Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Read as much as you can about assembly. Debuggers are your best friend. Pick a target (app, iPhone, xbox, whatever). Attach debugger and step through the code and learn possible entry vectors (buffer overflow, loading for arbitrary file i.e. pdfs, so forth). Once you have an entry vector you essentially have an exploit, the rest is developing that exploit to do something "useful".

Sorry for the shortness of this response, if people are interested I can throw together a couple of blog posts.



I would be interested in seeing some of those blogs


That would be really nice. I actually started learning programming so I could become a better "h4x0r" (I was a kid). But then I discovered I liked making things a lot more. I'd be really fun to go back and learn the things that inspired me to play with a computer in the first place.


For some (old, out of date) information you could have a look at Fravia's information.

(http://www.woodmann.com/fravia/)

This is ancient; and Fravia is dead, so updates are unlikely. Fravia was also Italian and the writing is, uh, sometimes hard to follow. But I include it because it gives insight to the frame of mind that is needed, and is comprehensive about the tools that used to be used.

(http://en.wikipedia.org/wiki/Fravia)

Someone putting together some blog posts for HN would be very much appreciated.


Aahhh... Fravia and the "crackstore" were great places to get tuts about hacking/cracking in their time (e.g. tKC tuts where good to follow as a kid).

I still miss those days of SoftIce :). Good memories.


Anyone else frequent http://freaky.staticusers.net/ back in the day? I always found their forums full of goodies [esp if you were interested in hacking from or into osx / os9] - pity it seems to have been taken down! [google still has some of it though].


I too grew up reading Fravia and absolutely loved his tutorials. One nostalgic evening several months ago I went googling for his tutorials and was saddened to see he had passed.

I've been very curious ever since to know what he wrote in his last post, but unfortunately I can't read Italian and the online translation service I've tried seem to fail horribly. Are there any Italian speakers able to translate this for the rest of us?

http://beri.it/2009/08/28/fravia/


I cannot upvote this enough. Fravia was brilliant, also check out searchlores, where he views the internet as a binary. Beautiful, beautiful work.


rip. His cracking, reversing and searching tutorials are an amazing body of work.


I'd like to add an example from the old days: "Ralf Brown's Interrupt List" [link]. It's a list of interrupts used by various software packages with documented weaknesses (typically register range checks). Whenever I'd write an ISR I'd check the list to avoid collisions with other software. Others would use it for writing exploits, the list contains a plethora of attack vectors.

[link] http://www.ctyme.com/rbrown.htm


Yes please do, and then submit to HN!


+1


"I will write blog posts if people support this notion."

"I support you writing blog posts on this matter."

Downvotes ensue.... Seriously?


Doesn't upvoting the original comment suffice?

Do people really need to also write out their support?


+1 for the blog posts.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: