 |
| Source: http://lerablog.org/wp-content/uploads/2013/05/hacker.jpg |
Hacking is
completely new to me. I've never hacked a computer or tapped into someone's
server before. I've always wondered if there are people out there that can hack
like the actors do in movies. Typing away at the computer with long lines of
codes running through their fingertips. For me, I would love to start learning
to hack sites because I'm the kind of person who likes to break things, so I
can learn how to fix them.
One method that
I've been researching about is SQL injection. The concept behind it is quite
simple; insert malicious SQL statements into entry fields for execution and
pull down information from their server. Information being names, credit card
numbers, addresses, etc.
More in-depth video
on SQL Injection: http://www.youtube.com/watch?v=_jKylhJtPmI
Another technique
is called cross site scripting. The simplest idea is to steal another user's
cookie to log into their account and gain access to sensitive information. A
hacker can either can gain access to their cookie by linking the unknowing user
and having them click and type in their information, or have a client-side
script injected into a web page and have that script steal the cookie.
More in-depth video
on cross site scripting: http://www.youtube.com/watch?v=L5l9lSnNMxg
Hacking is a great
tool to help find things that need to be fixed. Facebook has even offered
rewards if you're able to hack their site (http://www.cnbc.com/id/100976139)!
I think that every good coder needs to know how to hack because it means that
you learn the ins and outs of whatever language you're scripting with!
Hi Steve,
ReplyDeleteI enjoy reading your blog with many personal suggestions and experiences sharing. The two hacking techniques as you mentioned in your blog seems so dangerous to me! I cannot wait to know how to protect myself from these kinds of hacking attack while it reaches the end of the article. I guess many readers will wait for your next blog to provide the solution The blog is with a good structure and nice writing, just a minor mistake at the last paragraph, such as the “double can’s” in “A hacker can either can”.
Regards,
Hi Steve,
ReplyDeleteI liked your post. Your personal experience of hacking is really interesting. I never hacked other people page but I did SQL and scripting injection on my work to test it. I think many web programmer use SQL and scripting injection to improve their code and fix security holes. Many companies hire white hat hackers to to figure out web security weakness and later they fix it. Good job explaining hacking.