computer info powershell image
neenee
Okay. I have googled this question and looked through numerous pages and even searched this question on yahoo answers.
but none have helped me start.
I am just someone who has an interest for computers, i am 14 and i want to learn the skills of hacking and i hear that you need to learn programming before you learn hacking or you'll become a script kiddie.
I want to learn completely online because i don't have alot of money to buy hacking books and cds.
I'm pretty clueless when it comes to computers, and about all i know on hacking is that there are white hat hackers, and black hat hackers.
I want to start learning now, so that by the time i'm out of highschool i'll be good enough to major in computer science, and pursue a career in programming and hacking or something.
I've heard that you need to learn C, C++, Python, Perl, Java, etc.
What's the difference between C and C++? Which one should i start with, and in what order should i learn?
I know nothing at all about computers besides how to use one.
When i say i'm a beginner i really mean it, so if you have any websites, make sure they start from scratch the way beginning.
I have no idea where to start because i am just that clueless in it. No clue. I've scanned through the eHow "How to be a hacker" and that's the only reason why i know what python is.
But truly i have no idea what those languages actually are and i can't find a website that actually defines all of this, a website that can change a regular person who knows very very little to nothing about computer to someone who is knowledgable in it.
I want to learn to be so well that someday if i get a virus, that i will be able to stop it on my own.
I've also heard about the little hacking challenge websites they have?
i'd like to learn about those to and make even excel so much i'll be able to play one one day.
Can somebody help me? Because i really know nothing about this topic and need a website where it gives the whole nine yards, beginning to end about all you need to know on hacking and programming.
And please give me safe sights, i sound naive when saying this, but i always am a little cautious clicking on how to learn hacking websites because--it might be an infected website!
but feel free to post SAFE websites and please help me out because i know NOTHING and want to know about it. I want to be able to know hacking and programming like the back of my hand.
where to start and what order to go in with the languages----everything.
Please help!
Answer
I will try to give you good general answers on some ways to proceed in an IT career in Computing Security. Hacking is a tiny part of the Computing Security subject area and for every person doing Ethical Hacking to help secure systems, by locating vulnerabilities, there are many other people, probably 100s, who are doing Computing Security work. So I would encourage you not to get too hung up on hacking as it is such a small part of Computing Security.
TV shows have tended to glorify various computer careers and created a lot of misconceptions about working in IT. When you mention writing computer code and hacking, it usually means you have been watching TV or movies. Most programmers who create computer code are not involved in hacking as a part of their job. Sometimes on TV one brilliant but crazy anti-social character is shown doing coding, hacking into systems, doing computing security and a bunch of other IT activities. In reality these persons and jobs, as portrayed, don't exist. Computing professionals are well educated, professional, carefully trained and cautious.
Your desire to get into Computer Programming is a good decision and will give you a good career. The first requirement for most IT employment is a Bachelors 4 year college degree. If you go out and look at job postings for computer programming job positions you will see most jobs require the 4 year Bachelors and a few will accept a 2 year Associates degree. Most students interested in programming will major in Computer Science. In most colleges this is the degree where these programming courses are taught. Also, Computer Science will typically have advanced math courses included. If you are poor in math then this major will be pretty difficult to impossible for you.
As far as self-studying computer code and programming you can pick up books or search on the internet under "Beginning Programming Languages" or "Learning Programming Languages" and, of course, there is even a Dumbies book on programming. Just to start out I would get familiar with PowerShell and Perl. PowerShell will install on most Windows operating system computers and may already be on yours at home. Perl is a freebie and there is a lot of free online info on both of these languages. If you go on with Computer Science and Programming you will be learning many languages.
Learning hacking techniques is a whole different question and there are black hat web sites where you can learn these techniques and tools. As a computer professional who works in the Computing Security realm, I try to be aware of the tools and techniques from the point of view of detecting and defending against them but that is all. Going out and hacking into other people's systems is not something that you want to do lest you create unintended problems for yourself and others.
