Friend: So you're a programmer? You must be good in hacking WiFis and sht.
Me: Uhm..
Friend: Can you hack my PayPal account using HTML?
Me: Say no more.

I was in school and I got bored. I opened two command prompts and did what any scammer would do.

I went to the root of the drive and did a tree. The other window is pinging google infinitely.

After a few seconds, I hear a kid say "Are you hacking the pentagon?". That guy also asked me to hack the Google Play Store. He shall forever think I'm a hacker.

An incident which made a Security Researcher cry
--------------------------------------------------------
I was working on my laptop finishing up my code while waiting for the flight which was late . Meanwhile two guys (I'm gonna call them Fellas) in black suit and shades came to me

Fella : Sir you have to come with us .
Me : *goes along with them*
Fella : Sir please proceed *points towards the door . The room has a round table with some guys discussing something *
Fella 1 : Your passport please
Me : *Hands over the passport*
Fella 1 : Where are you traveling to sir?
Me : India
Fella 1 : Put your laptop in the desk sir.
Me : Sure thing
Fella 2 : What were you doing there? *Taps the power button*
Me : Just finishing up my work .
Fella 1 : Or hacking our systems?
Me : Seriously?
Fella 2 : The password please .
Me : Here you go
*5 minutes have passed and​ he still can't figure out how to use the machine*
Fella 2 : Which Windows is this?
Me : It's Linux
Fella 1 : So you are a hacker .
Me : Nope
Fella 1 : You are using Linux
Me : Does it matters?
Fella 1 : Where do you work?
Me : *I won't mention here but I told him*
Fella 2 : So what do you do there?
Me : I'm a Security Researcher
Fella 1 : What's your work?
Me : I find security holes in their systems .
Fella 1 : That means you are a hacker .
Me : Not at all .
Fella 2 : But they do the same and they use Linux .
Me : You can call me one .
*After 15 minutes of doo-laa-baa-dee-doo-ra-ba-doo amongst them I dunno what they were talking , they shutdown the computer and handed over it to me*
Fella 2 - So you are somewhat like a hacker .
Me - *A bit frustrated* Yes.

##And now the glorious question appeared like an angel from river ##

Can you hack Facebook?
Me - 😭😭😭

* Google announces a prize for hacking it *
* Searches google - how to hack google - *

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

Anyone know this bitch hacker 127.0.0.1 story?

WORST HACKERS OF ALL TIME

CONTINUED IN THE COMMENTS BECUASE IT IS SO LONG...

TLdr bitch hacker hacks himself by localhost

bitchchecker (~java@euirc-a97f9137.dip.t-dialin.net) Quit (Ping timeout#)
bitchchecker (~java@euirc-61a2169c.dip.t-dialin.net) has joined #stopHipHop
<bitchchecker> why do you kick me
<bitchchecker> can’t you discus normally
<bitchchecker> answer!
<Elch> we didn’t kick you
<Elch> you had a ping timeout: * bitchchecker (~java@euirc-a97f9137.dip.t-dialin.net) Quit (Ping timeout#)
<bitchchecker> what ping man
<bitchchecker> the timing of my pc is right
<bitchchecker> i even have dst
<bitchchecker> you banned me
<bitchchecker> amit it you son of a bitch
<HopperHunter|afk> LOL
<HopperHunter|afk> shit you’re stupid, DST^^
<bitchchecker> shut your mouth WE HAVE DST!
<bitchchecker> for two weaks already
<bitchchecker> when you start your pc there is a message from windows that DST is applied.
<Elch> You’re a real computer expert
<bitchchecker> shut up i hack you
<Elch> ok, i’m quiet, hope you don’t show us how good a hacker you are
<bitchchecker> tell me your network number man then you’re dead
<Elch> Eh, it’s 129.0.0.1
<Elch> or maybe 127.0.0.1
<Elch> yes exactly that’s it: 127.0.0.1 I’m waiting for you great attack
<bitchchecker> in five minutes your hard drive is deleted
<Elch> Now I’m frightened
<bitchchecker> shut up you’ll be gone
<bitchchecker> i have a program where i enter your ip and you’re dead
<bitchchecker> say goodbye
<Elch> to whom?
<bitchchecker> to you man
<bitchchecker> buy buy
<Elch> I’m shivering thinking about such great Hack0rs like you
bitchchecker (~java@euirc-61a2169c.dip.t-dialin.net) Quit (Ping timeout#)
bitchchecker (~java@euirc-b5cd558e.dip.t-dialin.net) has joined #stopHipHop
<bitchchecker> dude be happy my pc crashed otherwise you’d be gone
<Metanot> lol
<Elch> bitchchecker: Then try hacking me again… I still have the same IP: 127.0.0.1
<bitchchecker> you’re so stupid man
<bitchchecker> say buy buy
<Metanot> ah, [Please control your cussing] off
<bitchchecker> buy buy elch
bitchchecker (~java@euirc-b5cd558e.dip.t-dialin.net) Quit (Ping timeout#)
bitchchecker (~java@euirc-9ff3c180.dip.t-dialin.net) has joined #stopHipHop
<bitchchecker> elch you son of a bitch
<Metanot> bitchchecker how old are you?
<Elch> What’s up bitchchecker?
<bitchchecker> you have a frie wal
<bitchchecker> fire wall
<Elch> maybe, i don’t know
<bitchchecker> i’m 26
<Metanot> such behaviour with 26?
<Elch> how did you find out that I have a firewall?
<Metanot> tststs this is not very nice missy
<bitchchecker> because your gay fire wall directed my turn off signal back to me
<bitchchecker> be a man turn that shit off
<Elch> cool, didn’t know this was possible.
<bitchchecker> thn my virus destroys your pc man
<Metanot> are you hacking yourselves?
<Elch> yes bitchchecker is trying to hack me
<Metanot> he bitchchecker if you’re a hacker you have to get around a firewall even i can do that
<bitchchecker> yes man i hack the elch but the sucker has a fire wall the
<Metanot> what firewall do you have?
<bitchchecker> like a girl
<Metanot> firewall is normal a normal hacker has to be able to get past it…you girl
<He> Bitch give yourself a jackson and chill you’re letting them provoce you and give those little girls new material all the time
<bitchchecker> turn the firewall off then i send you a virus [Please control your cussing]er
<Elch> Noo
<Metanot> he bitchchecker why turn it off, you should turn it off
<bitchchecker> you’re afraid
<bitchchecker> i don’t wanna hack like this if he hides like a girl behind a fire wall
<bitchchecker> elch turn off your shit wall!
<Metanot> i wanted to say something about this, do you know the definition of hacking??? if he turns of the firewall that’s an invitation and that has nothing to do with hacking
<bitchchecker> shut up
<Metanot> lol
<bitchchecker> my grandma surfs with fire wall
<bitchchecker> and you suckers think you’re cool and don’t dare going into the internet without a fire wall
<Elch> bitchchecker, a collegue showed me how to turn the firewall off. Now you can try again
<Metanot> bitchhacker can’t hack
<Black<TdV>> nice play on words
<bitchchecker> wort man
<Elch> bitchchecker: I’m still waiting for your attack!
<Metanot> how many times again he is no hacker
<bitchchecker> man do you want a virus
<bitchchecker> tell me your ip and it deletes your hard drive
<Metanot> lol ne give it up i’m a hacker myself and i know how hackers behave and i can tell you 100.00% you’re no hacker..

