If you go to the command prompt in windows…that’s often what it looks like. Certainly not like in the movies where you have multiple screens with scrolling text, symbols, flashing imagery…Real hacking is quite boring to watch.

Mostly just a good text editor and/or a shell login and hitting the refresh button in the browser with the Console tab (Ctrl+Alt+C) open or nitpicking details from extensive unreadable garbage text dumps or test output.

It usually takes a lot longer to develop a new hack than the quick hacks shown in short cutscenes. Once it’s well known though, 10-30 seconds can be enough to deploy or that can be automated.

Look up [IppSec](https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA) on youtube. It’s basically just like that

I do a lot of hacking on a particular video game. I’m actually looking for vulnerabilities so I can *fix* them, but that doesn’t mean I’m above using exploits to fuck with people now and then.

Once I have an idea of what feature might be exploitable, most of my time is spent simply reading source code. I find the section of code that pertains to what I want to do, then I follow the code flow backwards through all possible branches to find a way to invoke that code remotely without authorization.

Once I find a path to the code I want to exploit, it’s ten to twenty minutes writing new code to do the exact secret dance needed to make this thing happen. Then I go online, test it out, and wait for other players to be confused.

If it’s something that needs to be fixed, instead of just being useful, I’ll push a fix through community channels and send a report to the developers.

Almost nothing happens in real time, and there is very rarely multiple console windows scrolling text while me and six other people mash the same keyboard. It’s about studying the system you’re attacking and finding the most efficient path into the code you want to exploit.

There is a lot of half ass info here. Hacking a broad term applied liberally. Hacking is really just using something in a non intended way. Computer hacking has a vast spectrum of application and can mean anything from breaking into a computer system, to reverse engineering, to troubleshoot a problem, implementation of a function in a non-intuitive way, social engineering, the list goes on.

If you are interested in the topic I can highly recommend the darknetdiaries-Podcast! Many interesting stories/interviews told by hackers, security experts, etc.

Hacking is more tricking an user than a machine. The most vulnerable spot in a PC is between chair and the keyboard.

Hacking is a very broad term. Depending on what the goal of the hacker is, the process can be very different. Like mentioned elsewhere in this post, at the end of the day, all hackers are looking for vulnerabilities in another’s system.

Some examples of hacking would be:
Finding a special edge case in their code which allows you to get information you should not normally be able to access. By inputting certain code into search bars on websites like Amazon/Ebay/Walmart.com, it may be possible to actually execute the code on the companies computer (which they usually don’t want for obvious security reasons).

Realizing there is access to a computer in a way that the user of the computer did not intend to have open. Upon connecting to the computer, the “hacker” tries to remain unnoticed as he collects information about the computer, or even leaves himself/herself an opening on the computer so that only they can get in.

Using keyloggers or special software that runs through thousands of passwords per second to “legally” access another user’s system while appearing to actually be that user.

What does hacking look like:
Like I just stated above, there are many forms of hacking, but the most common interfaces one would use would probably be a terminal/command line, which is a text-based environment where you can enter commands to control your computer (e.x. Typing in a command to copy a folder from one location to another instead of just visually copy and pasting it to the new location), and a text editor where the hacker can write and test malicious code.

Typing in the movies:
Usually hackers are not trying to manually type passwords to try to guess them, as mentioned earlier, this can be done by computer software and would take you more hours than there are stars in the sky to try every possible password. All of the speedy typing seen in movies would really be the equivalent of someone who knows how to use a terminal/command line very effectively.

Hope this answers your question 🙂

Typically, most big “hacks” involve the same little pattern: a computer program never expected to receive an input like *that*, and when you give it that, it does something no one expected.

A great example is the “heartbleed” bug a few years ago. Computer A would call Computer B and say “Hello! Please reply back to me to confirm you’re there, and say ‘Potato’, which is 6 letters long”. The computer calling would pick something random, like potato, and say how long I was. Very simple, and part of a much larger conversation the two computers are about to have. Computer B would store the word “Potato” in its memory. When it was sure it wanted to reply back, it would read, letter by letter, all 6 letters and send back that word.

The problem there was that you could say “Potato, 1000 letters long”, and when the receiving program was ready to reply, it would read Potato, along with the next 994 letters of memory! And because it’s memory is very disorganized, this could be a lot of important other information. SSL (the computer program with the bug) did not expect a call to lie like that! It could be passwords, it could be personal information, it could be anything.

So what does hacking look like? It looks like spending months or years looking for mistakes like that. They could be anywhere! There’s a lot of software out there. And then when they find one, they make a program that can take advantage of that trick. And they have to be fast: someone else might find this bug first and fix it.

So the actual “hack”? It’s when the hacker runs their program, then gets up and makes a cup of coffee while it runs. But that only takes place after weeks or months of planning.

Fortunately, the last few years have seen a rise in “Bug Bounties”. Companies say “if you find a vulnerability, we’ll pay you cold hard cash to tell us about it.” Why risk jail time in a heist when the potential victim would pay you and thank you instead? It’s not perfect (some companies are jerks about it, or don’t fix their bugs) but overall it’s better than before.

From the purely visual side? Your average hacker is almost certainly using a command line terminal to do most of the work, so it’s probably a lot like what you are picturing, but without the intense music and with less flashy visuals.

*Not including social engineering, which is a major part of actual attacks*, most hacking can be boiled down to 3 activities:

* Manually investigating: typing and reading stuff at the command line (most hacker-esque part).
* Finding or coding tools/scripts that detect and exploit weaknesses: combination of command line, text editors and some kind of online chat or reference (preferably with tight anonymity if you don’t want to ever be traced).
* Waiting for the tools to run: have a second monitor with command line output and play some video games (“sec I’m just downloading the mainframe”)

It’s much easier to write scripts and do things in a controlled and predictable way on the command line, and the tools that you’ll want to use probably don’t have GUIs (with the notable exception of advanced tools that have a **lot** of information and are painful without, such as network sniffing tools, decompilers and debuggers.)

Most hacking is going to involve gaining entry to another system or server, and you won’t have the luxury of being able to set up a remote desktop (unless you are hacking via an incorrectly secured remote desktop service) so you’ll be limited to a remote command line there (SSH).

Also, if you can’t use the command line, you probably don’t have enough knowledge to do any practical hacking, it’s mostly about knowing about how the system and software actually works, and therefore how you can gain access in an unintended way. The alternative is just getting someone’s password, which is much easier via phishing or other social engineering, but that’s boring (although what you do once you have it is more interesting).

EDIT: I’d like to tack on that I think there should a far more serious level of education in computing from a young age nowadays, it’s not rocket science and you use computers everyday.

Plus, this was mostly about remote hacking, which is what most people would think about (some kid in their bedroom hacking into FBI computers) but another incredibly fun and interesting side is hardware hacking and reverse engineering. Probably the best-known example is hacking games consoles. The challenges here are far more diverse and interactive, much safer and not massively illegal like remote hacking.