Preparing the hack

_-~-_-~-_-~-_-~-_-~-_-~-_-~-Preparing the hack-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~
~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-By: Prabal~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_-~-_

There's a lot that goes into a really good hack. Everything, of course
depends greatly on what you are actually hacking. Before you think about
guessing usernames and passwords, Try a few intelligent things.

If the place is local, by ALL MEANS go there! Sit across the street and
watch what goes on. Stay there all night even, and see when guards arrive,
and when they make their rounds. Look for security cameras and other things.
Your target: The Dumpster. That's all you're physically going to do at the
site of the place you are hacking is wading through a dumpster. Look for
papers with phone numbers on them, Printed and discarded e-mail, and anything
else that looks like it could provide useful information.

If the place you are hacking is on the internet, then try telnetting to it
first. IF it asks for a login, print the screen or write the info down, and
then break the connection. We aren't going to guess just yet. Finger the
host and print that out, too, unless it refuses a finger connection. You
may also want to run a port scanning software on the host. This will tell
you what services they have enabled for use from the outside world.

If they are internetted AND Local, use BOTH of those above tactics (DUH).

Internet Service providers (ISP's) are easy to mess with. Call some up and
ask if they offer shell accounts. IF they say no, don't waste your time.
Call the next one. Once you find a place allowing a shell account, ask if you
could test a guest account for a day or two. You can demand this, because
after all, you don't want to spend your money on a piece of shit ISP. You want
to know what you're buying first. You don't buy a car straight off the lot
after you did no more than peek into the window. Once you have a guest
account, Set your terminal software to log the comunications, and type
"cat /etc/passwd" and hopefully you'll get a list of usernames, and some other
funky looking stuff (like encrypted passwords and other things). All the
different fields in the password file are separated by a colon (:). The first
field is always the user name, and the second is (usually) the encrypted
password. If the password field is one character (such as x, * or !) then
the password file is shadowed. You can read many text files on how to attempt
to un-shadow the file. Once you have the passwd file you have 2 things: A
list of every username on the system, and an encrypted password list.

If you feel like spending a few days or weeks without using your computer,
it is easy to crack a password file. Download any of the password crackers
you can find on the internet, and find "Dictionary" files (a huge file with
tens, possibly hundreds of thousands of words, that can be used to crack the
passwd with) for each password the cracker encounters, it encrypts all the
dictionary words, and compares them to the encrypted password in the list).
I would suggest "Star Crak" for this...it's one of the fastest programs I've
seen. Along similar lines, is a program called "Guess", which checks for
those dorks that make their password the same as their username (i've found
several passwords this way).

If you feel gutsy and try to hack a system/network at your school, be careful.
Usually these places know they are vulnerable, but don't have enough money to
go and buy fancy security systems, so they compromise by being extremely harsh
on hackers. The people never found me out at the high school because I had
my laptop hooked into their network and they didn't know where I was
physically (they had a map of the school and kept track of their computers'
network ID's so they knew exactly where things were coming from...except for
me... Several people got busted at my school. No expulsions, but a few good
scares and within 2 months of having the network up they had enough hacks to
force them to create a poster containing "Internet Usage Guidelines" or some
bullshit like that.

Colleges are a different story. As soon as I started there I came in with a
clean record, but I frequent the computer labs. If you are going to play
hacker at a college, act computer dumb in the highest degree. DON'T be
found in the computer labs 3 hours a day. I would suggest going to the labs
long enough to find out network ID's, IP addresses, Physical locations of any
servers, and other things like that, doing so over the period of a month. In
other words, keep it to a max of 1 hour, and always complain about having to
type. You hate typing but all your instructors want typed shit! ARRGH!!!
you get the dripht. Find your info ON campus, Ask who runs the servers maybe
if you feel like being bold, and do your hacking from OUTSIDE of the campus
if at all possible. (about noon-3pm is a good time to do that, and 2am as
well....the bussiest times and the times where NO ONE is there). Most Junior
Colleges, universities, and colleges have no hesitations about expelling a
rogue computer user. You can always have a friend at another school get info
for you about their school, and you give your friend info about your school
and hack each other's schools till doomsday. (That trick works sometimes, and
if you're careful you won't get caught and you don't even need to act stupid
about computers)