Ask me a question about hacking
Ask me a question about hacking
So it's a Saturday night and I'm on Chao Island for some reason right now
I've been an "Information Security Engineer" aka professional whitehat hacker for about 7 months now. I am by no means good yet but I know more than most average people at least. In this time I've learned about most of the different vulnerabilities regarding web applications. I don't do a lot of cryptography (or any, really) and I don't do much with networking. But I can dump your database and inject JS into your forms if you're not careful.
Given that this is a forum with young people who use technology I assume a good number of you are interested in programming and the like - hacking is sort of an extension of that. And it can be an awesome career, or you can do "bug bounties" and make some money by helping companies fix their stuff. I don't recommend hacking for any other reasons btw. The money you can make legitimately trumps anything you can steal or make doing blackhat. So don't use any of this for evil please. Also it's really fun and rewarding breaking stuff, in a weird way. And you can brag to your friends and sound cool and mysterious.
I'm not allowed to say the name of who I work for or any of our clients. But I can discuss vulnerability stuff and what to look out for/how to get started.
And no I can't hack into your ex-girlfriend's facebook/email/any of the like so don't ask!
I'm not interested in building your app idea so don't ask!
Ask me questions about hacking websites because I'm bored and it's a great career that most people don't know about
I've been an "Information Security Engineer" aka professional whitehat hacker for about 7 months now. I am by no means good yet but I know more than most average people at least. In this time I've learned about most of the different vulnerabilities regarding web applications. I don't do a lot of cryptography (or any, really) and I don't do much with networking. But I can dump your database and inject JS into your forms if you're not careful.
Given that this is a forum with young people who use technology I assume a good number of you are interested in programming and the like - hacking is sort of an extension of that. And it can be an awesome career, or you can do "bug bounties" and make some money by helping companies fix their stuff. I don't recommend hacking for any other reasons btw. The money you can make legitimately trumps anything you can steal or make doing blackhat. So don't use any of this for evil please. Also it's really fun and rewarding breaking stuff, in a weird way. And you can brag to your friends and sound cool and mysterious.
I'm not allowed to say the name of who I work for or any of our clients. But I can discuss vulnerability stuff and what to look out for/how to get started.
And no I can't hack into your ex-girlfriend's facebook/email/any of the like so don't ask!
I'm not interested in building your app idea so don't ask!
Ask me questions about hacking websites because I'm bored and it's a great career that most people don't know about
BIG THE CAT NUMBER 4
FUSION WAS A BABY CHAO MOD
FUSION WAS A BABY CHAO MOD
- Dr. Roivas
- Veteran Chao
- Posts: 1125
- Joined: Fri Sep 30, 2011 11:35 pm
- Motto: urine speaks louder than words
- Location: \[T]/ praisin dat orb
- Contact:
Re: Ask me a question about hacking
Oh thank god there's this giant ****** stump just sitting in my backyard and I've been trying to hack the damn thing to pieces for months now. What am I supposed to do? Just get a bigger maul or...?
Capitalism Killed My Once Proud Signature
Re: Ask me a question about hacking
Not sure if it's considered hacking but:
How easy is it to check where in the world a post on Twitter or Tumblr was written?
Similarly, can you check the IP of an anonymous ask on the latter without blocking them?
How secure is most social media to begin with?
How easy is it to check where in the world a post on Twitter or Tumblr was written?
Similarly, can you check the IP of an anonymous ask on the latter without blocking them?
How secure is most social media to begin with?
Re: Ask me a question about hacking
With the more recent news about Russian hackers releasing United States Democratic Party emails, I do want to ask if there is something inherently easier about hacking from one country to another or form one language to another. Did the Russians have some kind of advantage unique to being Russian, or is it all about the same no matter where you're from?
Avatar Art by chocohugs; Signature by Tsui
- chaoadventures
- Veteran Chao
- Posts: 1381
- Joined: Tue Dec 04, 2012 2:30 am
- Motto: "you wanna play with gabario?"
- Location: heck (still)
- Contact:
Re: Ask me a question about hacking
The question I have is:
Do you mean "can't" as in you genuinely can't do that or just won't if asked to?BTC4 wrote:And no I can't hack into your ex-girlfriend's facebook/email/any of the like so don't ask!
Re: Ask me a question about hacking
I am completely inept at programming, but I have been trying to become more well versed in it, even if it is just conceptually. Do you have any recommendations on where to start learning? I think high schools should probably have a required computers class, since it is such a huge industry that is only growing, but alas, I accept that I missed out on that. How did you start getting into computer wizardry?
I also think Crazo's question, in terms of recent events, is really interesting. Do you have any deep insider thoughts on hacking government agencies? What about the ethics of revealing of the sketchy information (DNC being anti-Sanders, most recently) obtained through illegal means?
Now to show my ignorance, what is JS? Java Script? And what would that even entail.BTC4 wrote:But I can dump your database and inject JS into your forms if you're not careful
I also think Crazo's question, in terms of recent events, is really interesting. Do you have any deep insider thoughts on hacking government agencies? What about the ethics of revealing of the sketchy information (DNC being anti-Sanders, most recently) obtained through illegal means?