*Facebook Hackers follow the Rules*
(real story)

TL;DR: sorry, not available, can't do spoilers

One night I was with a group of friends out at a pub. A guy and his girlfriend show up, I didn't know them but they were my friend's friends.

The girl kept bragging the whole time about his boyfriend being a professional programmer, trying to remind it to everybody whenever possible (don't ask me why!).

So, after a while, the discussion moves towards "suspect Facebook activities" and the guy starts saying that he can hack Facebook.

- "What do you mean?", I ask.
- "Hacking into other people's accounts, even with 2 factor authentication. I did it a lot of times"
- "Wait, and they don't notice?"
- "Of course not! ^_^ He's a hacker", the girl replies.

Ok, time to do a coming out.

- "Hey, I'm a developer myself. Can you give me an idea of what you did in technical terms? Did you find a vulnerability? Used a virus? Maybe a keylogger?"
- "No... Uh... Well... The secret is to read the terms of service"
- "What?"
- "Yes... yes it's all in the facebook terms of service..."
- "Uhm, I'm not really sure I'm following. Could you prove it by hacking my Facebook account? I'm giving you the permission".

In less than a minute the discussion flew completely away and they never mentioned computers again.

😂😂

This should probably be labeled a meme, but I'm going to actually rant about this meme.

People use the term hacker way too frequently. Solving your trashy fucking "Pa$$w0rd123" password and getting access to your Spotify account isn't hacking.

Same douchewaffle probably thinks you could hack a Facebook account in 30 seconds. I fucking hate the way movies have portrayed hacking and created a dramatized bullshit idea for people to believe is real.

So, as everyone knows on here by now (or, a lot of ranters), I am a fervid privacy person.

Appearantly a new surveillance law in my country is about to extend mass surveillance/hacking a lot. So here a rundown of what they are about to be allowed to do (stuff that is not okay imo and this is the reason I am so pro-privacy):

- Mass Data Gathering: The intelligence agency over here (lets call it IA from now) can pretty much record everything send through the country.

- Extra Protection: If they want to conduct surveillance on journalists/lawyers, they have to go through extra channels first at least.

- Data/survaillance sharing: The IA is allowed to share their raw/filtered data with foreign intelligence agencies without limits. Also, they're allowed to conduct surveillance based on foreign requests.

- Secret DNA database: A secret DNA database will be created which can store the DNA profiles of any person who has commited any kind of crime. These profiles are allowed to be stored for a maximum of 30 years. This database is allowed to be shared with any foreign intelligence agency.

- Hacking: Unlimited power to hack any device deemed neccesary to hack in relation to crime. From computers to smartphones and so on. Also, it's allowed to use zero-days without reporting them to the vendor (we have seen what can go wrong with that through the ShadowBrokers scandal).

- Automatic Database Collection: They are allowed to directly tap into any database they see required (banks, healthcare, messaging services and so on). Practically this can lead to backdoors being build in because if you don't cooperate, you can go to prison. (mother of god I am not using anything closed source anymore if possible).

So yeah, this is pretty much the reason why I am so privacy consious. This country is fucked.

This isn't really a hacking story but it does remind me of something I did as "revenge."

In middle school, this one fool kept bullying me. Always tried to harm me, always tried to insult me, always tried to make me fall during PE.

I hated him a lot, so instead of trying to kill him as planned, I did a harmless little keylogger prank thing.

I installed a keylogger on the school's laptop before class. (I did it during break, and when class started, I placed it on his desk.)

He took the bait, and instead of doing work, he logged onto his social media accounts. Now I had his passwords and everything.

When I went home, I logged onto his social media. I checked his messages so I can get some dirt on him, didn't find much except for the fact he snuck out a few times, and smoked before.

I changed his profile picture to some cringy anime thing and messaged one of his friends (the one who always copied my test answers in History and would steal my homework) and I said, "tell --- that if he doesn't stop being an asshole, I'll do worse than "hack" his social media."

It freaked them both out a bit, but didn't change their behavior, which is a shame because my threat was empty. It's not like I was able to do anything more than that in middle school. To this day, they still have no idea who did that.

This was about 4 years ago.

