I’ve been getting lots of hacking questions from ambitious beginners and they all circle around the same topic – What are the common hacking tricks for beginners available today? In this guide, I’m going to share some simple textbook hacking tricks that have been around for years now. This will just be a short overview but a simple Google search should yield more results under each trick.
But first, let’s have a quick recap of the Dark Web and the concept behind internet anonymity.
What is the Dark Web?
The dark web is the World Wide Web content that exists on darknets. Darknets are overlay networks that use the public Internet but which require specific software, configurations, or authorization to access. The dark web forms a small part of the deep web, the part of the Web that is not indexed by search engines, although sometimes the term “deep web” is confusingly used to refer specifically to the dark web.
The darknets which constitute the dark web include small, friend-to-friend peer-to-peer networks, as well as large, popular networks like Freenet, I2P, and Tor, operated by public organizations and individuals. Users of the dark web refer to the regular web as the Clearnet due to its unencrypted nature. The Tor dark web may be referred to as Onionland, a reference to the network’s top-level domain suffix .onion and the traffic anonymization technique of onion routing.
Common Hacking Tricks for Beginners
Horses of Troy
Horses of Troy refers to a technique used to manipulate how a program works by introducing a routine or set of instructions into the program without the user’s knowledge. Think of it as a more advanced form of a Trojan Horse. The program gets corrupted and behaves in a different way than was intended (For example: Format the hard disk, modify a file, etc.)
Superzapping is the unauthorized use of a file editor program to alter, delete, copy, insert or use in any way that is not allowed the data stored on the media of a computer. The name comes from a utility called SUPERZAP designed for Mainframes which allows access and modification to any part of the computer. Its equivalent on a PC would be the PC tools program or the Norton Disk Editor.
It is customary practice in complex application development for programmers to introduce interrupts in the logic of programs to check execution, produce control outputs, etc. in order to produce a shortcut to correct possible errors. In most cases, when a program is delivered to the user, these routines are not removed from the program. This provides the hacker with access or facilities in the work if he/she knows how to discover them.
This is the most common sabotage procedure used by disgruntled employees. It consists of introducing a program or routine that on a certain date will destroy or modify the information, or cause the system to hang/freeze.
This is perhaps the most complicated procedure and of which the fewest cases have been known. Asynchronous Attacks are based on the characteristics of large computer systems to recover from crashes, for which the data is periodically recorded as memory dump, value of the registers, etc. periodically. If someone were to bring down the system and modify said files at the time the system is operating again, it will continue with the information provided, and therefore the information could be modified or at least cause errors.
Remember Gilfoyle from Silicon Valley? Ah yes, he was my favorite.. and a master of Social Engineering too. Basically, social engineering is the art of convincing people to do what they really shouldn’t. For example, calling a user posing as a system administrator and requiring the password with some convincing excuse.
This is basically using a terminal of a system on behalf of another user because its password is known or saved by the system session. When a user leaves an active session on their computer without logging off, anyone can continue using the terminal and the system will assume the identity of the user hasn’t changed. The term is also applicable to the use of credit cards or false documents in the name of another person.
Punching of Data Lines aka Spoofing
Similar to the punching of telephone lines, the objective behind spoofing is intercepting data transmission systems (Telephone cable used by modem, local network cabling, fiber optics, cable TV) in order to monitor the information that passes through that point and obtain information from the system.
This defines the use of the computer to previously simulate a situation and thus determine the actions to be tested. In the context of Hacking, it refers to the simulation on the computer itself of the system to attack in order to develop action strategies.