Let's say just for fun you go download some software that allows you to intercept wireless network info as you sit at a table at the local Starbucks. While you are watching the tool you capture the username and password for someone's bank account they are entering to check their balance. You go home and text a friend at school on what you did, all proud of yourself. A few hours later your friend's big brother and some of his very big pals come over to your house to tell you that you are now working for them and no longer going to school. If you don't want to give them 10 username and password combos for bank accounts every day they will break your mom's legs or your dad may have an accident driving home from work. This is not fun and games.
On the professional side of things there are beginning to be courses and certifications available for ethical hacking (CEH certification) which is used to legally perform penetration and vulnerability tests on systems.
Generally, if you are interested in Computing Security and Ethical Hacking you would want to start taking computer courses in high school. If they have programming course available then take those but if they have only Microsoft Office courses available take all of those too. You will want by your junior year in high school to be taking programming courses. Sometimes high schools will have agreements with local junior colleges so you can take classes over there for HS credit. If your high school has a computer club you need to be a part of that too.
If you turn out to not like programming and math then look towards a Computer Information Systems (CIS) degree like I have which will have less of a programming and math emphasis. The CIS degree will still allow you to work in the Computing Security area.
Best wishes!
I will try to give you good general answers on some ways to proceed in an IT career in Computing Security. Hacking is a tiny part of the Computing Security subject area and for every person doing Ethical Hacking to help secure systems, by locating vulnerabilities, there are many other people, probably 100s, who are doing Computing Security work. So I would encourage you not to get too hung up on hacking as it is such a small part of Computing Security.
TV shows have tended to glorify various computer careers and created a lot of misconceptions about working in IT. When you mention writing computer code and hacking, it usually means you have been watching TV or movies. Most programmers who create computer code are not involved in hacking as a part of their job. Sometimes on TV one brilliant but crazy anti-social character is shown doing coding, hacking into systems, doing computing security and a bunch of other IT activities. In reality these persons and jobs, as portrayed, don't exist. Computing professionals are well educated, professional, carefully trained and cautious.
Your desire to get into Computer Programming is a good decision and will give you a good career. The first requirement for most IT employment is a Bachelors 4 year college degree. If you go out and look at job postings for computer programming job positions you will see most jobs require the 4 year Bachelors and a few will accept a 2 year Associates degree. Most students interested in programming will major in Computer Science. In most colleges this is the degree where these programming courses are taught. Also, Computer Science will typically have advanced math courses included. If you are poor in math then this major will be pretty difficult to impossible for you.
As far as self-studying computer code and programming you can pick up books or search on the internet under "Beginning Programming Languages" or "Learning Programming Languages" and, of course, there is even a Dumbies book on programming. Just to start out I would get familiar with PowerShell and Perl. PowerShell will install on most Windows operating system computers and may already be on yours at home. Perl is a freebie and there is a lot of free online info on both of these languages. If you go on with Computer Science and Programming you will be learning many languages.
Learning hacking techniques is a whole different question and there are black hat web sites where you can learn these techniques and tools. As a computer professional who works in the Computing Security realm, I try to be aware of the tools and techniques from the point of view of detecting and defending against them but that is all. Going out and hacking into other people's systems is not something that you want to do lest you create unintended problems for yourself and others.
Let's say just for fun you go download some software that allows you to intercept wireless network info as you sit at a table at the local Starbucks. While you are watching the tool you capture the username and password for someone's bank account they are entering to check their balance. You go home and text a friend at school on what you did, all proud of yourself. A few hours later your friend's big brother and some of his very big pals come over to your house to tell you that you are now working for them and no longer going to school. If you don't want to give them 10 username and password combos for bank accounts every day they will break your mom's legs or your dad may have an accident driving home from work. This is not fun and games.
On the professional side of things there are beginning to be courses and certifications available for ethical hacking (CEH certification) which is used to legally perform penetration and vulnerability tests on systems.