Conversation between some kind of executives on the table next to mine:

A: do you know this app that'll let you hack into any Wi-Fi? You just click here, copy that and paste it here... and I hacked the restaurant's Wi-Fi. **laughs**

B: oh, only X? Bought. Wait... what is this "allow app to access your location"?

A: yeah, click "allow". You should also install a VPN.

B: what? BPN?

A: no, no. VPN. When you use a VPN you have a secure internet connection. You're protected from tracking, hacking and virus.

Once upon a time in Devland, there were two best friends @Alice and @Michelle and they worked together at The DevCo company as developers.
After a tough day handling an @-ANGRY-CLIENT-, they thought that they had to go and @RantSomewhere and so they went to a café. At the café, they ranted about some stupid clients, and @theItalianGuy at the third floor of their office building who never picked up calls, and @thatJavaGuy from the second floor who, they thought, was @notarealDev, and the usual stuff about their work. Somewhere in between, @Alice thought it would be @funvengeance to @hack @theNSA; “@karma is coming to get them”, said @Michelle.
To do this, they knew they’d have to take help from none other than @Gandalf who lived in a nearby @cave. So, the next day, taking a leave from work, @Alice and @Michelle embarked on journey to meet @Gandalf. After about an hour’s drive, they reached @Gandalf’s @cave. @Michelle went ahead to knock on @Gandalf’s rusty cave door. Being a lazy @necromancer, he magically opened his door 2 minutes later. “Who is't dares to disturb me in mine own catch but a wink?” shouted a voice from the back; “We’re two developers from DevCo and we need your help in our mission to @hack @theNSA”, shouted @Michelle. After a few seconds, he replied, ”Hmm… N'rmally I wouldst sendeth thee to mine own cousin @Hagrid, but in thy case, I sayeth thee shouldst visiteth the detective who is't goeth by the nameth @S-Holmes”. @Alice replied back, “Thank you, Sir @Gandalf, we’ll get help from this @S-Holmes, I’ve heard that he’s an @exceptionalGuy”; “Mine own pleasure, Farewell!” said @Gandalf, and the door closed shut.
So, @Alice and @Michelle went back to their car, and that time @Alice raised a question, “How are we gonna find this @S-Holmes? We don’t have a phone number or anything so we could contact this guy.”
“We should call @thatJavaGuy from work, I’ve heard he is a man of resources, he must know how to contact @S-Holmes”, said @Michelle.
And it was true, after a call with @thatJavaGuy, they were able to obtain @S-Holmes’s phone number.
“Howdy, this is @S-Holmes, what can I diddily ding dong do you for?”
“Hi, I’m @Alice, I’m from DevCo and I was hoping that I could get your help in our mission.”
“What kind of mission?”, asked @S-Holmes.
“We want to @hack @theNSA.”, replied @Alice.
“Okay… I think I might be able to hel-diddly-elp you! There’s an old and abandoned laberino noodly-near @stacked Street. It was made in @1989 and since then, it houses a magical computeroo that can hel-diddly-elp you in your mission. So, you just have to connect the computeroo to the Internet and you can diddily ding dong do your programmeroo thing and then you'll have access to the the noodly-nsa diddily ding dong database!”, answered @S-Holmes.
S-Holmes continued, “But I shall warn you, there's a riddly-rumorino that the laberino was abandoned because of an @electric-ghost that lurks there, but I bel-diddly-elieve it is just a computeroo program that was diddily ding dong designed to try to @stop hackers from accessing the top secret stuff!".
“Okay, thanks for your help! I bet we can handle whatever this @electric-ghost thing is, so… Goodbye!”, replied @Alice.
“Goodbye!”, said @S-Holmes and that ended their conversation.
Luckily, the @stacked Street was just a couple of miles away from them, so they reached the lab quickly.
As they got close to the lab they saw something that really surprised them…
--------
To be continued in part two...
(Do you want a part two? :/)

My first ever story is a little special because it is kind of dev related at it has "cameos" by various devranters, as you might have noticed.
How many did you count?
More in Part Two.

Thank you for reading and please, any feedback is welcome. Did you like it?
I haven't really revised it once, it is straight out of the keyboard.
Should I drop the "@" ?
But then it would impossible to spot some of the devRanters .
Let me know.

PS
What should be the title?
1)Alice in DevLand?
2)Adventures of Alice and Friends: Hacking the NSA?
You decide..(or maybe I'll pick the second one :D)

At school in computer class,
Me: (to friend who gets excited from "hacking") Hey look im gonna hack!
Friend: *Turns to watch*
Me: *Does "color a" and "tree"*
Friend: Wow.
Me: *Writes a quick Matrix.bat and opens it*
Friend: Woah guys look he is hacking!!
Me: *Sits there awkwardly*

I don't want to write clean code anymore :(

I read Clean Code, Clean Coder, and watched many uncle bob's videos, and I was able to apply best practices and design patterns
I created many systems that really stood the test of time...

Management was kind enough to introduce me to uncle bob clean code in the first place, letting us watch it during work hours. after like one year, my code improved 400% minimum because I am new and I needed guidance from veterans...

That said, to management I am very slow, compared to this other guy, they ask me for a feature and my answer would be like "sure, we need to update the system because it just doesn't support that right now, it is easy though it would take 2 days tops"

they ask the same thing for the other guy : "ok let me see what I can do", 1 hour later, on slack, he writes : done. he slaps bunch of if-statement and make special case that will serve the thing they asked for.

oh 'cool' they say -> but it doesn't do this -> it needs to do that -> ok there is a new bug,-> it doesn't work in build mode-> it doesn't work if you are logged in as a guest, now its perfect ! -> it doesn't work on Android -> ok it works on android but now its not perfect anymore.

and they feel like he is fast (and to be fair he is), this feature? done. ok new bugs? solved. Android compatibility ? just one day ... it looks like he is doing doing doing.

it ends up taking double the time I asked for, and that is not to mention the other system affected during this entire process, extra clean up that I have to do, even my systems that stood the test of time are now ruined and cannot be extracted to other projects. because he just slaps whatever bools and if statements he needs inside any system, uses nothing but Singleton pattern on everything. our app will never be ready-for-business, this I can swear. its very buggy. and to fix it, it needs a change in mentality, not in code.
---------------

uncle bob said : write your code the right way, and the management will see that your code generates less errors, with time, you will earn respect even though they will feel you are slow at first.

well sorry uncle, I've been doing it for a year, my image got bad, you are absolutely right, only when there is no one else allowed to drop a giant shit inside your clean code.

note: we don't really have a technical lead.
-------------------
its been only two days since my new "hack n' slash" meta, the management is already kind of "impressed" ... so I'll keep hacking and slashing until I find a better job.

