please help me with my second step in hacking!!

[gr33n]

Hey guys I really want to start hacking systems but you guys say .. "learn some programming languages" so I did I am learning python and I know quite a bit of php and a bit of c++.
But now where do I go like how do I learn about all of the different exploits?
and how do I actually learn to hack a system?
I find it really hard to figure out how people know what to do when hacking a website or something?
how do I learn these different things?
do I just keep learning programming and learn what security risks different programs and services have?
or what?

I am sorry if this has already been asked and I know it gets really repetitive but I am just stuck on where to go next.

Thanks guys please help me out, Gr33n.

[ande]

Without putting too much thought into this: Go for web application security next. That is, security problems with PHP(or other server-side scripts), SQL and HTTP. Alternatively go for software exploitation, which will lead you to C and some understanding of Assembly, machine code and shell code.


If you go for web application security I would recommend doing some PHP project(s) and read up on SQL injection, XSS, RFI, LFI, path disclosure, faulty checking of user input types and CSRF. We have a few of the topics in the tutorial section here. Some you might have to google.


If you go for the software exploitation I would recommend understanding.. Pretty much everything from when an executable is loaded by the OS to the executable exits. Some topics: Memory management, stack, heap, buffers and array sizes leading to buffer overflow attacks and alike. A good paper on buffer overflows is Smashing The Stack For Fun And Profit, Evilzone mirror: http://evilzone.org/docs/smashstack.txt

[gr33n]

Thanks ande, dude I love you. I really was expecting people to shout at me and say that too many people ask this but thanks I will look into that.

also thanks for the really quick response, Gr33n.

[ande]

Thanks ande, dude I love you. I really was expecting people to shout at me and say that too many people ask this but thanks I will look into that.

also thanks for the really quick response, Gr33n.

Updated my post.

[gr33n]

Even better Ande thank you for your help man

would you suggest I use the " Evilzone's official RFI training script" to help me learn the sql injection and php security exploits?
and thank you for that paper on software exploitation.

Gr33n.

[ande]

Even better Ande thank you for your help man

would you suggest I use the " Evilzone's official RFI training script" to help me learn the sql injection and php security exploits?
and thank you for that paper on software exploitation.

Gr33n.

That script is for RFI only, but sure. Have a look.

[gr33n]

Hey Ande when you said read up on some php security flaws is this the sort of thing you mean?
http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-97802/PHP-PHP-5.3.3.html

also how many things do you think appropriate to learn at once?
Like would you learn web script security and software security at once?
or do you think it better to take some time and learn them separately?

Gr33n.

[Sparky712]

You will probably be MUCH better off learning the two individually. pick one and learn it, then learn the other, using your experience with the first one to ease the learning of the second. If you try and learn them at the same time, you will be trying to process information from two sources at the same time, and despite the different languages involved, the chances are, you will mix things up. sometimes doing things one at a time, is more efficient than all at once.

[ande]

Hey Ande when you said read up on some php security flaws is this the sort of thing you mean?
http://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/version_id-97802/PHP-PHP-5.3.3.html

also how many things do you think appropriate to learn at once?
Like would you learn web script security and software security at once?
or do you think it better to take some time and learn them separately?

Gr33n.

I would do as Sparky here  says, learn them separately. And that link you posted is software bugs in PHP itself. What I mean by web application security is security problems with PHP code.

[EMOKDOOM]

Smashing The Stack For Fun And Profit, Evilzone mirror: http://evilzone.org/docs/smashstack.txt

For some reason i feel like i've seen this somewhere. I think it was suggestion to start with Phrack #49 in some PDF file i read; might of gotten it from here actually.

[vezzy]

For some reason i feel like i've seen this somewhere. I think it was suggestion to start with Phrack #49 in some PDF file i read; might of gotten it from here actually.

Yeah, it originated from Phrack 49. It's one of the most iconic and recognized papers on hacking and exploitation ever. Somewhat outdated nowadays, but still viable.

[EMOKDOOM]

Yeah, it originated from Phrack 49. It's one of the most iconic and recognized papers on hacking and exploitation ever. Somewhat outdated nowadays, but still viable.

Got some new toilet reading to do then :]