What's New!

Chat with
Hackers

How to Defend
Your Computer 

The Guides
to (mostly) 
Harmless Hacking

Happy Hacker 
Digests (old stuff) 

Hacker Links 

Hacker
Wargames 

Meet the 
Happy Hacksters 

Help for 
Beginners 

Hacker 
Bookstore 

Humor 

It Sucks 
to Be Me!

How to Commit
Computer Crime (not)! 

What Is a 
Hacker, Anyhow? 

Have a 
Great Life! 

News from the 
Hacker War Front

Überhacker Table of Contents

Acknowledgements

    More about Our 2nd Edition Technical Editors

Foreword

Introduction

    What’s New in this Edition?

    What Is a Hacker?

    What Is an Überhacker?

    Will this Book Make You an Überhacker?

    Who Should Use this Book?

    What You Need to Know Already

    Conventions Used in this Book

    Who Am I?

Chapter 1: How to Break into Computers: the Foundation

    The Criminal Way

    The Foundation: How to Develop the Ethical Hacker Lifestyle

    What Is a Mentor?

    Who Are the Real Hackers?

    How to Win Mentors

    Hunting Exploits

    The Elusive 0-Day Exploit

    Hardware and Software for your Hacker Lab – and How to Get it Cheap

    How to Get Hardware Cheap

    How to Get Operating System Software Cheap

    Further Reading

Chapter 2: How to Set Up a Windows (of any flavor) Hacker Lab

    What Is Ethernet?

    History of Ethernet

    Ethernet Basics

    10BaseT or 100BaseT

    Wireless Ethernet

    How to Install Network Interface Cards (NICs)

    Tools You Will Need

    How to Physically Install a NIC

    Hardware and Software You Will Need

    Types of NICs

    Hardware for 10/100BaseT cabling

    Hardware for Wi-Fi

    NIC Installation

    Choose Protocols

    Pick an Address and Set Up TCP/IP

    Enable Network Services

    Testing Your Network

    Cables

    Testing Your NICs across the LAN

    How to Get all of your LAN on the Internet

    Troubleshooting

    Device Manager Shows No NIC or Yellow Question Mark for the NIC

    Can’t Ping your NIC from inside its Computer?

    Flash PROMs

    Can’t Ping your NIC from across the Network?

    IP Address Problems

    How to Make your LAN Secure

    Conclusion

Chapter 3: How to Get Many Operating Systems on One PC

    The BIOS

    Hard Drives

    How to Install More than One IDE Hard Drive on the Same Computer

    File Systems

    The Expensive but Easy Way

    The System Commander/Partition Commander Way

    The SuSE Solution for Linux Plus Windows XP and 2000 all on the Same Drive

    How to Make a Triple Boot Disk the Harder Way

    How to Create a Triple Boot System without Boot Magic or System Commander

    Become a Computer Recycling Center

    Run Virtual Machines at the Same Time on One Computer

    Further Reading

Chapter 4:How to Build a Linux Attack Computer

    What Are the Best Linux Distributions?

    How to Install Linux Optimized for an Attack Computer

    How to Install Programs that Aren’t on the Linux Installation Disk

    How to Shut Down Services

    How to Configure your Firewall

    How to Configure Syslog

    Fstab

    The Password Files

    Setting up User Accounts

    Permissions

    The alphabetical permissions options

    The numeric permissions options

    Easy Ways to Set up Secure File Permissions

    More Armoring

    Try Your Basic Attack Tools

    Bastard Penguin from Heck Stuff

    Further Reading

Chapter 5: How to Build Your Windows Attack Computer

    How to Get Windows Server Operating System Installation Software Cheap

    Hardware Issues

    How to Install Windows Optimized for Attack

    Basic Tools You Need to Add

    How to Safely Install Attack Programs

    How to Harden your Attack Computer

    Turn Off Unneeded Services

    Restrict Enumeration

    Default Shares

    Logon Banners/Legal Notice

    Account Lockout Policy

    Event Auditing

    Forwarding of Event Messages to Another Machine

    Rename the Administrator Account

    Disable Guest

    Don’t Cache Logons

    Scanner/Intrusion Software

    Further Reading

Chapter 6: Your Shell Server: Friendship Central

    Why OpenBSD?

    Do You Really Want to Run a Shell Server?

    Where on Your LAN Should You Set up Your Shell Server?

