how does one go about learning the trade of computers and hacking ("for educational purposes")?

[JuanitoSanchez]

I was about hacking and truly being anonymous while operating on a computer. I mean I know how to change my internal ip but not external(or is that even possible?) , I know how to grab ips(solely from grabify), Got a vpn as well and am using tor so that must be a decent thing right? Apart from that how do folks go about doing things like not only grabbing ips but more in depth grabbing info and data from people with little to no contact? How does one go about protecting there identity.  How does one go about protecting him(maybe I am a guy)/her(maybe I am a girl don't assume my gender) while doing it. also bots i am dead ass(I don't know if i can curse) interested in bots. How,what,when, and why? on the bot thing. this is basically a quest :) sorry and kind of an advice seeking thing.

[AnXiezY]

I'd say there are very few hackers around because;

 

• Most of the users here are using common available checkers and very few of them can make their own config, so they use the public configs on public checkers.
• People either buy databases / combos or they just use public ones and load them into the public checkers.

In my opinion cracking accounts with these methods still puts you above the average computer user.

 

• 90% of the hacking tools distributed here aren't coded by someone from here.
• 90% of the databases distributed here aren't hacked/dehashed by someone from here.
• 90% of the thot leaks here are stolen from somewhere else.

Only genuine thing this forum might have to offer could be refunding services.

Edited by AnXiezY, 29 April 2023 - 07:21 PM.

[FaithHF]

VPN + Tor is schizo-tier, and even then you are probably leaking too much info already on your own due to other bad setup.

Your external IP isn't the only piece of information online that identifies you. Canvas rendering, STUN requests, your OS's TCP/IP stack, other 'optional' headers your browser requests (or rather doesn't request) can all be used to fingerprint a user and track them across sites.

 

Of course, that's only tech-wise, and that's not the entire list. Naturally, you can be identified by the way you write messages, certain idioms or figures of speech you use, etc. That's how they caught Kaczynski.

 

A VPN could be useful, but honestly you're hurting yourself more with Tor than you're doing yourself good. If you live in a neighbourhood of 100 people and you are the only person who uses Tor, you're not exactly 'anonymous' because you're using Tor. If someone sees Tor traffic on their network, they are going to go check in with you first. You hide what you're doing, not who you are.

 

The best way to actually avoid being fingerprinted is, well, by matching your fingerprint with as many people as possible. Use the most common OS with the most common settings and most common applications. If you're actually doing something that justifies the need for your schizo setup, then use the schizo setup. You're probably under scrutiny already, so at least pull the curtain over what you're doing.

 

 

 

But you see, the interesting thing is that this is only tech-specific the second line in this post. Most of what I've told you here is just logically deduced.

You don't need to spend years studying tech to understand why something is a good or bad idea, all you need is to look at one piece of tech, understand what it does, then think.

 

Is that tech useful?

What does it actually accomplish?

What doesn't it accomplish?

What might be some side effects of using this tech?

etc.

 

 

 

I'm going leave my advice here, and instead of answering the rest of your questions, I'm telling you to first go and learn how to ask a question.

 

Your thoughts are everywhere.

As a result, you're typing all over the place.

Half of it doesn't make sense, or rather it seems completely unrelated. It's like asking your dentist about a broken leg.

Just because it's technically related to the field of medicine doesn't mean you're channelling your thoughts and effort into the right place.

 

Slow down. Think. Get your thoughts more organized, put those organized thoughts into words, and try again.

 

 

 

In my opinion cracking accounts with these methods still puts you above the average computer user.

 

Typing above 40wpm also puts you above the 'average computer user.' That's not a very high bar to set.

[JuanitoSanchez]

VPN + Tor is schizo-tier, and even then you are probably leaking too much info already on your own due to other bad setup.

Your external IP isn't the only piece of information online that identifies you. Canvas rendering, STUN requests, your OS's TCP/IP stack, other 'optional' headers your browser requests (or rather doesn't request) can all be used to fingerprint a user and track them across sites.

 

Of course, that's only tech-wise, and that's not the entire list. Naturally, you can be identified by the way you write messages, certain idioms or figures of speech you use, etc. That's how they caught Kaczynski.

 

A VPN could be useful, but honestly you're hurting yourself more with Tor than you're doing yourself good. If you live in a neighbourhood of 100 people and you are the only person who uses Tor, you're not exactly 'anonymous' because you're using Tor. If someone sees Tor traffic on their network, they are going to go check in with you first. You hide what you're doing, not who you are.

 

The best way to actually avoid being fingerprinted is, well, by matching your fingerprint with as many people as possible. Use the most common OS with the most common settings and most common applications. If you're actually doing something that justifies the need for your schizo setup, then use the schizo setup. You're probably under scrutiny already, so at least pull the curtain over what you're doing.

