View Single Post
  #1  
Old 08-30-2009, 03:00 AM
Syphilis Syphilis is offline
Marquis
 
Join Date: Feb 2009
Location: Deep inside your girlfriend
Thanks: 100
Thanked 652 Times in 352 Posts
Default Cybercrime tips, for the noobs who want to "1337 haxzors" their friends, or whatever

CONTENTS

Intro/encryption/proxies/basic hacking: http://www.zoklet.net/bbs/showpost.p...19&postcount=1
Solving errors: http://www.zoklet.net/bbs/showpost.p...00&postcount=9
Anonymous internet: http://www.zoklet.net/bbs/showpost.p...85&postcount=8
Using Ettercap to sniff passwords: http://www.zoklet.net/bbs/showpost.p...4&postcount=10
Exploiting computers: http://www.zoklet.net/bbs/showpost.p...4&postcount=19
Secure erasure and data recovery: http://www.zoklet.net/bbs/showpost.p...9&postcount=51
Partially overwritten files: http://www.zoklet.net/bbs/showpost.p...2&postcount=52
File encryption with GPG: http://www.zoklet.net/bbs/showpost.p...5&postcount=56
Warning for Mac FileVault users: http://www.zoklet.net/bbs/showpost.p...9&postcount=55

---------------------------------------

This is for all the noobs out there who are planning on doing anything illegal over the internet. Some simple common sense precautions that are followed less than you'd expect, because people are lazy fucks who get complacent. Don't get complacent.

1. Hard drive encryption.

Stops people from being able to read the data on the drive without the password. The password should be 15+ characters in length at the bare minimum, 30+ if you're serious about security, and totally random. Don't re-use it for anything else.

It's possible for someone to recover the password if your computer is powered on by using something called a cold boot attack, your data is only safe if your computer has been powered completely off.
http://en.wikipedia.org/wiki/Cold_boot_attack

Keep in mind that disk encryption is NOT anti-malware. The physical security of your computer is still very very important. Read up here:
http://theinvisiblethings.blogspot.c...truecrypt.html
http://www.stoned-vienna.com/

Truecrypt is the best encryption software. It's free for Windows and Linux.
http://www.truecrypt.org/

For disk encryption use the AES algorithm and the RIPEMD hash algorithm. Anything else for system encryption can cause compatibility issues, depending on your hardware and OS.

If you have a Mac you'll need PGP, since Truecrypt on OS X doesn't work with system partitions. It's not free, but easily pirated, if you wish to do so.
http://www.pgp.com/mac/

2. Proxies + Tor

Not for privacy, since people may be snooping, but good for anonymity. Make sure you use foreign proxy servers and Tor nodes. Basically,k they route traffic through a server, so that website you are visiting doesn't see your IP address, they see the address of the proxy server.

Remember that a lot of proxy servers and Tor nodes are blacklisted by sites like eBay or Amazon.

Tor:
http://www.torproject.org/

The Torbutton addon for Firefox is good to have. I think it's included with the Tor/Vidalia download package.

slim's Tor guide:
http://www.zoklet.net/bbs/showthread.php?t=31718

3. Hacking

Get the Backtrack live linux CD. The BT3 CD image is best at the moment since it'll boot nearly anything. It comes with a whole lot of useful tools for "hacking".
http://www.remote-exploit.org/backtrack_download.html

There's a learning curve if you're a noob, it takes a while to learn the commands for the command line and how to set up things. If you have a problem, Google it, and use the built in manual pages.

A few bit of useful software:

Kismet + Aircrack - wireless hacking.
Wireshark - packet sniffing.
Ettercap - stealing passwords through ARP poisoning.
John The Ripper - password cracker.
Nessus + Nmap - vulnerablity scanners.

Linux is best for hacking, Macs can handle most of the same programs, but some might need a little tweaking, Windows is generally not so good for it.

Last edited by Syphilis; 11-05-2009 at 10:32 PM. Reason: changes
Reply With Quote
The following users say "It is so good to hear it!":
13579 (08-30-2009), a giant pterodactyl (08-30-2009), BastardLunatic (08-30-2009), Bender (09-11-2009), Clue (09-11-2009), el drewto (08-30-2009), Jordan (08-31-2009), Marty McFly (08-31-2009), ObsidianZ (09-01-2009), Oral B (09-05-2009), Rizzo in a box (08-30-2009), StallionExplosion (09-21-2009)