    How to Install OpenBSD

    Installing Ports

    Tools for Managing Packages

    Where to Find Packages

    Installing Packages from the CD

    Installing Packages from Ftp

    Viewing and Deleting Installed Packages

    How to Harden Your OpenBSD Box

    How to Keep Your Friends from Getting You into Trouble

    How to Keep OpenBSD Hardened

    Further Reading

Chapter 7: How to Set up a Hacker Lab with Many Operating Systems

    How to Connect all Computers on your LAN to the Internet

    How to Set up a Windows NT Gateway

    How to Set Up a Unix-type Gateway

    How to set up a Firewall/Router

    How to Host a LAN Party

    Further Reading

Chapter 8: Basic Exploration Concepts

    Social Engineering

    Non-Hacker Snooping Techniques

    Internet Search Tools

    Network Exploration Tools

    Further Reading

Chapter 9: Ethernet Exploration

    How to Uncover the Identities of Computers on a LAN

    Arp Troubleshooting

    Why Are Arp Tables So Useful?

    MAC Addresses and OUI Databases

    Sniffers

    Conclusion

    Further Reading

Chapter 10: How to Explore the Internet

    What Is the Internet?

    Internet Backbones

    Where to Find Domain Name Registration Information

    Who Runs the Internet?

    The Relationship between Unix and Internet Protocol

    TCP vs. UDP

    The Great IPV4 vs. IPV6 Move

    How to Find Technical Information about Internet Protocols

    "Nice" Internet Exploration Tools

    Whois

    Nslookup

    Dig

    Host

    Traceroute

    SMTP

    Finger

    NetBIOS

    Rude Internet Exploration Tools

    Port Scanners

    Vulnerability Scanners

    How to Use Internet Exploration Techniques to Cleanse Kode Kiddies

    How to Make the Bad Guys Immediately Miserable

    Further Reading

Chapter 11: How to Learn Anything about Anyone

    Search of the Business Literature

    Market Research and Competitive Intelligence Firms

    Trade Shows and Conferences

    Credit Bureaus

    Private Detectives

    Social Engineering

    Reverse Phone Lookup

    Government Documents Archives

    Dumpster Diving

    How to Know when You Have Gone too Far

    Further Reading

Chapter 12: How to Install Tools and Exploits on Linux

    What to Watch Out For

    How to Install Common Exploit Programs

    How to Modify Programs So They Actually Work

    How to Compile C Programs

    Your First C Program

    How to Get Additional Header Files or Entire Libraries

    How to Link Additional Headers and C Libraries

    Other Ways Hacker Exploits May Mess Up

    Further Reading

Chapter 13: How to Break into Almost Any Unix-Type Computer

    Basic Principles of Breaking into Unix-Type Computers

    Shell Commands

    Authentication

    Memory Management Problems

    Race Conditions

    How to Break in from the Console

    How to Gain Access Remotely

    From Within the Same LAN

    Via Unauthorized Modem

    Via Listening Services

    Network File System

    "R" Services Exploits

    Brute Force Password Attacks

    Cracking Password Files

    Escalation of Privileges

    Getting the Shadowed Password File

    Core Dumps

    Vulnerable System Programs

    Victim User’s Client Programs

    Forgotten Programs

    Leftover Debugging Tools

    Trojans

    Worms and Viruses

    Conclusion

    Further Reading

Chapter 14: How to Break into Windows 95/98/98SE/ME

    Basic Principles

    How To Gain Total Access to Windows 95/98 from the Console Within Seconds

    Windows 95/98/ME Passwords

    How to Break into Windows 95/98/ME from Across a LAN or from the Internet

    Ethernet Hacking

    Dialing into Modems

    Shared Resources: The NetBIOS Vulnerability

    Personal Webserver Exploits

    Exploiting Flaws in Applications: Trojans

    Finding Pre-existing Trojans

    Trojan Worst Case: Remote Administration Tools

    Trojan Delivery Tactics

    Make or Customize your Own Trojans

    Web Browser Attacks

    Email

    MS Office Applications

    Remote Registry Service

    Remote Administration Tools

    Reconnaissance

    Using NetBIOS to Extract Information on Resources and Services

    Anonymous NetBIOS Logins

    Using the Local/Global Administrators Commands

    How to Break in Using NetBIOS

    Password Cracking from the Console

    Cracking Passwords by Sniffing the LAN

    Password Guessing

    Getting the Power to Run Programs on a Hacked NT code base Box

    Weaknesses in Windows Servers

    Examples of Ways to Break into Windows Servers

    How to Attack Applications

    Modems

    Terminal Services

    IP Security Filters

    Resources for securing Windows NT/2000/XP/2003:

Chapter 16: How to Deface, Exploit or Make Merry with Webservers and Databases

    Why Are Webservers So Easy to Compromise?