Friend asked me to teach him how to hack. FML.

Today friend tells me he bought a $200 course on "Ethical Hacking". Asks if he can translate those skills to "cool hacking" CTRL+C

Me: I develop Applications.

Stranger: Oh so you are a programmer.

Me: Yup 😎

Stranger: Please hack my ex's insta.

Me: I am not a hacker nor am I intrested in learning to hack. I develop stuff from scratch. Innovate and contribute something to society.

Stranger: Oh, what a disappointment. Why did you say you are a programmer then.

Me: I...~am 😶

For some, hacking is the only programming thing for them. I get message at least once a month from someone requesting to hack someones fb,insta or some account.

Thinking of creating a bot which finds such keywords in my messages and automatically replies to them explaining what I really do. Or just f***ing block them.

The concept of, "hacking" at my school is so disgustingly bloated, as it probably is everywhere else. Some kid the other day said that he had hacked cookie clicker. Friggin cookie clicker. After opening inspect element and changing some local data to get infinite cookies. And he was hacking.

I swear, if I EVER told any of these idiots about some hacking project I did with an Arduino, they would start asking me how much money I made off with in the heist.

There is one kid in particular that annoys me, his name is Matthew, and he is the most pompous little piece of crap you have ever met. Every time they talk about him, they use the word, "hack" casually in conversation. "Wow dude he's gonna HACK you now", and it really boils my gears. I mean, come on, our school password is a birthday and initials, if he got into your account, he certainly didn't do it by hacking anyone. It has gotten to the point that I can't even hear the word without wanting to lash out at them and tell them how stupid they are. Maybe I can just send them a link to this rant.

A client was talking to me all day asking about my "hacking" experience.

I taught he was going to ask for a pen test for his trampoline website. At the end of the day, he revealed he wanted me to hack the "competition's databases" so he can promote his "very unique trampoline accessory".

Guess what happened? Nothing, cause fuck legal trouble!

I starten when I was 12 years old. I got bullied and got interested in computers. One day I crashed my dads computer and he reinstalled it. After that my dad made two accounts. The regular user (my account) and the Administrator user (my dads account). He also changed the language from Dutch to English. Gladly I could still use the computer by looking at the icons :')

Everytime I needed something installed I had to ask my dad first (for games mostly because there was no cable internet at that time). Then I noticed the other user account while looking over my dads shoulders. So I tried to guess the password and found out the password was the same as the label next to the password field "password".

At that point my interest in hacking had grown. So when we finally got cable internet and my own computer (the old one) MSN Messenger came around. I installed lots of stuff like flooders etc. Nobody I knew could do this and people always said; he is a hacker. Although it is not.

I learned about IP-address because we sometimes had trouble with the internet. So when my dad wasn't home he said to me. Click on this (command prompt) and type in; ipcondig /all. If you don't see an IP-address you should type in; ipconfig /renew.

Thats when I learned that every computer has a unique address and I started fooling around with hacking tools I found on internet (like; Subseven).

When I got older I had a new friend and fooled around with the hacking tools on his computer. Untill one day I went by my friend and he said; my neighbor just bought my old computer. The best part was that he didn't reinstall it. So we asked him to give us the "weird code on the website" his IP-Address and Subseven connected. It was awesome :'). (Windows firewall was not around back then and routers weren't as popular or needed)

At home I started looking up more hacking stuff and found a guide. I still remember it was a white page with only black letters like a text file. It said sometime like; To be a hacker you first need to understand programming. The website recommended Visual Basic 6 for beginners. I asked my parents to buy me a book about it and I started reading in the holliday.

It was hard for me but I really wanted to hack MSN accounts. When I got older I just played around and copy -> pasted code. I made my own MSN flooders and I noticed hacking isn't easy.

I kept programming and learned and learned. When I was 16/17 I started an education in programming. We learned C# and OOP (altho I hated OOP at first). I build my own hacking tool like "Subseven" and thats when I understood you need a "server" and "client" for a successful connection.

I quit the hacking because it was getting to difficult and after another education I'm now a fulltime back-end developer in C#.

That's my story in short :)

THEM: "I got a chrome thing that says, 'Don't turn off your computer. Someone is trying to hack into your computer.' ...and it had some lady's voice saying, 'Error. Someone is hacking into your computer.' Should I click anything?"
ME: "No. I'll be right there...what did you click?"
THEM: "It was some Facebook quiz about 'Which Disney movie are you?'"
ME:

Non CS friend: I want to learn Hacking, and Hack Facebook.

Me: That's pretty easy, We'll start with Hacking Twitter today, then tomorrow Facebook.

F: Ya, thats ok.

Me: 1. Login into your Twitter account,
2. Open the account you want to hack,
3. Right click on the tweet, and click inspect element, and Change the tweet as you want.

F: Wowww... Man that's amazing...

*** He believed that he is a hacker for one whole day ***

So probably about a decade ago at this point I was working for free for a friend's start-up hosting company. He had rented out a high-end server in some data center and sold out virtualized chunks to clients.