Generally, if you are interested in Computing Security and Ethical Hacking you would want to start taking computer courses in high school. If they have programming course available then take those but if they have only Microsoft Office courses available take all of those too. You will want by your junior year in high school to be taking programming courses. Sometimes high schools will have agreements with local junior colleges so you can take classes over there for HS credit. If your high school has a computer club you need to be a part of that too.
If you turn out to not like programming and math then look towards a Computer Information Systems (CIS) degree like I have which will have less of a programming and math emphasis. The CIS degree will still allow you to work in the Computing Security area.
Best wishes!
When a Hacker as exploited a machine and has remote command line access, What Do They Usually Try To Do Next?
Programmer
PLEASE READ THIS FIRST!!
So I have been studying malware etc. I know a decent amount about computers and programming. Lately I have been looking at sites from malwaredomains that have remote Java exploits so that when you visit the site it spawns back a listening command shell which is connected to by the attacker somewhere.
You can even see it running cmd.exe and connecting back to the attacker; i.e. some random IP. Of course unsuspecting people visiting that page would have NO IDEA what was happening to them. Of course I do this in the safety of an ISOLATED MACHINE ON VIRTUAL BOX, I have a malware study set up in my box to test what the criminals on the net are up too next.
To the point however, what good does remote command line access really do? I know hackers try to use the access they have attained to get MORE ACCESS, so one thing they could do for instance is use the type command to read text files on your computer, but as long as you haven't stored any passwords in text files what could they really do?
Sure they could try to be malicious and rename files but they couldn't really steal any of your files could they? If they tried to use the build in ftp in Microsoft THAT WOULDN'T WORK since ftp.exe is it's OWN program so they would have to connect to that but they only had their one shot and only have as much access as cmd.exe ITSELF gives them not ftp.exe.
I thought about how they might try to use net commands like net share net use, etc. etc. but those would only work in rare cases and only work on the local area network.
I'm sure the brilliant hackers out there have found out all kinds of nasty tricks in their little bag but I was curious if anyone knows anything more about this? Security experts etc?
Answer
1) The command prompt runs under the token of the person who launched it. There are ways to elevate that command prompt, if need be, to higher than Administrative priviledges. At this point, they can do anything they wish--even take ownership of your own system and files !!! (lock you out of your own computer? you-bet ! ) If you have ever looked closely at the security tabs in windows, regarding permissions, there are anywhere from 10 to 15 accounts that are built-ins. Local System, network, SYSTEM, Administrator, (local machine), ADMINISTRATOR--SYSTEM/MACHINE ACCOUNT if primary domain controller...etc. etc.etc.
Give me a local command prompt on a machine, and I'll use the mmc to do anything I want !!! Change permissions, launch custom powershells with custom scripts, perform full remote backups of the servers as they run...you get the idea! (That backup could be redirected to my machine, understand ? All that sensitive or proprietary data and info would be mine, not yours !) I imagine it would not be out of bounds to consider holding someones op system and machines "hostage" this way until a ransom was paid from a criminal point of view...and it COULD BE DONE !
1) The command prompt runs under the token of the person who launched it. There are ways to elevate that command prompt, if need be, to higher than Administrative priviledges. At this point, they can do anything they wish--even take ownership of your own system and files !!! (lock you out of your own computer? you-bet ! ) If you have ever looked closely at the security tabs in windows, regarding permissions, there are anywhere from 10 to 15 accounts that are built-ins. Local System, network, SYSTEM, Administrator, (local machine), ADMINISTRATOR--SYSTEM/MACHINE ACCOUNT if primary domain controller...etc. etc.etc.
Give me a local command prompt on a machine, and I'll use the mmc to do anything I want !!! Change permissions, launch custom powershells with custom scripts, perform full remote backups of the servers as they run...you get the idea! (That backup could be redirected to my machine, understand ? All that sensitive or proprietary data and info would be mine, not yours !) I imagine it would not be out of bounds to consider holding someones op system and machines "hostage" this way until a ransom was paid from a criminal point of view...and it COULD BE DONE !
Powered by Yahoo! Answers
Comments :
Post a Comment