What does hacking actually LOOK like? For example, what interface is the hacker using, what’s their goal, and are they typing in a bunch of passwords like in the movies?

1.14K views

What does hacking actually LOOK like? For example, what interface is the hacker using, what’s their goal, and are they typing in a bunch of passwords like in the movies?

In: Technology

27 Answers

Anonymous 0 Comments

You could watch a guy on youtube named commai archive. Sort by most popular and watch his first most viewed video.

However, he isn’t doing a hacking there but it looks like you and movies imagine.

It’s not VERY different from what movies are showing but it doesn’t have that many “pop us” and it’s not like “DECRYPTING”

They are using GNU/Linux operating systems distributions such as Kali Linux for example.

I realized that the terminal from the GNU/Linux and CLI(command line interface) programs seem like magic to not-geek-computer people.

Every hacker has it’s own reasons and desires for certain things to get his hands on.

“Typing bunchs of passwords” is a missconception. Usually what they do is writing a program or a script that is doing the desired action.

One of the most popular ways to get passwords is using keylogger. That is a program that “listens” your keyboard.

However rarely hacking is “Boom I’m in your computer with my program”
Usually the victim “aceepts” malware programs not knowing.

For example you’ve probably seen “CONGRATS YOU WON 1 MILION $”
And if you would’ve clicked on it it would most likely ask you to ENTER you own credit card and it’s password.

So it is usually given by victims in such and similar ways.

However the MOST frequent way is Social engineering.
Dfor example you call the customer service saying you’re your victim’s wife or husband and how you’ve forgotten the password of facebook, indtagram, bank account, you name it.
It seems in first that this is stupid and that it would’ve never worked but google it or youtube social engineering hacking on youtube you will find amazing documentaries and explainings.

Suggestion:Motorola company by a guy in 90’s if I beliebe correctly.
He managed to get the source code od Motorola by social engineering the company people into thinking he was the developer that got back from vacation.

I hope I answered your question.

Anonymous 0 Comments

It’s probably closer to the *Sherlock* episode where he thinks Moriarty has some computer code that let’s him access *anything*. The guy just straight up bribes low paid workers to let him in.

Anonymous 0 Comments

If you are curios there is a guy on youtubd that makes videos on how he hacks scammers.

Anonymous 0 Comments

In the second Matrix movie, Trinity uses a number of real tools(now dated) to break into the power plant, though sped up x1000. I saw it the first time as a company outing for a big tech company, with a theater full of people who recognized what she was doing.

A movie getting it right was such a shock that we cheered out loud at that scene.

Anonymous 0 Comments

In general, you are trying to find access to a system. What you are doing changes based on what access you have and what you know about the system. It basically does not look any different from any other form of programming. Work in text editors and watching screens of log files / searching through them for details of how the program crashed this time.

Most hacking involves getting the computer to run a program that does what you want, and reports to somewhere you control.

You can trick someone who has access to run your program. This is phishing and commonly done by sending email messages that get a user to open the file you sent.

Attacking from a distance requires having an exploit to a program that is running and responding to a computer you do control. Some people do this without any real knowledge, referred to as “script kiddies” by just finding attack scripts and executing them with little to know knowledge how they work.

Making your own exploit involves either reverse engineering the changes to a system in published patches and figuring out how to do what the patch prevents, or a process called fuzzing.

Reverse engineering involves analyzing the files through methods including reverse compilers, which reverse the program into programming code that is easier to read ( easier being the key word. Any notes made by the programmer to help make sense of what the program is doing is lost, and the version you get is still closer to computer logic than human. ) Reading the patch notes to identify what it is supposed to change, and running programs that list all changes made to a computer as you apply the patch.

To fuzz a system, you build a copy of what you want to attack on a virtual computer and send it random messages. Eventually one of these messages will cause a problem with the system. You then use debugging tools to see where what happened. Most often, the computer just broke and needs to be restarted to reset, sometimes, very rarely, you can find the information sent in a specific part of the computer’s memory where running programs are stored. If you find a way to write into the execution stack, you append a program to the string that broke the system and fine-tune until the computer is doing exactly what you want.

