dslogo1.gif
Home
Tutorials
Password Crackers
Dictionary/Word Lists
Unix
Encryption
Port Scanners
Privacy/Anonymity
Trojans
Contact/About Me
The Lighter Side
Proxy Servers
Password Managers
Anti-Trojan/Virus
Personal Firewalls
Anti-Spyware
Secure File Deletion
Internet Cleanup Tools
PC Access Control
System Utilities
Email Security
Instant Messengers
Virus Creation Software
IRC
Web Development
Digital Soldier M.A.M.E
Digital Soldier Wallpaper
Digital Soldier Emulation
Digital Soldier Javascripts
Digital Soldier Games Spot

Introduction to Hacking, Part VII
Introduction to Hacking, Part VII
Tools
by euDaemon
euDaemon@email.ro
The Liberation of Information Specialist Team
L_I_S_T@email.ro

Disclaimer (I have to do this so that I don't get into trouble): "We, whoever we are at the current time, are not responsible for your actions as the result of anything, especially such things that pertain to this site. If your ignorance of local, state, and/or federal laws pertaining to anything mentioned to or hinted at by us lands you in a position you don't like (i.e prison, jail, or the liable end of a lawsuit), remember that it is not L.I.S.T., it's members, God's, Jesus's, Allah's, Jehovah's, or anybody else's responsibility but your own. We didn't make you do anything, nor would we. It is also the intention of this disclaimer that we hold to, not it's exact wording: if you think there's a legal loophole that you've found that holds us liable for you're actions, you're most likely right. However it is the spirit of this disclaimer that should be followed.


For whatever reason you're interested in hacking, whether you want to be a true hacker, a pseudo-hacker, or are even just interested in computer security, you're going to need tools. Tools are essential to any hacker, whether you make your own, or you get them from someone else. Since you are reading this file, which is part of an introductory series, I'm assuming that you probably don't know enough to make your own tools. So, I'm going to tell you what you'll need, and how to get it.

First, if you're serious about this at all, you're going to need access to some version of Unix. Even if it's only a shell account (an account at a server, where you log on and use Unix on another computer), you're going to want access to it. Well, how do you get one? You might even have one already. Call up your ISP and ask. Have a good excuse ready, because there aren't a whole lot of people asking about shell accounts anymore, and they might get a bit suspicious.

Personally, I have FreeBSD (a version of Unix) installed on my computer. I find this much better than a shell account, since I can explore root, and see what potential exploits exist, then set up my own security system, and even let my friends try to hack it eventually. (Note: letting your friends try to hack into your machine is perfectly legal, and it's probably the best way to learn) FreeBSD, along with Linux and many other versions of Unix, are completely free. FreeBSD is considered the most secure flavor of Unix, but is a major pain to install and configure. You can find FreeBSD at http://www.freebsd.org/ and Linux at http://www.redhat.com/ This is probably the most useful tool for an experienced hacker, and a very good way to learn for beginners.

Okay, you're also going to want various programs, including, but not limited to: a Unix password cracker, a Windows password cracker, a port scanner, a war dialer, a BIOS cracker, and various other utilities.

I personally have a travel disk. This is just a 1.44 MB floppy disk with a lot of essential utilities on it that I can take with me whenever I want to use it for some reason. Here's what I have on it: two BIOS crackers, a keystroke recorder, PKZip and PKUnzip (for zip files, you will need these anyway), a password file viewer, a Windows password cracker, a Windows screensaver password cracker, a Windows NT file system viewer, a registry editor, and, of course, the infamous Back Orifice, and all of the files required on a boot disk.

You can get an awful lot on just one floppy disk, can't you? The only problem is, where the hell do I find all of this crap? Okay, if you are having trouble finding any of these essential tools, then I'll help you out (I'm such a nice guy, aren't I?).

Okay, first and foremost you will need PKZip and PKUnzip (or, if you want it to look pretty, you can get WinZip or something). You can find these anywhere. Go to http://www.download.com/ or http://www.hotfiles.com/ and search for it, and you should find it without too much trouble. This program will compress and decompress files, essential for anyone, because most of the files you download will probably be compressed.