-
- Shining Chaos Chao
- Posts: 2750
- Joined: Tue Jan 13, 2009 1:07 am
- Location: Nort Southh's Asylum for the Sane
Re: Ask me a question about hacking
What are the go-to weaknesses you check for when you get a new contract?
You don't hack stumps. You hit them with a firewall.Dr. Roivas wrote:Oh thank god there's this giant ******* stump just sitting in my backyard and I've been trying to hack the damn thing to pieces for months now. What am I supposed to do? Just get a bigger maul or...?
- PoodleCorp
- Egg
- Posts: 1
- Joined: Mon Sep 05, 2016 7:46 pm
- Contact:
Re: Ask me a question about hacking
You should join us at PoodleCorp.
Long Live Poodles #PoodleCorp
https://twitter.com/poodlecorp
https://twitter.com/poodlecorp
- Mooncow
- Administrator
- Posts: 1755
- Joined: Sun Jul 31, 2005 11:06 am
- Motto: Cut your path through an uncertain future...
- Location: Chao Island Capital
- Contact:
Re: Ask me a question about hacking
Hi Mr. Big the Cat #4, can you hack into the Chao Island RPG and complete it
Glad to hear you've found a career path you seem to be enjoying!
Glad to hear you've found a career path you seem to be enjoying!
Chao Island Twitch Channel for Chao streaming!: https://twitch.tv/ChaoIsland/
I have dragons as my servants and I have almighty powers.
JmTsHaW: (list of CI users, as Sonic Battle characters) Chaos - Mooncow (He barely appears, Chaos also barely appears.)
(00:45:53) xninjy: ur not old mooncow. old is 50 or 45.
I have dragons as my servants and I have almighty powers.
JmTsHaW: (list of CI users, as Sonic Battle characters) Chaos - Mooncow (He barely appears, Chaos also barely appears.)
(00:45:53) xninjy: ur not old mooncow. old is 50 or 45.
-
- Courageous Chao
- Posts: 455
- Joined: Tue Aug 25, 2015 6:25 pm
Re: Ask me a question about hacking
Are you really Keemstar like BDTV said?PoodleCorp wrote:You should join us at PoodleCorp.
Good thing I saw this because it reminded me he has a livestream right now
Re: Ask me a question about hacking
hahaha oh man I forgot all about thatHi Mr. Big the Cat #4, can you hack into the Chao Island RPG and complete it
Someday I will complete it
On programming in general I would start with something like codeacademy or learn python the hard way to learn generic concepts. Then find a thing you want to build, fail at it and be frustrated, and build it, even if it sucks. Then build more stuff. If you want to break things like I do I would start with this video - https://www.youtube.com/watch?v=L5l9lSnNMxgI am completely inept at programming, but I have been trying to become more well versed in it, even if it is just conceptually. Do you have any recommendations on where to start learning? I think high schools should probably have a required computers class, since it is such a huge industry that is only growing, but alas, I accept that I missed out on that. How did you start getting into computer wizardry?
The main vulnerabilities are applications that let you run JS on them and mess with their SQL (database) queries. Other than that are permissions and stuff to do with tokens and cookies and the like. Spend some time looking up how HTTP and the Internet in general works I guess is a good start for this kind of thing.What are the go-to weaknesses you check for when you get a new contract?
JavaScript, see above youtube link. Basically if you develop a web application you need to treat all user input as something that could potentially be malicious or evil and scrub it of any dangerous characters that could execute code.Now to show my ignorance, what is JS? Java Script? And what would that even entail.
Can't and won'tDo you mean "can't" as in you genuinely can't do that or just won't if asked to?
Nah not really. You probably hear more about "Russian hackers" and the like due to political reasons. They do the same stuff I do though. Also hacking other language websites is really annoying, particularly ones in Chinese >_>With the more recent news about Russian hackers releasing United States Democratic Party emails, I do want to ask if there is something inherently easier about hacking from one country to another or form one language to another. Did the Russians have some kind of advantage unique to being Russian, or is it all about the same no matter where you're from?
No idea about twitter and tumblr. Most social media is pretty secure I'd say. I've seen IP information leakage at a number of places among other things like server information, internal filepaths, crazy verbose Java errors etcHow easy is it to check where in the world a post on Twitter or Tumblr was written?
Similarly, can you check the IP of an anonymous ask on the latter without blocking them?
How secure is most social media to begin with?
BIG THE CAT NUMBER 4
FUSION WAS A BABY CHAO MOD
FUSION WAS A BABY CHAO MOD
- retrolinkx
- Veteran Chaos Chao
- Posts: 6323
- Joined: Thu Sep 04, 2008 5:33 pm
- Motto: I can't believe I ate the whole thing.
- Contact:
Re: Ask me a question about hacking
Let's say the government or another company picked you up to do some unethical work with your skills (the work won't hurt anybody physically), and the pay was good (like CRAZY good. Your current yearly salary 5x over or so). Would you take it?
Re: Ask me a question about hacking
when you've successfully hacked into something, do you say in a hacker voice, "i'm in"?