Forum Thread: How to Stay Out of Jail Hacking

I agree fully Ghost.

I am not saying that the learning sites are spreading misinformation, I think there is a good chance that many smart hackers which would include really bad hackers have found that a popular site can generate revenue in advertising dollars.

Another reason could be, as the saying goes "you have to have a student to become a teacher." The creation of more hackers is a huge benefit to pen testers and network security in general.

ps, I question OWT also even who he is.
sheep get slaughtered while while a smart wolf goes undetected. I want to be the latter.

TheLion:

I am sorry you feel I am pointing this article at OWT. Actually I am not, If I felt that he was engaged in anything nefarious I would not be here and posting here.

Also please see my expanded possibilities that I posted in reply to Ghosts comment.

But I do wonder who he is and what his motivations are for posting here. Personally I think that is a healthy attitude to have. As an Artist I also study philosophy and one of the first points to learn is to question everything, even your own questions.

(Disclaimer, I am in no way pointing my article or posts in this thread at OWT or Wonder How To in any way or in any form. I actually encourage study here.)

Well, that's quite the explosive subject.
I have to admit, i neither agree nor do i disagree with what you are syaing in here.

First of all, i think it's necessary to distinguish in your article hackers from crackers. That a hacker shares knowledge is absolutly normal, as a hacker views his peers as valuable people and he knows that team work and sinnergy lead to better output.

Now, not all people are well intentioned, in fact a majority are not. So, what you are talking about exists (without generalising though).

Concerning "the pawns" you talk about in your articles, excuse me for saying so but they are the responsibles of their own actions. If i give you a knife, you can use it to cut a steak or mug people, none of it is my responsibility. People and "new crackers" are looking for troubles. I mean just reading commentaries from members on articles from OTW shows that. For example on the articles 95% of ATMs run on XP, OTW uses this article to explain to people that understanding XP and its vulnerabilities is not outdated, yet people ask "can you teach us how to hack atm".

Finally, if i can give a word of advice to people new to the field, use a controlled lab to do your testing. don't go hacking amazon or thinking you can get out of your speeding ticket. u can set up a lab for not much, in addition to you everyday computer, you can use 1 or 2 old computers (preferably with different os) on a LAN. Add to that a few OS images and virtualization and you can test your skills legally on a controlled environment playing both the hacker and admin thus understanding both sides and learning double.

Soul:

You hit it on the nose, I wrote this article after reading some of the comments in OWT's Shodan article and, well pretty much all the comments on all the articles.

You can see that people have their Kali box and are just rearing to go even without fully understanding what they are doing. That to me is a pawn. And its OK to be a pawn they sometimes make it to the end of the board and become a Queen, although to me that's kind of a dangerous route to take.

(Disclaimer, I am in no way pointing my article or posts in this thread at OWT or Wonder How To in any way or in any form. I actually encourage study here.)

hahaha JOH XNOOB...you're very funny...you mentioned OTW clearly...now you're saying what you're saying is not about OTW...

what do you mean by who is he...who does he has to be? is that important? do you want to learn something or get to know about the private life of people? priorities ....

anyway the fact remains that everybody is responsible for what he or she does... and if you're not gonna appreciate...may be is better just to shut up...OTW..has lots of articles about covering your tracks and not getting caught and if i don't remember wrongly even in the shodan article he made it clear that it possible to be traced or something of the sort....

TheLoin:

Sorry man I cant explain it any clearer than what I wrote believe what you want..

Look at groups like anonymosity, who teach their followers just enough to assist in hacking a site that they choose. I am not judging in anyway, but if you would take the time to do a simple google on arrests in conjunction with different groups and read some of the posts in those groups you will see that they encourage people who are not qualified to do so..

Like LOIC?

Yep, notice all the arrests involved because the members didn't even know how to hide their location properly. I mean really now, if you cant even hide your actions should you really be hacking?

Can you list some ways to hide yourself without using a VPN?

I hear a lot about DNS leakage and such.

wow you must be psychic, I am just now posting an update on my first perl script which covers just that.

Sweet! I'll have to take a look and see what I can learn from it! :D

Great Marco,

Sauole is helping on the script also. Its kinda complicated at the beginning so feel free to ask questions and I will be more than happy to answer. Its purpose is to automatically put you into stealth mode while covering your tracks. I will wait on OWT's article before really explaining the details of it as I think it will explain much of it.

The script is in forums, under the name hacking stealth script.

Macro:

I have an article on how to use proxychains to hide your identity coming out within the next 24 hours.

OTW

OWT:

Could you also include how to proxy through I2p rather than using Tor for the proxychains. There is a huge amount of info on using Tor but very little on i2p and I am really thinking that its a safer and better route to go.

If not I will put allot of effort into researching it fully and do a post.

do that and make the post JON MASTERS :) big ups ;)

The Lion King:

Mate, he's not saying anything bad about OTW. He's simply musing that it could be something that's happening.

