Hacking can be challenging and there are numerous different ways to compromise and many different exploits to make use of. Hacking is neither defined nor restricted to exploitation or exploration. Hacking into someone else's system could possibly be illegal, so do not do it unless you are sure you might have permission from the owner of the machine you are trying to hack or you are sure it's worth And also you won't get caught.
Hacking was primarily used for learning new things about systems and computing generally speaking, 'in the good old days'. Recently it has taken dark connotations as well as in general continues to be looked down upon. Likewise, many corporations now employ "hackers" to check the pros and cons of their own systems. These hackers know when to stop, which is the positive trust they have got built that earn them large salaries.
There is a major distinction between a hacker and a cracker. A cracker (someone who "cracks" software distributions, like windows) is motivated by malicious (namely: money) reasons; a hacker is trying to gain knowledge through exploration, no matter what and in however - not always legal.
Hacks
1. Make use of a *nix terminal for commands. Cygwin will help emulate this for Windows users. DOS is worthless of this type. The tools in this article can be found for Windows based machines. Nmap particularly, uses WinPCap to operate on Windows as well as doesn't require Cygwin. However, Nmap works poorly on Windows systems due to the lack of raw sockets. You should also consider using Linux or BSD, that happen to be both more flexible and much more reliable. Most Linux distributions have many useful tools pre-installed.
2. Try your first. Ensure you fully understood all common techniques, like the way to protect yourself. Focus on basics - found a server that has site about racism, homophobia and other bad activities? Try and hack it, in any manner you can. Once more, don't affect the site, just make it yours.
3. Know your target. The process of gathering information about your target is known as 'enumeration'. Can you attain the remote system? You need to use the ping utility (which can be included in most os's) to see if your target is 'alive', however, you can not always trust the outcomes of the ping utility, mainly because it relies on the ICMP protocol, which can be easily turn off by paranoid system administrators.
4. Determine the os (OS). This will be relevant because how can you gain access to a process if you don't know very well what the system is? This step involves owning a scan with the ports. Try pOf, or nmap to run a port scan. This will likely show you the ports that are open for the machine, the OS, which enable it to even let you know what type of firewall or router these are using so you can plan a course of action. You can activate OS detection in nmap using the -O switch.
5. Get super user (root) privileges. Attempt to get root privileges if targeting a *nix machine, or administrator privileges if taking Windows systems. Most information that is to be of vital interest is protected and you need a certain amount of authentication to be. To see all of the files over a computer you need super user privileges. This can be an user account which is given exactly the same privileges because the "root" user in Linux and BSD operating systems. For routers this can be a "admin" account automatically (unless it is often changed), for Windows, this is the Administrator account, etc. Because you have gained usage of a connection doesn't suggest you can access everything. Just a super user, the administrator account, or even the root account can perform this.
6. Produce a backdoor. Once you have gained full control on the machine, you need to make sure you comes back again. This can be done by 'backdooring' an important system service, for example the SSH server. However, your backdoor may be removed upon the next system upgrade - really experienced hackers would backdoor the compiler itself, so every compiled software will be a potential method to come back.
Warnings
Misuse of the information can be a local and/or federal crime. This post is intended to be informational and should only be used by ethical purposes.
Usually do not delete entire logfiles. Instead, just take away the incriminating entries in the file. Whatrrrs your opinion would look more suspicious; logs with some entries missing, or even the entire log file destroyed? But other real question is, if there is a backup logfile? Imagine if they just search for differences in order to find the exact things you erased? Always think about your actions. Most sensible thing is to delete random lines of log, including yours.
Be extremely careful if you believe you have found a very simple crack or perhaps a crude mistake in security management. A burglar alarm professional that protects that system might be trying to track you or could possibly be setting up a honeypot.
While you might have heard the other, don't help one to patch their programs or systems. This really is considered extremely lame and results in being banned from most real hacking communities. Of course, if you would release private exploit someone found, he is able to become your enemy - and he's probably superior to you are.
Never do just about anything "for fun". Remember it is not a toy to compromise into network, yet it's a power to switch the world. Don't waste that on childish actions. Again, don't change anything within the system to measure the level as "owned" or any situation that silly.
Tend not to become a script kiddie. Figure out how to program WELL. This informative guide is for you "Crackers" available who want to get arrested. Search "Hacking: The Basics" and then click the first link. You'll receive a better idea.