This is back when you had only a few options for running virtual servers, but the market was taking off like a bat out of hell. In our case, we used User-Mode Linux (UML).

UML is essentially a kernel hack that lets you run the kernel in user space. That alone helps keep things separate or jailed. I'm pretty sure some of you can shed more light on it, but that's as I understood it at the time and I wasn't too shabby at hacking the kernel when we'd have driver issues.

Anyway, one of the ways my friend would on-board someone was to generate a new disk image file, mount it, and then chroot to that mount path. He'd basically use a stock image to do this and then wipe it out before putting it live.

I'm not sure exactly what he was doing at the time, but I got a panicked message on New Years Day saying that he had deleted everything. By everything, he had done an rm -fr /home as root on what he had thought was the root of a drive image.

It wasn't an image. It was the host server.

In the stoke of a single command, all user data was lost. We were pretty much screwed, but I have a knack for not giving up - so I spent a ton of time investigating linux file recovery.

Fun fact about UML - since the kernel runs in user space as a regular ol' process, anything it opens is attached to that process. I had noticed that while the files were "gone", I could still see disk usage. I ended up finding the images attached to their file pointers associated with each running kernel - and thankfully all customers were running at the time.

The next part was crazy, and I still think is crazy. I don't remember the command, but I had to essentially copy the image from the referenced path into a new image file, then shutdown the kernel and power it back on from the new image. We had configs all set aside, so that was easy. When it finally worked I was floored.

Rinse and repeat, I managed to drag every last missing bit out of /proc - with the only side effect being that all MySQL databases needed to be cleaned up.

When you watch the new Jason Bourne and see people from CIA hacking a laptop from an Old cellular with a "shell code", or other people saying "use SQL to hack the database"

Sometimes, y'gotta do what y'gotta do.

Not a Story about an actual hack, but a story about people being dumb and using hacks as an excuse.

A few weeks ago my little cousin would reach out to me because "his Account was hacked...". Supposedly his League of Legends account was hacked by a guy of his own age (14) and this guy was boasting about it.

So i asked the usual things: "Has the email account been hijacked? Did anyone know about details to your acvount access? Etc..."

Turns out that one if his "friends" knew his password and username, but suppsedly erased these Informationen. And that was the part i didn't buy.

This was the point where he lost. Just because i am a programmer does not mean i can retrieve an account he lost because of a dumb mistake that could have easily been avoided. And that guy who was boasting about hacking LoL Account was coincidentally freinds with the friend who had the user credentials and password.

Moral of the Story? The biggest security weakness is almost always the user or a human in between...

A few years ago I was in high school and used to have a small reputation of hacking things. I could hack, just would never hack any school networks or systems (reputation + notice that there was a breach is a bad combo since everyone would immediately suspect you).

Anyways one day the networks internet connection went down in the school district and I was the only one who used a laptop to take notes. So I quickly opened the terminal and ran Wireshark and said to the person to my right "see that button there? yeah I programmed this last night. anytime I press it I can shut down the network so the teacher can't reach her files (she famously only saved them online). *Long dramatic press* Wireshark started scanning the network so all the numbers and lines were going crazy as it viewed the packet info "Now just wait", soon the whole class knew what I had done through whispers and lo and behold a few minutes later and the teacher couldn't reach her files.

Everyone loved me for the rest of the year for saving them from the homework for the week the wifi network was out since it also ended up having to cancel two tests in the class, and a lot more homework and tests in all their other classes. Solidified my reputation and no one fucked with me from that day on.

This is just one I had with my cousin who came for a visit.

Cousin: Yo bro, I want you to hack my girlfriend's Facebook?

Me: Lol, and why is that?

Cousin: I think she's cheating on me with this guy. I've seen her replying to him on fb messenger.

Me: Lol, ask her about it then if that's what you think.

Cousin: She won't talk bro. That's why I want you to hack her Facebook or even her phone so I can see who she's talking to.

Me: I can't bro.

Cousin: So you're not going to help me?

Me: Not that bro. I can't hack Facebook. I don't know how to do that stuff.

Cousin: But you have Bachelor's in CS and I've seen you writing those stuff on your computer....uhm, the code thing.

Me: Yeah, but those were school and personal programming projects. Not hacking stuff.. they're not the same.

Cousin: Oh man, what about her phone?

Me: Nope, can't do that either.

Cousin: But I've seen you hacking your Android phone... (*He saw me root my phone*)

Me: *face palm*

!rant

I get asked about being able to hack stuff, like cracking wifi passwords. Mostly I just go along with them and make up some stuff about how you _could_ do it. And explain how it is done, throw in some "yeah its tough"s and words they wont understand. Yeah with a dictionary attack and a powerful CPU with many threads you can definitely do it! You should try it! I say. Convincing them they can. Ofcourse, download kain and abel and look for something like aircrackng on google.

They won't amount to much and probably won't even try it, but I have a laugh. Seeing the hope of hacking and cracking fade away as a child's ice cream melting on a hot summer day.

Hehe

So I had this conversation with my dad
Background : He saw news about some celebrity's Twitter account got hacked.

Dad : Do you know how to hack a Twitter account?
Me : No dad. There are ways for people who do this kind of stuff.
D : But, you studied software engineering!
M : Yeah, but I don't do hacking.
D : Although hacking is not ethical but everyone should know about their field.

*Awkwardly left the room*

Just because I studied computer science doesn't mean that I SHOULD know hacking.

And this is not the first conversation of this kind!

I find it hilarious the total misconception of hacking that the general public has. I tell people I know cyber security (Not as much as a lot of people around here) but it is a hobby of mine and I find it very useful/interesting.

But I can't stop but laugh when someone is like, can you get all the text messages my bf receives?

Can you hack this for me can you back that?

