Chat with
Hackers

How to Defend
Your Computer 

The Heretic! 
A Hacker Thriller

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

 

GUIDE TO (mostly) HARMLESS HACKING

Beginners' Series Number 10

How to *LEGALLY* Deface Web Sites (Honest! Would I lie to you?)
____________________________________________________________

OK, OK, just kidding. This Guide is really about how to fool your
friends into thinking you have defaced a web site. You can do this by
tricking the computer of your victim, er, friend into showing a false
web address. It's so easy, even a beginner can pull off these tricks.

In this Guide you will learn:

* How to alter a computer to which you have access so that anyone who
uses it will be tricked, muhahaha!

* How to set up a button on your web page that tricks someone who uses
Internet Explorer into thinking you defaced the CIA web site.

* How to send an email attachment that tricks someone who uses
Internet Explorer into thinking you defaced the CIA web site.

* Plus, an uberhacker bonus, how to forge email so you can insert
weird hidden codes into it.

Even if you don't like to play practical jokes, it's still worthwhile
to understand how easy it can be to trick someone into thinking they
are viewing a different web site from the actual one. What if you are
buying something online? To whom are you *really* giving your credit
card information? To whom are you *really* giving your online banking
information?
__________________________________________________

* How to alter a computer to which you have access so that anyone who
uses it will be tricked, muhahaha!
__________________________________________________

The easiest way to trick someone into thinking you have defaced a web
site is if you have access to his or her computer (or can get them to
use yours) and can edit the hosts file. Whether the victim computer is
a Mac, Windows, Linux or almost any other operating system, it should
have a file named "hosts". In Windows XP and 2000 it is in
C:/windows/system32/drivers/etc/. In Linux it is in /etc.

If you open the hosts file in an editing program such as Notepad, it
will look something like this:

# © (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host
name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

Now add on to it:

206.61.52.30 www.cia.gov

Get online, type http://www.cia.gov into the location window of your
browser, and you will get the Happyhacker.org web page, while the
location bar says http://www.cia.gov!

OK, so you want to pick a really rank web page to display instead of
our friendly Happyhacker page. How do you find the number that you put
in front of www.cia.gov?

If you have Windows XP, 2000, 2003, Mac OSX, Linux or any kind of
Unix, the answer is easy. If you have a Mac or Linux, bring up a
terminal or shell window. In Windows, click , click Start --> All
Programs --> Accessories --> Command prompt. (Or search for a file
named command.com or cmd.exe and run it.) Then type:

ping rottendisgustingsite.com

Pinging rottendisgustingsite.com [216.999.248.174] with 32 bytes of
data:

That gives the numerical address you need, in this case
216.999.248.174.
______________________________________________________________________

Newbie note: What do those numbers mean? They are Internet addresses,
usually called "IP addresses." They are kind of like phone numbers
used to reach computers over the Internet. When you enter a domain
name (happyhacker.org is an example of a domain name) into the window
of your browser, your computer has to look up the number to which it
corresponds in order to contact it, kind of like looking in a phone
book. In the cases above I messed up the IP addresses by putting 999's
so that lots of people wouldn't attack those IP addresses. Real IP
addresses only contain numbers between the periods of up to 254.
______________________________________________________________________

What if you want to create your own "hacked" web site at one of those
free web hosting places? How do you redirect a computer to your exact
page? Let's say it's at http://www.freewebsites.com/~mysite/. Tell
your friend that you hid a hacked page at http://www.cia.gov/~mysite/.
Then direct the IP address for freewebsites.com to www.cia.gov. When
she or he types in http://www.cia.com/~mysite/ she will see your own
web page.

There is one case in which this hack won't work: if the computer on
which you play this trick uses a proxy server. This is common in large
organizations as a security measure. So be sure to test your hack
before showing it off!

More--->>

 
Carolyn's most
popular book,
in 4th edition now!

For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

My SQL for Free

Return to the index of Guides to (mostly) Harmless Hacking!

© 2004 Happy Hacker All rights reserved.