The next step requires getting the program to be run on the computer you want to hack. If you have a network exploit, you can just send a request (similar to sending email or requesting a webpage to it).

Hacking a computer on-site is much simpler. The old adage is if you can get physical control of a system, there is no protection that can stop you, often referred to as an evil maid attack: you left your computer in the hotel room, and the maid does something to it while cleaning that gains access to anything on the system. Depending on how difficult the owner has made it, this can range from simply running one of the programs you would send in a phishig campaign on the computer if there was no password protection, all the way to opening the computer and installing a device that records whatever parts you want when the computer is running and sends the data back to somewhere for you.

Not so ELI5, but if you want to learn, there are several places that put up systems intentionally to be hacked. SANS runs a new event every year in December and they keep the system open so you can try even after the event is over. The ‘event’ includes talks from security researchers that detail the security flaws you can exploit in the systems to pass the challenges so you should be able to learn as you go.
https://holidayhackchallenge.com/2019/
They also publish participant’s notes on what they found after the event is closed so any parts that stumped someone can be searched and learned from.

Anonymous 0 Comments

There’s different kinds of hacking.

– Manually hacking looks a lot like ms-dos / cmd prompt . They’re using various tools to try to access “behind the scenes”
– Creating hacking scripts looks like notepad.
– Baby hackers use the tools/scripts created by hackers using the other 2 methods
– Some hacking looks like “insert USB hackstick into computer” and walk away.
– Social Engineering looks like people calling up numbers on a phone until they get somebody to give them information.

Anonymous 0 Comments

I test web applications for vulnerabilities, and I use a web browser and Burp Suite. It looks like a table with all the requests the browser does. Occasionally I slightly edit a request and send it again. Sometimes I just edit the URL in the browser.

Anonymous 0 Comments

Late nineties it was a simple case of Netbios sharing.

Windows at that time, if you enabled your hard drive to be shared across a network then it would have no security by default. So if someone had your IP address and typed the Netbios command in Windows command prompt then it would share your drive onto their machine, and they could access your files.

People would make a program to scan IP ranges for the Netbios port, 139, to see if it was open. At the end of the scan you’d have a text file with IPs of machines found with this port open.

Then, some people would make “bots”, a small program that would connect to an IRC server and channel. You could upload this program and edit the… iirc start.ini file or whatever the file was that determined which programs ran at startup. When the person rebooted, your program would be ran and the bot would connect to an IRC server.

The most fun I ever had though was putting… I think it was called Sub7, a trojan onto my mates brother’s computer. We were in the next room and pressing all of the buttons – open cd tray, turn monitor off and on, bleep bleep etc. Hearing his brother raging was hilarious. Until he heard us laughing and stormed into the room.

Anonymous 0 Comments

I think the first episode and a lot of the hacking seen in Mr Robot was on the realistic side that it was lauded by hackers.

Anonymous 0 Comments

someone sits at their desk with a caffeine drink. they type something into a program, something like a command prompt. there might be two or three windows open. maybe another monitor or computer with a graph showing usage, or a spreadsheet. they copy files from one part of a computer to another. sometimes that means using a flashdrive. there are not billions of red lines of code on the screen, just the command prompt thing giving a list of information. have you ever used an “unzip” program? some windows and programs used look sort of like this.

then they type some more, copy some documents, take some screenshots, send an email. squint at the screen, write something down on another computer or on paper, just some notes for later. they drink caffeine and if stuff works you can hear them whisper “i’m in” and chuckle to themselves. the typing and clicking continues. it doesn’t look very cool, just like someone opened a coding program.

note: if they don’t say “im in” every time they are banned from the super cool hackers guild. search on youtube “real hacking looks like” and ignore clickbait. mute the video and watch at half speed. notice when something is a video edit and not actual screen recording.