C'mon even if I knew how to do that without being caught you think I would even admit that to you. Do hackers just walk around with an index card pasted to their forehead of their skill? It's not even slightly reasonable to think this lol even for someone who doesn't know about the field

Meanwhile at my place (Translation L-R):

"Wow! Are you good at hacking?"
"Please hack my neighbor's Wi-Fi"
"Download me some movies!"
"Are you good at math?"
"Please fix my phone!"
"Can you remove the virus on my computer?"
"How many hours do you sleep in one day?"
"Put some cheats on this game!"
"Please hack my boyfriend's Facebook account!"

Yep, my family and even the entire neighborhood are ignorant of what I do as a dev!

FFS I'M NOT A PC REPAIR MAN!!! 😤😤😤😠😡

>Wanted to become a hacker because I thought it was cool and fun
>Googled how to become a hacker
>Read a lot of articles
>Talked about it with nerdy friends who ended up helping me with a few resources
>Found Hack Forums
>Stayed on Hack Forums for a while and learnt a lot about malware and hacking and realized I needed to learn how to code to build my own hacking programs
>Got a book from a friend (It was a dev book based on basic)
>Got fascinated with programming and quickly moved on to C++
>Got frustrated with C++ and quit programming for months
>Got introduced to VB.Net and I finally could write codes and development a lot of applications, mainly malware creators and crypters as they were called on HE
>Quit HF and hacking and got into coding seriously and learnt web dev , then java and developing android apps and I have been happy since.

A few days back I read an article about ethical hacking and get rewarded for bug bounty. I thought that might be interested.

AND

I'm about to send out my first ethical hack report to a company! I'm nervous because I don't know how they'll respond. It's an xss vulnerability, and I really hope they'll fix it.

Every TV show/movie with a hacking scene....
Person trying to hack: I'm unable to get through their firewall.
Boss : Then hack HARDER.
Hacker: Thanks for the advice boss! I'm in!

In 2013: *opens cmd* "look at me I'm a hacker, I can hack your Facebook"

Now in 2019 : *copying some python examples* "I'm a hacker now, I made a bot for hacking your discord server"

It was more of "Hate story" with a guy whose mere presence would irritate me very much. He was also close to the girl I liked a bit (not very huge crush or something).

So he was very active on two of his social networks one being fb and second directly connected to fb so basically getting hold of fb would mean that I could control his other one too.

It was Oct 2016 and that time you could easily hack an account using social hacking (not asking OTP out something mere details did it for few accounts).

I hacked his account and wrote curse words and all. As I had already changed the email and password, he couldn't till date retrieve it.
However as he reported to fb, his account was held and I could no longer access it but till then everything was over.
I couldn't still spot him on FB or the other social network.
And this was one of the most evil act I have performed in my life.

going out of the cafe when some stranger stops me, he asks if I'm a programmer, said his friend told him,
i was like yeah, i mostly do web stuff, but can work on any project.
he then said, nah it's just about hacking that person, or even just his facebook account, i suppose it can be done..
then he looked at me noticing that I'm a few mood calories away from murdering his sorry ass.
he asks if it's not bothersome to ask
i said nah it's fine, just that every word you said after "hack" is bothering me terribly,
he just stepped back and walked away

In highschool we went through something like a malware/phishing prevention course.

It was pretty cool tbh, we spend the whole hour in a virtual environment where you'd see common malware and phishing attempts, but the really fun you could also "hack" other students.

Hacking them means you could cause some things to happen on their "PC". One of those was showing in a captcha on their screen and they had to type a the string of your choosing, before they could access the rest of the "virtual computer" again.

You can probably guess where this is going.
I was the first who had the idea to mix big i and small L and tested it on our teacher, who was also part of this environment and screenshared to the projector.

Thanks to sitting next projection I could see the pixels and I can confirm: same character, Pixel perfect!

I will forever cherish the memory of my the teacher begging me to undo the "hack" and the chaos that followed amongst my peers 😈

Also one of the excersizes was stupid. Click on a phishing mail and enter your credentials in the form. I asked the teacher WTF kind of credentials they even want me to enter to microsooft.cum and they just said "the credentials obviously" so I think they got their karma🖕

Worst "hackathon" turned out to be the boss (scrum master type) and a Magento guy (super OCD) working on a tiny tiny adjustment to a email template. They didn't really do anything and expected me to just make it all way better with CSS alone. I built out a robust responsive email in a codepen for them. They acted like they couldn't trust me to be a part of the team because I wasn't contributing - but I wasn't even sure what was happening. Between gathering refreshments and patting themselves on the back... it was hard to see what they had done. The online presentation to the magento people was pretty funny to watch though. If you think you can't have a presentation about nothing - think again. Magento is totally fucked. The word 'hacking' is not really suited to describe 'programming websites/applications quickly' anyway. 'Ninja' and 'hack' should always be considered red flags. 'Magento' should be a triple red flag: Jerk-off Jesus-complex boss, self-centered out of touch programmers, crap product. Watch out!

Bragging about knowing how to hack the company's emails definitely gets you into trouble. And then coming out clean and saying it was all a bluff still gets you into trouble. Hacking jokes in the office is same as a bomb joke in public(crowded) places.

Is there something you find genuinely cool and would recommend ? Some webpage, program, OS, library or anything ?

I mean hey. There are SO MANY reaaaally cool things I didn't know until last few months.. Things I'd be so grateful for if I knew them earlier. I'll list some of them and I just know you have few of yours too. Feel free to educate the rest!

