Posiix

D, Thanks again. I completely understand that hacking is not a simple point and click affair. I have no intention of being a script kiddie, its just that at this point my knowledge is limited and I find it hard at times to see the big picture of how all the various elements of the "craft" (network security) fit together. Thats all I was trying to get at with the above questioning, I'm not asking for specific instructions. But, in order to approach the problem creatively I need a sense of the whole picture, learning the specifics will come second. I dont plan to be able to make this happen for some time I assure you. Thanks for opening my eyes a little more. Cheers. P

Thanks for the link bro, I'll ensure that I read into it, before you id not heard of XSS at all! Cheers. At risk of really exposing myself as a newb here, I had (only) a few more questions. 1. How does all of this fit together generally? For instance, do I reserve some domain, pay for a small hosting on a server somewhere, host the xss script there, then setup an ms page which loads the xss as an image, then I check the log on my host to retrive the data Im looking for? Is that how all these elements are linked together? 2. You mentioned myspace, which other sites are open to this vulnerability? Are there ways of working this through facebook inboxes or chats? 3. You menitoned a 1x1 pixel image. .swf is flash, yeh.. but .js is what? Is that xss mimicking a jpg? Thanks man.. really appreciate it. P|x

Thanks for the response... with respect to the server and the xss, are you talking about having him connect to a personal home page of mine hosted by a server I run locally? And what might that xss code look like (I need to learn simple xss, yah?) For that matter I read alot about having a sever, and I cant figure out why it is so important! is this sort of thing why? and as for the ftp, are you talking about trying to exploit his FTP if he has one (he doesnt)? or is this again linked into the server approach above? Im really interested in your response, would you mind elaborating? Cheers, BG

Hi guys, I posted a few qs a while ago and have since installed Linux with refit (dual boot) on my MBP and purchased gray hat hacking. I had a general question. I've convinced my buddy to allow me to target his computer, he owes me a 6pack if i gain admin access to his sys... but I dont want to use any of the convenient means of locating his IP that I have at my disposal... I want to assume I know only his name. Ofcourse names lead to addresses, which lead to wireless networks and WEP hacks.. and/or I could devise a scheme to get him to email me.. What other approaches to obtaining the IP of a specific target are there? I've read alot (into Hacking for Dummies and Gray Hat Hacking) about gaining entrance through ports, and hacking hashes... but as far as getting IP adresses it seems the approaches are not usually target-specific, but rather a more general, scan-and-see-what-turns-up process. For my purposes getting the IP is the first step! Links to sources are great if they save you time in responding! Thanks a mill guys! BG

Thanks for the reply. My intension for the time being is to understand the nature of networks and Internet security, hence, hacking in general. I'm interested in using apps like nmap and otherwise, which in my meager experience with Linux I've been able to get running.. I've puchased, on the advice of another, the books: Hacking for Dummies and Gray Hat Hacking, and ice heared the latter has a number of scripts and apps mentioned in It that are made for Linux. Will these work just as well on Terminal, or would you install Linux? I'd also like to experiment with C and C++ scripting as it applies to a hack ( don't know how that is yet ), again, is OSX suitable in that respect? If not, I have fedora installed on another old laptop.. Would that be your best choice of Linux for what I'm looking to learn? Or would somthing like Slackware be a better choice? Thanks! Really appreciate your taking the time to help me out.

Hi all, That for clarifying my last question...I'm now interested in installing Linux on my MacBook pro.. 1. I'm wondering if this can be done without formatting my hd? 2. As well if many of you have macbooks, do you install Linux on them in place of OSX, or with it, or not at all? I'm trying to establish a base for learning with my laptop, any advice in this? Thanks guys. Pos.

Hello, Im a newb, and this is my fist post. I have Macbook pro, but I've just installed Fedora on an old P4 Dell I had. I've noticed all the great links in the 'New to Hacking' post, and will take time to absorb the information therein, but in the mean time, Im wondering why I see so many Macbooks in your "HackPack"s; and, whether it was necessary for me to install Fedora in the first place, to learn about hacking. Is OSX a better platform, and why if so? Im not a malicious individual, I just want to understand how networks function, and how simple networks might be exploited, out of a curiosity I hope many of you will understand. Thanks for your help. Posiix