) but it seems not to be easy to practice and that's why I need helps from others experienced. I have found a site vulnerable to Sql injection and I intend to use it for my Sql injection practices. Of course I like white hats more than others. Could you please help me? If there is no such zone in codeproject, could you please lead me to any other site? Wish you a merry Christmas. Thank you very much!
In Australia, they do teach computer security as an optional strand in university IT courses. It is a safer option (no police) and it is controlled (no damage). They teach you enough of the "bad stuff" so you hopefully can help business defend itself, but of course it is beginner territory. You still will not be able to walk out of uni and start mixing it with the military or hard core hackers. If you are still interested and you are a true white hatter not a mad hatter, get a job in a computer security firm. That way you have fun, get paid for it and stay out of jail. If you are any good at it, you will also be a benefit and not a curse.