Next, you'll want a port scanner. While it is often better (in my opinion) to check the common ports by hand, a port scanner is essential if you want to see if there are any uncommon ports that are open. The one I currently have is Netcat, which runs in Win 9x and NT. You can get this at http://www.l0pht.com/~weld/netcat/ (Thanks to Bit Maestro for supplying the URL here).

You'll probably also want a Unix password cracker. A couple popular ones are Cracker Jack and John the Ripper. These can be found pretty much anywhere. If you're having trouble finding them, here's one place that you can get them: http://firechild.media3.net/ This site also has Unix crackers that can be run from Windows.

Something that you'll definitely want is Back Orifice, the legendary security tool developed by the Cult of the Dead Cow. You can get this at http://www.cultdeadcow.com/ Any recently updated virus scanning programs will catch this, but it's always good to have, just in case.

Something else you will want is Pretty Good Privacy, and probably a utility to crack PGP. PGP is the standard for encryption now, and seems to be common now. You can get PGP anywhere, including shareware sites like download.com and shareware.com. You can find a PGP cracker at http://firechild.media3.net/ I don't know how well this one works, because I haven't had to use it yet. So don't complain to me if the thing doesn't work.

Okay, the primary function of a war dialer is to dial up every number in a prefix, searching for a computer on the other end. These are now illegal to use in some areas, something about "connection without communication," but for the most part, they are still legal. I suppose if you want to find a random computer, you can use this...I don't know why else you'd want to unless you're into phreaking. Phreaking is like hacking, but with telephones and other devices using phone lines. A good resource for these, and many other tools, is The Hacker's Layer, at http://www.lordsomer.com/

If you're interested in phreaking, you'll probably also want a tone generator of some kind. You can find blue, red, and various other "boxes" (boxes are just tools for phreaking; they are given various colors to identify them) out there. Blue boxes won't work in the US, due to newer switching systems, and red boxes won't work in some areas, either. If you're interested in phreaking, you'll probably want these, along with an NPA (areacode) finder, and various other tools. But we won't go into phreaking in this file.

A boot disk you can make on your own, even if you're really incompetent. Just go to the Control Panel, go to Add/Remove Programs, then Startup Disk. Follow the directions. A boot disk is always good to have if you have physical access to a machine, because more often than not, the administrator won't set the machine to boot off the hard disk before the floppy disk.

Another useful tool is a traceroute program. A couple examples of these are Ping Plotter and Neotrace. Both of these programs give you a visual representation of the route your computer takes to get information to the specified address. These programs tell you what servers you go through, how much time it takes to send a packet, along with other information. Both of these programs are available at download.com.

A program that I found at download.com (I think) called netting will let you lookup, ping, trace, finger, whois, and other options on a specified address. This program combines many useful functions that are often separate programs, and I have found it more useful than opening multiple programs (I use this while I'm running Windows; Unix has all of these built into it). While it doesn't look as pretty as many utilities out there, it can be useful.

Keystroke recorders do exactly what their name implies: they record keystrokes. These can be helpful if someone with fairly high system access is using the machine. Then you just go and look at what he typed in, and bingo, you have all kinds of nifty stuff at your fingertips. You can find these pretty much anywhere, too. I know for a fact that the Hacker's Layer has some.

There are many other tools, but these should be more than enough to get you off to a good start. Eventually, you'll want stuff like Trojan horses, nukes, and later on, if you get into programming (which you will if you're serious about computer security at all) stuff like disassembles and source code for C and C++. But for now, what I've specified should be plenty to keep you occupied. I would also like to add that you shouldn't rely just on programs. If you do, you will most likely be considered a script kiddie (not a good thing). Instead, you should mostly rely on your knowledge and, eventually, experience, and use programs only when necessary. But I know you won't take my advice, so this is probably just wasted space. Oh well, you can't say I didn't warn you.

A hacker's most powerful tool is his mind.

-eD