September 3rd, 2004 10:33 PM
What are your hacking achievements ?
I'm just interested and/or curious what the different views/skillsets we have here . Let's just sum up in general hacking experiences, pen-testings, virus writings whatever.
As for me I'm pretty quiet on hacking itself, more cause i don't find myself skilled enough to bring it in the open, if i even want it to bring it out.
I merely test at home, in my secure LAN, I like to wargame at home. I still have to catch up on common techniques ,so I have my work at home. At work I did some testing and "white-hat"- thingies, which surprisingly got appreciated.
Anyway how about you ?
September 3rd, 2004 10:50 PM
September 3rd, 2004 11:21 PM
I mostly do alot of in-house penetration testing as well as server and network security documentation. I'm always looking to learn as much as possible on network security, so I try to document and take notes on different and new things as I go along. I also co-ran a 25 user wargame competition around 6 years ago to promote learning and safe hacking. It was pretty fun, me and an ex-friend of mine set it up and it was somewhat small (a few machines, running RedHat) but it was fun and eventful.
September 4th, 2004 12:40 AM
In 82 i had a mate who was an air gunner (scout then Linx) he used to write game programs for a hobby, (Tiger, your email addy has been forwarded so he can investigate if you ripped him off)
In 1982'ish I taught myself Z-80 assembly so I could crack the copy protection on games so me and my friends could share games illicitly.... <LOL>
As for my skill set, i don't realy have one. I'm completely self taught. I have always been quite good at making things work though. I have dabbled in Pascal and VB but would say i have no knowledge off eighther. Hopefully that will change soon as i start a caurse with the open University next month. Bloody late in the day to go back to school (i'm 42) i no. But i only got into computers three years ago and i need some focus.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
September 4th, 2004 12:57 AM
I just recently reported some software vulnerabilities to it's vendor and Secunia, and I've lately been messing around with web security. I'm sorta building a content management system for web sites, and the primary focus on it is security, so as of now I am picking up on injections, xss, etc.
Annnnd I defaced Google...
Other than that, I don't think it's too important to know how exploits work, but instead learning how to be creative with the vectors so you can prevent an attack. Or something.
Cool thread, let's see some more
September 4th, 2004 01:58 AM
Im not hip enought to be apart of the "l33t-h4x0r" jazz...
Originally posted here by Tiger Shark
In 1982'ish I taught myself Z-80 assembly so I could crack the copy protection on games so me and my friends could share games illicitly...
But that quote reminds me of haveing an endless ammount of everything that I could possably ever need in D2, getting bored, getting stoned, then decideing it'd be cool to have sex with a bear while a friend watched.
September 4th, 2004 02:12 AM
Well, my skillset is admitedly limited. Most of the cracking stuff that I've done (got some hands on experience to better understand how people compromise things) has been little things. I worked on the trillian password protection for a week or so. I also dissected MicroType Pro student files because we had to use it as a typing tutor program and I didn't want to spend a lot of time on it since I already typed around 98% accuracy at 50wpm, so, I grabbed the file, modified it a little bit, and the next day, I had scored a perfect score on the next 10 levels without even having to try them
For any workstation cracking, I haven't really done anything I would even call cracking. I found a way to get at things on the workstations that I shouldn't have been able to get to, I found ways around the block on internet explorer's options (privacy report -> view settings). I reported all the issues with that to the IT department and subsequently almost got suspended for a "blatant malicious attack" on the system...even though they wouldn't have known about any of the issues had I not given them the report (yes, I'm sure, I checked the logging procedures myself =p).
For disassembly work, I've only played around a little, mostly in cracking computer games and writing small programs to act as cheats. I've stripped a few shareware programs when I've had an afternoon to kill and didn't like having the lame popup window. I've taken high-scores on all the stupid games we have installed on this machine, but, the scores are so high, you can't beat them .
I think the only other skill I have that applies here is crypto. I LOVE crypto. I've got multiple books on the topic and I have a grand time designing, implementing, and cracking my own systems. I like math a lot too, which should go here I guess since statistical analysis is a big part of cryptanalysis.
And now for real-world skills. I'm a decent social engineer (not great by any stretch of the imagination, but, I'm decent at it). I SUCK at lockpicking, mostly due to not having proper tools. When I get a blowtorch and my new metal shears, I'll be able to forge some picks and test them out. I don't know what other real-world skills apply for this thread really...
Oh well, I guess this post paints me with a black-ish hat, but, I'm most definitely not a black-hat hacker. I wouldn't say I'm a pure white-hat either. I fall into the "blue hat" category =p
Is there a sum of an inifinite geometric series? Well, that all depends on what you consider a negligible amount.
September 4th, 2004 02:13 AM
I convinced people that I actually know something about computers...
oh yeah, and I finally got a job starting next week teaching them
edit.... and I am probably moving to Flint in the next couple weeks, so i will just look up Tiger for you cause he won't be far.
\"Ignorance is bliss....
but only for your enemy\"
September 4th, 2004 02:32 AM
Well in 6th grade my friend and I would do lots of stuff on the school computers.. We created accounts on the programs that teachers used, printed out report cards, stuff like that. It was pretty fun.
But don't worry, I'm not a skiddie any more
I haven't done much "hacking" since I moved here in 7th grade, cause at my new school I don't know anyone who is interested in computers like me.. And it's more fun when you can have wargames with your friends and stuff.
September 4th, 2004 03:00 AM
I haven't done too much lately. Most of the real-world experience I've had has been either internal analysis of my own organization or penetration testing of clients' networks and systems. I haven't done any of that in over a year though, 'cuz now I've hired a college kid who can hack into more networks and systems than I've heard of and he handles all of our penetration testing and system lock downs. I still play around a bit on my own network, but I don't mess with my organization's network anymore.
As for my formal skill-set. I can program in way more languages than I care to admit (from C/C++ and Java, to LISP and Standard ML, to Prolog, to Fortran 90). I've also worked with both x86 assembly and MIPS, though I've only written a couple practical programs in each. Most of the things I've written in assembly languages were to see if I could. I've also done quite a bit of web design (most over the past year or so) using HTML, DHTML, XML, CSS and PHP (working on learning ASP.NET at the moment), though not really sure if those can really be considered true programming languages. I also teach CS courses at a local university.
In high school, I wrote a couple exploits and viruses using C and C++, but nothing that I ever actually used for anything besides just to screw up my own stuff. Unlike people here, never cracked any games or anything (my best friend did, though, so if I ever wanted a shareware game cracked, I usually asked her). Back then, I used to be really into cryptography as well, and although I still have a bunch of books in the subject, I haven't really written too many encryption or decryption programs or algorithms in a few years.
That pretty much sums up my "hacking" skills and experience. Damn... I sound really boring now. hahaha