TUCoPS :: Unix :: General :: unixthc.txt

How to become a Unix Hacker
Author: van Hauser / THC
So you've decided to become a unix hacker but you don't know how to start? Before you really begin make yourself the
following absolutly clear: 
 1.Hacking is much work. It's not a playground for kids who just want to
 have 15 nice minutes. You must learn how to operater and program a
 system. You must research how they react and read sourcecode. It's a
 long and hard way - so be warned.
 2.Hacking is illegal. At least in most countries - only the netherlands
 and argentine come to my mind which hasn't got laws against hacking -
 so far! But be sure they will come. Even just to log on a system with
 an account which is not yours is a crime and can be punished. Once a
 judge spoke you guilty commiting a crime, it is put into your record.
 Your whole life might be ruined because there are only few companies
 who accept computer criminals as their employer.
 3.Hacking is time consuming. You can't just do hacking half a year, then
 making a pause of 3+ month and then getting back to it. The time runs
 fast in the internet. New unix releases, new bugs and new fixes. Once
 you are outdated with your exploit data you must beg your chummers to
 give you the new stuff, and if you do that too often they won't be
 happy about that.
 50+ % of the hacking time you spend are actual information gathering.
 Speak to other hackers, read mailing lists and newsgroups, watch good
 www and ftp sites.
But what is the motivation to actual do unix hacking? Thats up to you. You
want to become one, so think about it why you want to become one.
Forget movies like "The Net" or "Hackers" - that's NOT reality! Forget
dreams about being the hero, hacking the pentagon and becoming the sexiest
man, getting every girl and ending with a cool payed job in the security
company ;-) This is NOT what will happen - so make yourself clear why you
want to do it and what you expect. Can you imagine your mom crying when the
police come to arrest you?
Keep these warnings in mind. This is to make sure that you know what you
are doing and want to become. 
Note too that I wrote this fast guide only because I was asked that often
from many guys, even successful phreakers/blueboxers, "how can I hack unix
?" - and time after time I got tired. So here it is. Don't blame me for
incompleteness and mistakes - I don't care. Only the toughest survive - so
try to get as much as possible out of this text if you are really new.
 |-------------------------- HOW TO START ----------------------------|
 1.Get Familiar with it - or - How can you win a rodeo without learning
 how to handle a horse?
 2.Get a unix distribution. Get Linux, FreeBSD, Solaris, Sinix etc. for
 your personal computer. Linux und FreeBSD are cheap and derived from
 BSD, whereas Solaris and Sinix are expensive and derived from Sys V.
 Tip: Get a linux distribution which has got a good handbook. You must
 learn how to operate your unix. Learn the basics, like changing
 directories, copy and delete commands and using the editor, first.
 3.Motivate yourself to actual USE unix. How to do that - thats up to
 you. Maybe use a database which is in your unix distribution, program
 something in C for your school/university, what ever, you must learn
 to really use unix.
 4.Get some books to help you. There are many out there, so just go into
 a good shop, best near an university, where the guys working there
 know what the good and the bad books for using unix are. I personally
 like the O'Reilly Nutshell handbooks much but dislike nearly all the
 Addison Wesley ones - but thats a personal opinion.
 5.Get a real internet account with PPP and/or shell access. NEVER do
 hack or exchange hacking info not encrypted with PGP with this real
 account of your own! Try to configure your unix pc to connect to the
 inet provider. Some rare but good Linux Distribution have got a
 handbook (yes - something printed!) where they describe how to do
 that.
Once you have followed these 5 steps and know how to operate unix (this
should take about 2-8 weeks) then you should move to the next step:
 |------------------------ LEARN THE BASICS -------------------------|
 6.Get some good books about unix and internet security. The best I found
 is "Practical Unix Security" by Garfinkel and Spafford, 2nd Edition,
 O'Reilly. Learn what the basic security problems, holes and features
 are unix have got, and what mistakes people make.
 7.Try to get all the information and files you can find in the inet.
 Examine www and ftp sites and use search engines. Subscribe to
 important security mailing lists and read the newsgroups which might
 be important. Ask around on irc for good sites.
 Here is something to start:
 http://underground.org
 ftp://onyx.infonexus.com
 nntp://comp.security.*
 And of course the links on the Security & Hackerscene page ;-) 
 bugtraq mailing list ->
 email : listserv@netspace.org
 message body : subscribe bugtraq you-real-name 
 8.Read and Analyze your files and data - and don't just collect them. 
 Once words like "suid", "sniffer", "buffer overflow", "firewall",
 "rdist", "nis", "nfs" and "satan" aren't secrets for you anymore and
 you really know what they mean and their consequences for you - move
 on.
 |------------------------- BEGIN HACKING ---------------------------|
 9.Get an account which isn't yours - try to get it from some hacker you
 know/met. Remember don't try to hack with your own account!
 10.With this account you can try to hack your first system. Try your
 exploits etc. But remember the articles "How to cover your tracks" so
 your first illegal account isn't history after the 1st time using it.
 11.Use ypx, remote sendmail exploits, insecure NFS exports etc. to get
 more hosts. You get very successful with this "old" stuff if you use
 big host lists and write/find scripts which automate the testing for
 you. But where can you find hostnames to build the host lists? Many
 possibilities. Try irc, /etc/hosts, www, statistical analysis data of
 the internet or www access etc. This should give you many hosts with
 accounts on.
 12.Install a sniffer if possible on the system and you hacked root. That
 will give you many accounts to new hosts
 13.try your exploit scripts. Finally some should work. Goto 12. 
 |----------------------- BECOME A HACKER ---------------------------|
What - you already hacked some systems root - and you aren't a hacker yet - why that? A Hacker isn't someone who just
hacks a site, installs a sniffer and goes on. A real hacker is someone who wants to understand a system, know how it reacts,
has got fun seizing control over it and is interested in discovering bugs and inventing new tools. He's so to say the Columbus of
Cyberspace. 
 14.Try to get into touch with other hackers and exchange information,
 experiences, accounts, exploits and files.
 15.Watch the discussions on the newsgroups, mailing lists and irc. Try to
 read some important RFCs, learn C and begin to program tools of your
 own.
 16.Don't become "31337" - you know that you are cool and you don't need
 to convince everybody else of that fact. Behave normal and help others
 who are now asking you "how do I hack unix?" ...
 ... 
 17.Don't get tired. Stay in the scene, keep an eye on newgroups mailing
 lists and friends, don't stop hacking. Goto 17
 Yep - thats all from me guys ... that text should gag every newcomer's
 mouth. It was quick and dirty but it has got all it needs.
Ciao...