 

 

 

But you see, the interesting thing is that this is only tech-specific the second line in this post. Most of what I've told you here is just logically deduced.

You don't need to spend years studying tech to understand why something is a good or bad idea, all you need is to look at one piece of tech, understand what it does, then think.

 

Is that tech useful?

What does it actually accomplish?

What doesn't it accomplish?

What might be some side effects of using this tech?

etc.

 

 

 

I'm going leave my advice here, and instead of answering the rest of your questions, I'm telling you to first go and learn how to ask a question.

 

Your thoughts are everywhere.

As a result, you're typing all over the place.

Half of it doesn't make sense, or rather it seems completely unrelated. It's like asking your dentist about a broken leg.

Just because it's technically related to the field of medicine doesn't mean you're channelling your thoughts and effort into the right place.

 

Slow down. Think. Get your thoughts more organized, put those organized thoughts into words, and try again.

 

 

 

 

 

Typing above 40wpm also puts you above the 'average computer user.' That's not a very high bar to set.

First interest would be anonymity. Maybe get Linux,Vpn so I can operate on the tor network without it being traceable? 

[JuanitoSanchez]

I'd say there are very few hackers around because;

 

• Most of the users here are using common available checkers and very few of them can make their own config, so they use the public configs on public checkers.
• People either buy databases / combos or they just public ones and load them into the checker.

In my opinion cracking accounts with these methods still puts you above the average computer user.

 

• 90% of the hacking tools distributed here aren't coded by someone from here.
• 90% of the databases distributed here aren't hacked/dehashed by someone from here.
• 90% of the thot leaks here are stolen from somewhere else.

Only genuine thing this forum might have to offer could be refunding services.

Yeah, I notice refunds are a major thing here. That isn't my thing not to say there is anything wrong with it. I just find it kind of less worth the risk. I mean as I said anonymity isn't my thing yet.whats up with the database and combos? what is that? Also thanks for another reply.

[FaithHF]

First interest would be anonymity. Maybe get Linux,Vpn so I can operate on the tor network without it being traceable? 

 

The biggest learning curve will be using Linux, but again, I wouldn't recommend it if you don't need it.

Win7 or Win10 running in a virtual machine is probably safer, since again it makes you look like an average user to the website. Blend in with the 40% of users on Windows, not the 1% on Linux.

 

And keep in mind that everything is traceable given enough resources invested into tracing you. Most of the time, no one actually has the means to do anything. It's when feds (or other organizations with enough funding) get involved that you need to start worrying about being traced. Tor and a VPN will hide your IP, but it won't stop other profiling and de-anonymizing measures. That's where you need to start using your breain and figuring out what can actually de-anonymize you.

 

Yeah, I notice refunds are a major thing here. That isn't my thing not to say there is anything wrong with it. I just find it kind of less worth the risk. I mean as I said anonymity isn't my thing yet. Although I am interested in the e-whore trade and the scam I don't even know where to start with that.whats up with the database and combos? what is that? Also thanks for another reply.

 

I can't imagine openly admitting to wanting to scam people is going to fly well with the community here, especially the side that sells products on here. But whatever, to each their own I guess.

 

As for databases/combos, put it this way:

 

1. You hack a website and drop their user table that contains emails, usernames, and password hashes.

2. You crack the password hashes to get their plaintext passwords.

3. You know that people are dumb and use the same password on different websites.

 

What's the logical conclusion on what you should do with the usernames and passwords?

 

 

 

You seem to already know that hiding your IP is important if you are trying to be anonymous online.

Now, you just need to understand what else plays a role in online anonymity.

 

Start here:

Please Login or Register to see this Hidden Content

Please Login or Register to see this Hidden Content

Please Login or Register to see this Hidden Content

 

Afterwards, look into how data is being used, and keep somewhat up-to-date with advancements in big-data either for advertising or generating datasets. If you know what companies are doing to try and mine your data, it makes you a little more aware of what you need to do to prevent it.

 

The most important thing about anonymity is using your brain, honestly. Using too many tools to try and "mask" yourself just makes you stick out like a sore thumb in the crowd.

 

Think about who might be trying to de-anonymize you, and think about what measures they might take to de-anonymize you.

Then, think about how you can prevent those measures.

[JuanitoSanchez]

E-whoring along with social engineering is the scam I am personally referring to get started with. I am definitely in no way,shape or form saying I am a outright scammer here to scam. If anything  the original reason i joined was to buy. Just to clear that up.

Now I've actually read over that article and it is really complicated which is why I am going to have to re-read it 2-3 more times before i grasp it. Here I thought deleting my cookies 2-3 times a week was making me somewhat untraceable you drop that upon me. I have a question lol surprise. So you said earlier 'schizo-tier' when referring to a vpn mix with tor. so in your opinion on tor that VPN leaves my fingerprint at least partially?