Processing - Program so fun to code in + CodingTrain(YTB channel)
Microcorruption.com - so freaking awesome if you wanna learn hacking / assembly (not x86 necessarily)
LiveOverflow - cool hacking channel
Radare - cool cmd Linux disassembler
vim-adventures.com - LEARN VIM (not just how to quit it) LITERALLY by playing a game!!!!!!!!!!!!!!
slashdot - stay updated , like really
"BEST-WEBSITES-A-PROGRAMMER-SHOULD-VISIT" - GUYS THIS! Sorry for caps but search this on GitHub and you will fucking die of happiness of how freaking useful links there are and no bullshit to dig through , just pure awesomeness. REALLY
HandBrake - Top media converter without bullshit and bloat stuff in it
Calibre - Best eBook management software capable of literally everything ebooks related. Kindle is a bloated joke compared to this
QubesOS - You know you can have every OS running at once - you have a Linux but are playing win games. Yup. It's there. Free
Computerphile - You all know it, it's just for completeness
Khan Academy - Same
VulnHub - download vulnerable VMs and hack them, or learn by reading writeup on how to do it!
Valgrind - MUST HAVE for C/C++ programmers
Computer Science crash course videos

That's all I can think of from top of my head but hey, there's more to it so definitely add your 2 cents!

Last thing, if nothing, just check the websites on GitHub, that's lifechanger

Looking forward to see some cool links & recommendations!

At my school we use iPads (I don't know why) and the teachers can see what's on your screen, lock you inside an app, block apps/basically everything, lock/shut down your iPad, uninstall apps and they can even see what's your location. It sucks ass, but with my "professional" hacking skills I figured out a way to hack the system. If I use a VPN, for some reason they can't do anything to my iPad. I'm still waiting for the day my school is going to ditch iPad's an buy us laptops, but at least I can sleep good at night without having my teacher doing stuff to my iPad.

(I have a ton of other things I don't like about my school, and would love to rant about, but I don't want this rant to be 5000 pages long)

So recently i got a message from aa person asking how to (these are exact words) ,
:break into insta's database using Sqlmap"
I then proceeded to tell them to "f*ck of ya c*nt ".
Afterwords it inspired me to write this rant

annoying classmates:" hahaha GuYS bEtER wAtcH OuT he's GonnaA hack Us"

me: " yea I can program I also do some ethical hacking and cybersecurity "

annoying classmates: "hahaH Bro your a Hacker OhHHhHHOOO BrO CaN yoU hACk inSta FoR mE I NEEd MoRe FolloWeRs "

me:" tf no one that's illegal and two it's waste of my time "

annoying classmates: "BrOooo CaN yoU gEt Me SoMe HacKs fOr CsGo"

me: "can you just please f*ck off , i'm not hacking for you everything you've asked me is extremely unethical and a huge waste of time, Also if you suck so bad at a game you need to cheat I recommend just stopping "
annoying classmates: "DUdE whAt ToolS dO i HVAE to DownLOad To Be A haCkEr"
me: *trying hard not to murder them* " I told you to f*ck off"

being a hackers isn't downloading tools it isn't typing at 90wpm into a terminal with green font its not about games or fame or anything its about coming up with creative solutions to problems , thinking outside the box its about individuality and breaking from the heard , looking at things from a different viewpoint,
it's about endlessly seeking knowledge.
It's about freedom though creation that's what being a hacker originally was. But because of big media and movie company's (and script kiddies) people now confuse hacker with cracker and think of us as jobless fat kids sitting in a dark room in there parents house breaking into bank accounts and buying drugs on the dark web (which people see to think there a hacker just because they can open tor browser. they then proceed to use google to look up "fresh onion links 2020") .
My classmates and really my generation has a huge case of smooth brain. They a think we can just look at someone and hack them they also seem to think using a gratify link to get a persons up is hacking and using the inspect element is hacking and that opening a terminal is hacking ! AHHHHHHHHHHHHHHHHHHHHH"

Anyways ima end this here thanks for reading :)

Ok so today in class a friend asks me "Can you teach me hacking? I'll give you 20 dollars"
I tell him
1. I don't have interests in hacking neither do i have any experience with hacking
2. He is the type of guy to not pay me
3. He can just search it up

He also asked me a couple of weeks ago to do do the homework/assessment task for him for $20 as-well
I think he only thought i knew how to hack is because for a joke i made a bash cli thingo that changes the colours to black and green and he saw it while i was using it as a joke showing another friend

Just had a so called "cyber security" seminar in college today.
The guy who claimed to be a trainer or somewhat network security guy or something behaved enigmatically with utter consistency. He obviously claimed to know facebook hax0ring though.
They were basically there to advertise their complete crap: csksrc.org
(Ethical Hax0ring Course) (also claimed their site to be 99.9% secured - GREAT!)
After obtaining a ISO*** standard cert or after taking multiple sessions on "advanced ethical hacking" if you go about telling peeps in colleges that: "The single way to hax0r a facebook account is CSRF!" "Will hack your facebook account by MITM through malicious WiFi Ap." Then, NO neither I want your shitty cert nor do I want to be in your team and create the next level of "advanced ethical hax0ring - CEH course". Reason why I get cringed when peeps start about their certs and the ISO*** value it contains. What ISO value does your brain cells contain though?

Okay this is my first time posting on this site. I've browsed it (definitely not in class) and the community looks beautiful, so I'm going to just kind of slide in here. Anyways this is the part where I use my caps lock button and type lots of naughty words I guess...