We're all about being aware here. You should be questioning everything because that's the nature of a hacker.

From what I can see, OTW is just a guy who finds joy in helping others go along the same path as himself. That's what I see, but we don't know OTW. We don't know if he has ulterior motives or anything, but that's how it should be.

Yes, everything he is giving us is about covering your tracks and staying out of prison. But do you know what kind of category that falls under? Awareness. If you blindly accept something for face value, not only are you naive and gullible, but you're also unaware of what could really be going on.

Like I said, OTW seems like a top guy and I think we're all very grateful for the help he is giving us, but it never hurts to have a little precaution. Especially in what we do.

ghost_

of course i perfectly agree with that..so why don't you just go on and talk about staying out of jail without trying to shout somebodys name out...if u check well i said he is correct..but my point is that..if you wanna make an observation do so...his observation is good...but don't try to pull people in the mud..you may ask questions...but when you start to tag people with question marks...you know..people tend to go to conclusions...anyway we all got the point...happy learning to everyone!

The Lion King:

I've never dragged OTW's name through the mud, nor would I ever. As a qualified journalist, I don't believe in defamation of character.

In any case, you should never assume. It makes an ass of u and me.

ghost_

Thank you! In the meantime I have a few questions about Proxies and VPN's.

Since Proxies can be seen by ISP's, whats the point besides hiding your IP and changing your Geo-Location. Clever JavaScript and Flash can easily find out your real IP I hear, is that true?

VPN's are a step up because ISP's can't see what your doing but they know when you connect somewhere. That being said, if the VPN saves logs, then are you not screwed? Can't your true IP also been seen with Flash and JavaScript if your not careful?

Lastly, are there any other methods of hiding your IP that are not those two? I was looking into it, and I heard about Slave machines, but what are the dangers of those? Besides being Illegal.

You are correct,

This is why you use a Tor browser as it disables java ect. It also uses dns other than your isps which helps to cover up dns leaks.

Your point of weakness is the exit node. This can be mitigated by reconnecting to your Tor service periodically, thus creating a new exit node and limiting the information each exit nodes have available.

I will be adding the above to my script here sometime today.

Well,

I am not sure how your ISP can see that you are using a proxy if the proxy is actually between you and the ISP. So from what i know and understand, if you and your proxi are on the same subnet of your ISP you are good (although the proxy is likely to have logs) as the packets will go directly from you to the proxy without going through the isp (i am not considering dns here).

From a comment i just received from OTW, my assumptions concerning the ISP might be wrong, and all packets might go through it.

concerning javascripts, flash, cookies and more, they generate packets that can be sent normally (without going through the specified proxy, or using vpn) to a specified IP. this is to my knowledge how they can locate you.

Ah i was about to ask where i get one of these magical proxies from. but OTW has beaten me to it

you could use a nested loop to set your script to kill the TOR service after 5 minutes of inactivity and run an if statement to start the service if its not running. That way the script will always have a fresh exit node every time you come to your computer, say after making a coffee, but will never drop in the middle of say a vulns scan

Thanks ex1

oooo nice ex1. Could you write that part for the Stealth script? Thats better than what I am capable of at my level of coding skills.

I can certainly have a look dude. Where is the script? Sorry I've been absent for some time.

https://null-byte.wonderhowto.com/forum/my-hacking-stealth-script-0154231/

ghost you didn't write the article! we're just commentators...i was refering to he who wrote the article

Lion:

I truly want to thank you for your posts here, and so aptly demonstrating the topic of this post. It is an extremely good thing OWT is not the type listed in the article. But rest assured should I someday start an organization you would be my first recruit.

really? ok... :D

I rest my case and my statements and the validity of my article. I am done with this thread time to move on to bigger and better things.

While I don't question the validity of your article, I am surprised by your surprise and sudden realization of this. I'll Quickly point out here I sincerely believe that Master OTW's motives are.....different to others teaching.

However I think its important to note that if i give you a gun and show you what the trigger is and you shoot yourself in the face, it's not my fault, its your own. I don't doubt that some people are intending for noobs to "shoot them selves in the face", but for every 1000 prosecutions of idiots, there is potentially one good hacker produced. So in this sense I guess you could look at as a trial by fire, as opposed to being set up to fail.

Only people willingly playing the part of pawns via ignorance combined with arrogance can be used as such, Choose not to be a pawn. Read Machievalli's "the prince", perhaps "the 48 laws of power" also Mitnicks "hacking the human" is a good read. SE is quite possibly the way of the future hacks to an extent, which should change every hackers MO vastly.

Ext:

It wasn't a an epiphany. The article was geared towards those who do not have the experience or wisdom to see it for themselves. The mind must first see the possibility of a potential reality before it can then begin to change its belief structure.