EvilZone

As RBA linked:

I'm a bit confused as how a Playstation Portable fits into this story though? How are you planning to infect a target via the PSP? (I mean social engineering wise rather than the technical details)

This is a good point. I haven't really thought about that but I guess you could pretend you are charging it or something

Not so hard, you just have to know how to homebrew on psp

ohh ok what language do you need to homebrew?
do you need any assembly? or could I use c/c++?

Thanks, gr33n.


Edit by bluechill: Don't double post!

Hello again, forgot about this thread. Sorry about that.

Learning how to set up VPNs and various sorts of proxies is something you just have to experience. I guess a good networking understanding is important and perhaps some network programming experience.

Whether or not it is easier to deploy a piece of software onto a machine remotely or physically is irrelevant, as you have to get into the machines systems either way. It doesn't matter if you use a keyboard, a ssh shell or a shell through an exploit.

Depending on your machine's OS, you can use the 3proxy I posted for some time ago, it is for Windows. If your target is linux, there are lots of minimal(as I like them) perl, php, python and ruby socks scripts out there. Google is your friend.

Good help thanks ande once again hahah keep up the great help !!

Thanks, gr33n.

So obviously I am posting about things like wordpress and eblogger what are your thought on hacking them?
when I think about how to hack these sites I automatically think it will be almost impossible for me because I haven't hacked any websites and I just think that they would put so much time into making them almost hack proof.

I know almost nothing is hack proof but to build my self up to hacking these sorts of things what should I start with? just some random site that has low security?
This is a big question that you guys get asked a lot but I would really appreciate your responses.

I would also like to start making some good post regarding hacking and some tutorials but I just don't have the knowledge yet sorry so I can't contribute as much as I would like but I will be able to post some good content in the next coming months I hope.

also I know this is the wrong place but I will ask anyway I want to be anonymous but wont going through a vpn still be risky because what if they lie and actually supply their logs to the government also isn't there the same problem with proxies?
I also don't have the knowledge just yet to hack someones computer and make it apart of a botnet so I can't just loop through their connection but I am working on finding out how to do that. any other suggestions?

Yes give it a try, as the site says WebGoat is a J2EE web application, created by the OWASP community to provide a teaching environment for webapplication security. It is a deliberately insecure program, where you must go through a number of lessons. In each lesson, you learn about a new sort of vulnerability, and in the same moment get a hands-on try at exploiting that vulnerability.


From webgoat you can perform attacks and learn valuable things so is not a waste of time.


Here is a demo on using WebGoat
http://searchsoftwarequality.techtarget.com/Demo-Using-WebGoat-a-free-software-testing-tool

Thanks dude I will give it a try.

Gr33n

Hey Ande when you said read up on some php security flaws is this the sort of thing you mean?
http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-97802/PHP-PHP-5.3.3.html

also how many things do you think appropriate to learn at once?
Like would you learn web script security and software security at once?
or do you think it better to take some time and learn them separately?

Gr33n.

Where did you come from? I remember you posting like 5 or 6 months ago but then you disappeared o.o

Umm yeah I have been off and on when my school work load gets to high but I am thinking I am going to be staying around even then so you will be seeing a lot more of me
hahah 6 months? I think it would have been more like every month I post something here.

Gr33n.

Even better Ande thank you for your help man

would you suggest I use the " Evilzone's official RFI training script" to help me learn the sql injection and php security exploits?
and thank you for that paper on software exploitation.

Gr33n.

Hey guys I really want to start hacking systems but you guys say .. "learn some programming languages" so I did I am learning python and I know quite a bit of php and a bit of c++.
But now where do I go like how do I learn about all of the different exploits?
and how do I actually learn to hack a system?
I find it really hard to figure out how people know what to do when hacking a website or something?
how do I learn these different things?
do I just keep learning programming and learn what security risks different programs and services have?
or what?

I am sorry if this has already been asked and I know it gets really repetitive but I am just stuck on where to go next.

Thanks guys please help me out, Gr33n.