<rant type = 'school'>
Our programming classes are fucking DISMAL uuugh... Okay so we have four technology classes: Tech Exploration, Coding 1, Coding 2, and Intro to CS (a 'high school' level class)... So this means a fuck ton of kids in programming classes, mostly because I WANNA MAKE MINCERAFT AND BE A KEWL BOI LIKE GAME DEV BUT I'M ALSO A FUCKING IDIOT AND WILL NOT LEARN ANYTHING YAAAAAAY but that's a mood and so there's a fucking tidal wave of dumb kids in these classes. So right we're dealing with like 80 kids per class period. Sorry if I'm repeating myself but there are a FUCKTON of students. Now, we have... wait for it... ONE FUCKING TEACHER. ONE. I fucking swear this district does not give a SINGLE SHIT about possibly THE SINGLE FUCKING MOST IMPORTANT SUBJECT WHYYYYYY... Okay so the teacher is kinda overworked as fuck lol. She can't really teach eighty kids at once so she mostly gives us exercises from websites but when she can she teaches us shit herself and actually knows a good bit about her field of study. She's usually pretty grumpy, understandably, but if you ask her a good question that makes her think you can see the passion there lol. So anyways that's a mood. Now at the other school it's even worse. They have this new asshole as a teacher that knows NOTHING about ANYTHING IT IS SO FUCKING REDICULOUS OH MY UUUUUGH... THEY STILL DON'T EVEN KNOW WHAT A FUCKING LOOP IS LIKE OKAY YOU'VE BEEN TEACHING PROGRAMMING FOR A YEAR AND YOU'RE THE ONLY ONE TEACHING IT AT THAT DISTRICT SO MAYBE YOU SHOULD AT LEAST FUCKING TRY WHAT IS WRONG WITH YOU... so he just makes them do shit from a website and obviously can't do half of the shit he assigns it's so fucking sad... I swear this district is supposed to be good but maybe not for the ONE THING I WANT IT TO BE GOOD FOR. Funny story: in elementary school once I wrote down school usernames for people I didn't really know and shared them a google doc that said "you have been hacked make a more secure password buddy" etc etc and made them the owner and these dull shits report it to the principal... So I'm in the principles office... Just a fucking dumb elementary school kid lol and the principal is like hAcKiNg Is BaD yOu ShOuLd NoT dO iT and I'm like how did you know it was me... so he goes on to say some bullshit about 'digital footprint' and 'tracing' me to it... he obviously has no clue what he's saying but anyways afterwards he points to where it says last change made by MY SCHOOL ACCOUNT... HOW DULL CAN YOU FUCKING POSSIBLY BE IT WAS FROM MY ACCOUNT THAT LITERALLY PROVED THAT I DID --NOT-- 'HACK' INTO THEIR ACCOUNT YOU DUMB FUCK. Okay so basically my school is a burning pile of garbage but it's better than most apparently but it's GARBAGE MY GOD... Please fucking tell me it gets better...

okay lol that was longer than I thought it would be guess I just needed to vent... later I guess
</rant>

Someone asked me if i know a way to hack Facebook profile. Instead I want to give them a malware or virus. Anyone can help me get a good virus which disguise as a FB hacking app? Thanks

Don't you hate it when people have unrealistic expectations from you ? Like this friend of mine saw some movie and now wants me to teach him how to hack. He has zero knowledge of computers and I'm not very proficient in cybersecurity myself. I'm a Web-Dev. I build websites. Hacking is a whole other domain but they just can't seem to get it in their heads. I wish I could just smack them so hard that they'd come back to their senses but alas ! that's not an option and by the looks of it, it never will be.

Friend, jestingly: Gabe I did a hack, I edited the html on my browser and sent a pic to my boss so that it wouldn't look like I was 20 minutes late
Me, seriously: Friend that's literally 99% of IRL hacking. Human error.
Friend, who is positive about humanity, unlike me: why do you disappoint me like this

While at a *coding* conference, with lots and lots of techy devs in attendance, many using mobile devices, a vendor decided to hold a hacking contest. Hack their little problem, get a t-shirt. Hack their big problem, get a bigger prize. I go to their website and notice:

1) they force me to create an account to do either problem.

2) the fucking bag of salty dicks can't even manage to make a responsive website. I mean, I could have fixed that for the cocksuckers while at the conference. But no, the shit company comes to a place full of devs and has a shitty website. Like, make your eyes bleed like a leaky sack of vaginas, bad.

I solved their little problem as fast as I could and deleted my account out of spite.

Need some advise from all you clever devs out there.

When I finished uni I worked for a year at a good company but ultimately I was bored by the topic.

I got a new job at a place that was run by a Hitler wannabee that didn't want to do anything properly including writing tests and any time I improved an area or wrote a test would take me aside to have a go so I quit after 3 months.

Getti g a new job was not that hard but being at companies for short stints was a big issue.

My new job I've been here 3 months again but the code base is a shit hole, no standardisation, no one knows anything about industry standards, no tests again, pull requests that are in name only as clearly broken areas that you comment on get ignored so you might as well not bother, fake agile where all user stories are not user stories and we just lie every sprint about what we finished, no estimates and so forth, and a code base that is such a piece of shit that to add a new feature you have to hack every time. The project only started a few months back.

For instance we were implementing permissions and roles. My team lead does the table design. I spent 4 hours trying to convince him it was not fit for purpose and now we have spent a month on this area and we can't even enforce the permissions on the backend so basically they don't exist. This is the tip of the iceberg as this shit happens constantly and the worst thing is even though I say there is a problem we just ignore it so the app will always be insecure.

None of the team knows angular or wants to learn but all our apps use angular..

These are just examples, there is a lot more problems right from agile being run by people that don't understand agile to sending database entities instead of view models to client apps, but not all as some use view models so we just duplicate all the api controllers.

Our angular apps are a huge mess now because I have to keep hacking them since the backend is wrong.

We have a huge architectural problem that will set us back 1 month as we won't be able to actually access functionality and we need to release in 3 months, their solution even understanding my point fully is to ignore it. Legit.

The worst thing is that although my team is not dumb, if you try to explain this stuff to them they either just don't understand what you are saying or don't care.

With all that said I don't think they are even aware of these issues somehow so I dont think it's on purpose, and I do like the people and company, but I have reached the point that I don't give a shit anymore if something is wrong as its just so much easier to stay silent and makes no difference anyway.

I get paid very well, it's close to home and I actually learn a lot since their skill level is so low I have to pick up the slack and do all kinds of things I've never done much of like release management or database optimisation and I like that.

Would you leave and get a new job?