    The Legal, No-Brainer Way to Hack your Friends’ Web Sites

    Malicious URLs

    The Magic of Encoding

    Telnet and Netcat Attacks

    DNS Compromise

    Database Attacks

    Common Database Server Vulnerabilities

    SQL Injection

    Brute Force Password Attacks

    Lotus Domino Exploit

    Ftp Hacking

    How to Subvert Web Password Encryption

    CGI Exploits

    Active Server Pages Exploits

    Server Side Includes

    Everything Else (almost)

    How to Compromise the Most Secure Webservers

    How to Scan for Vulnerable Webservers

    Further Reading

Chapter 17: Phone Hacking

    Modem Basics

    How Do You Find an Unauthorized Modem?

    How to Attack Modems

    Cable Modems

    Digital Subscriber Lines

    PBX Fraud

    Conclusion

    Further Reading

Chapter 18: Ethernet Hacking: Wireless and Wired LANs

    Why Break into LANs?

    Wireless LANs

    What to Do after Getting on a LAN

    ARP (Address Resolution Protocol) Spoofing

    How to Defeat Switched Ethernet

    A Slightly Stealthy Way to Add Arp Entries

    Sniffers

    How to Hide or Find a Sniffer

    An Example of MAC Address Hacking

    Conclusion: What this Means for the Defenders

Chapter 19: Routers, Firewalls and Intrusion Detection Systems

    Tutorials

    Free Router and Firewall /Proxy Software

    Cheap Cisco Hardware

    How to Break into a Cisco from the Console

    Overview of IOS Commands

    SNMP Hacking

    Everything You Wanted to Know about IDS

    Types of IDSs

    How IDSs Work

    Characteristics of a Good IDS

    How Computer Criminals Defeat IDS

    Lost or Unknown Network Elements

    Overwhelm the IDS

    Screwy Packets

    0-day Attacks

    Exploit a high-speed network

    Exploit a highly switched network

    Break into the IDS System

    An Improperly Configured IDS

    Further Reading

    Routers

    Intrusion Detection Systems

Chapter 20: Denial of Service

    Bad Packets

    Distributed DOS Attacks

    How the Most Common DDOS Techniques Work

    Worms and Viruses

    Smurf

    Trin00

    Tribal Flood Network

    Stacheldraht

    Tribal Floodnet 2K

    IRC Bots

    Other Distributed DOS Weapons

    What to Do if Your Network Is Running DDOS Attacks

    How to Keep Your Network from Being Used in DDOS Attacks

    What If you Are on the Receiving End of DDOS Attacks?

    Miscellaneous Lame, Obnoxious DOS

    How to Defend against DDOS Attacks: the Future

    Conclusion

    Further Reading

Chapter 21: How to Defeat Encryption

    Pretty Good Privacy (PGP)

    Secure Shell

    Kerberos

    pcANYWHERE

    Smart Cards

    One-time Password Generators

    Moore’s Law

    Tempest

    The (possibly) Shaky World of NP-Complete

    Conclusion

    Further Reading

Chapter 22: The Quest for 0-Day

    Setting up a Honeypot

    Discovering Your Own 0-Day

    Escape Sequences

    Discovering CGI Exploits

    Metacharacters and Special Characters

    Server Side Includes

    Browser vs. Telnet vs. Netcat; GET vs. POST

    Buffer Overflows: the Happiest Hunting Ground

    How to Write Attack Code

    Black Box Experiments on Windows

    Documenting Your Experiments

    Conclusion

    Further Reading

    How to Totally Compromise a Fortune 500 Company

    Simple Social Engineering Tricks

    Credit Card Scamming

    Password Scams

    Email Scams

    Social Engineering Critical Corporate Information

    Social Engineering Physical Access

    Reverse Social Engineering

    The Case of the Copycat Web Site

    The Biggest Social Engineering Scams

    How to Keep from Getting Suckered by Social Engineers

    The Scientific Method

    The US Justice System

    The Historian’s Approach

    Further Reading

Glossary

Index

Buy the Überhacker book now! --->>


Carolyn's most
popular book,
in 4th edition now!
For advanced
hacker studies,
read Carolyn's
Google Groups
Subscribe to Happy Hacker
Email:
Visit this group

© 2013 Happy Hacker All rights reserved.