[FaithHF]

Replied to DM from OP, but for anyone else following this thread and wondering, I'll summarize:

 

When I say "schizo-tier" I'm referring to paranoia.

As mentioned before, using a VPN masks your IP. Your ISP might not like that you are hiding your traffic, and some websites you visit might not like that you aren't showing your actual IP. But, there's nothing they can really do, and unless they have a cause for concern, they won't do anything about it.

But when you start using Tor, this starts throwing red flags. Tor traffic is really easy to detect on a network, since the list of Tor nodes is publicly accessible. Your ISP will actually start wondering why you 'need' to use Tor and what you're doing behind the curtain. Websites will immediately think you are a malicious connection and rate-limit you, or simply won't let you connect in some cases. Sites that use CDNs are particularly bad for this (except for Tor-specific CDNs like how it's implemented for Dread and sister sites.)

 

It's like you're out on the highway driving a car that you don't have insurance for. If you're driving normally, no cop is going to pull you over. (Probably.)

If you have tinted windows and some detailing on your car, it might stand out more to some cops, but doesn't give them plausible cause to pull you over. (Probably.)

But then you rip off your license plate, because you don't want someone to write your license plate down, and all of a sudden you get pulled over in the first five minutes because you drew unnecessary attention to yourself

 

This mainly stems from not understanding what your threat model is. It's different for everyone, and depends entirely on what you're doing.

You need to understand who might want to de-anonymize you.

 

Is it some pissed off kid in a video game?

Is it some random 30yo guy with some spare cash that you've been fucking with?

Is it a private investigator or a local police station?

Is it some bigger organization with proper funding and a means to de-anonymize you?

 

You figure out who's after you. Then you figure out what means they *can* go through to get you (i.e. a pissed off Xbox kid isn't going to ring up your ISP and spend days tapping your traffic to find a bit of personal info, but a larger organization might. The pissed off Xbox kid is going to send you an IP logger and try his best to DDoS you, to no success.)

 

Based on what your threat model is, you can predict what actual threats you are facing, and put your own measures in place (e.g. scared of an IP logger? either don't click links you don't recognize, or use a VPN.)

[JuanitoSanchez]

Replied to DM from OP, but for anyone else following this thread and wondering, I'll summarize:

 

When I say "schizo-tier" I'm referring to paranoia.

As mentioned before, using a VPN masks your IP. Your ISP might not like that you are hiding your traffic, and some websites you visit might not like that you aren't showing your actual IP. But, there's nothing they can really do, and unless they have a cause for concern, they won't do anything about it.

But when you start using Tor, this starts throwing red flags. Tor traffic is really easy to detect on a network, since the list of Tor nodes is publicly accessible. Your ISP will actually start wondering why you 'need' to use Tor and what you're doing behind the curtain. Websites will immediately think you are a malicious connection and rate-limit you, or simply won't let you connect in some cases. Sites that use CDNs are particularly bad for this (except for Tor-specific CDNs like how it's implemented for Dread and sister sites.)

 

It's like you're out on the highway driving a car that you don't have insurance for. If you're driving normally, no cop is going to pull you over. (Probably.)

If you have tinted windows and some detailing on your car, it might stand out more to some cops, but doesn't give them plausible cause to pull you over. (Probably.)

But then you rip off your license plate, because you don't want someone to write your license plate down, and all of a sudden you get pulled over in the first five minutes because you drew unnecessary attention to yourself

 

This mainly stems from not understanding what your threat model is. It's different for everyone, and depends entirely on what you're doing.

You need to understand who might want to de-anonymize you.

 

Is it some pissed off kid in a video game?

Is it some random 30yo guy with some spare cash that you've been fucking with?

Is it a private investigator or a local police station?

Is it some bigger organization with proper funding and a means to de-anonymize you?

 

You figure out who's after you. Then you figure out what means they *can* go through to get you (i.e. a pissed off Xbox kid isn't going to ring up your ISP and spend days tapping your traffic to find a bit of personal info, but a larger organization might. The pissed off Xbox kid is going to send you an IP logger and try his best to DDoS you, to no success.)

 

Based on what your threat model is, you can predict what actual threats you are facing, and put your own measures in place (e.g. scared of an IP logger? either don't click links you don't recognize, or use a VPN.)

Virtual box* helps protect my direct ip so I can use it on any site without it being directly traced back to my machine. you're right I need to figure out my threat level prior to doing anything which will be kind of hard. you're really smart man you a programmer or something?

[FaithHF]

VBox does not do that, no. Depending on how you set up your network configuration for virtual machines, they can hide your internal IP though (i.e. local IP, or the 192.168.X.X on your private network) which might help against a STUN request.

But, again it does depend on your configuration.

 

Only a hobbyist, really.