Credits: Red-Pill
•Go to a public WiFi spot, eg. use the library.
•Spoof your MAC address
•Rename your computer to "Guest" or "--" etc.
•Purchase an offshore VPN (and connect dufus).
•Configure Firefox to run on a proxy server (anonymous, not transparent) that's in Egypt or Turkey or China or some other country not so hot on cyber laws.
•Once you've gained access to the admin/root area, find the password of the most frequent and recently logged in admin (unless you're outright r**ing the site and not fu**ing with it like I do) and log in as that user.
•Delete only your logged IP(s). If you were the only user for a long time, duplicate a previous logged IP and modify the appropriate dates/directories.
•Run all of this on a Virtual copy of Linux (if drive space is an issue, get Damn Small Linux, it's 50 MB's). This is great for destroying evidence if you fuck up or get investigated.
•Never EVER send money from illegal accounts to any account that is linked with any transactions involving you or any of your information. If you need to withdraw illegally acquired money, you're going to have to find somebody (and not use PayPal).
•Do not post your username or any shout outs on a website. If you fu**ed with the wrong webmaster, he'll track you down and send you an email. You send him one back and BAM! He's got your real IP and all it takes is a phone call to the police and a warrant and your asshole gets torn loose for the next few years in jail.
If you have anything to add, please post! Even this is not the most secure method I've seen. I've just forgotten other steps.
Also, If you get caught (I'm on a Mac so you might not be able to follow):
•Delete your sensitive files (or hide them on a flash drive, whatever, but make sure you delete logs and that kind of stuff, and .DS_store files on Mac).
•Backup your hard drive, re-partition it and erase and rewrite the old partition(s) with 17 rounds of zero overwrites (this takes a couple days if you do it to all of them or your whole drive, on my Mac I can just write over where my files used to be). This is the US government standard.
•Encrypt anything you need to save with at least 128 bit encryption. If you have time, and you're a pro, the US government standard is 256 bit, but I've seen up to 1024 before. You'll be charged for obstruction of justice most likely, so only do this if you've been REALLY bad.
•Delete the logs on your router if you did it from home. Also, if you used your home router, make sure that it is NOT password protected and has no port forwards on it. One, if you spoofed your MAC, there's almost no way that they can say it was you. Two, you have to have the access password to port forward which links you with your "hacker" lifestyle if you used RAT's.
•If you downloaded 1,500,000 credit card numbers and PIN's from Microsoft's website (or something quite bad), take out the ol' .45 and feed your hard drive a lead sandwich. Then put the actual magnetized discs in the blender and throw the remains in the microwave. The FBI has been known to spend up to a DECADE trying to decrypt sensitive information on drives.
•If you get caught, invest in a great lawyer, cyber crimes bear HEAVY fines in the US. If you do something really big, or find some new exploit, they'll make an example out of you. Back in the day , a guy who burned 10 DVD's got 5 years and a nasty fine.
•If you get caught for something big and you're a kid, you are going to tell them EVERYTHING. You won't be able to get a good job (legally) or possibly even go to your college of choice if you get convicted of a felony. SQL injection in a lot of cases is a federal offense and a felony (if you pull sensitive info out), but almost all of them can be lowered to a misdemeanor, or lowered to reduce jail time/fines with a guilty plea and cooperation. You will also save a hell of a lot of time in a Juvenile Detention center for this.
•Don't let your guard down on foreign sites. While corporations may not be able to do jack shit, these mother fu****s http://www.justice.gov/criminal/cybercrime/ccips.html
will nail your a** if the US is contacted.
•Spoof your MAC address
•Rename your computer to "Guest" or "--" etc.
•Purchase an offshore VPN (and connect dufus).
•Configure Firefox to run on a proxy server (anonymous, not transparent) that's in Egypt or Turkey or China or some other country not so hot on cyber laws.
•Once you've gained access to the admin/root area, find the password of the most frequent and recently logged in admin (unless you're outright r**ing the site and not fu**ing with it like I do) and log in as that user.
•Delete only your logged IP(s). If you were the only user for a long time, duplicate a previous logged IP and modify the appropriate dates/directories.
•Run all of this on a Virtual copy of Linux (if drive space is an issue, get Damn Small Linux, it's 50 MB's). This is great for destroying evidence if you fuck up or get investigated.
•Never EVER send money from illegal accounts to any account that is linked with any transactions involving you or any of your information. If you need to withdraw illegally acquired money, you're going to have to find somebody (and not use PayPal).
•Do not post your username or any shout outs on a website. If you fu**ed with the wrong webmaster, he'll track you down and send you an email. You send him one back and BAM! He's got your real IP and all it takes is a phone call to the police and a warrant and your asshole gets torn loose for the next few years in jail.
If you have anything to add, please post! Even this is not the most secure method I've seen. I've just forgotten other steps.
Also, If you get caught (I'm on a Mac so you might not be able to follow):
•Delete your sensitive files (or hide them on a flash drive, whatever, but make sure you delete logs and that kind of stuff, and .DS_store files on Mac).
•Backup your hard drive, re-partition it and erase and rewrite the old partition(s) with 17 rounds of zero overwrites (this takes a couple days if you do it to all of them or your whole drive, on my Mac I can just write over where my files used to be). This is the US government standard.
•Encrypt anything you need to save with at least 128 bit encryption. If you have time, and you're a pro, the US government standard is 256 bit, but I've seen up to 1024 before. You'll be charged for obstruction of justice most likely, so only do this if you've been REALLY bad.
•Delete the logs on your router if you did it from home. Also, if you used your home router, make sure that it is NOT password protected and has no port forwards on it. One, if you spoofed your MAC, there's almost no way that they can say it was you. Two, you have to have the access password to port forward which links you with your "hacker" lifestyle if you used RAT's.
•If you downloaded 1,500,000 credit card numbers and PIN's from Microsoft's website (or something quite bad), take out the ol' .45 and feed your hard drive a lead sandwich. Then put the actual magnetized discs in the blender and throw the remains in the microwave. The FBI has been known to spend up to a DECADE trying to decrypt sensitive information on drives.
•If you get caught, invest in a great lawyer, cyber crimes bear HEAVY fines in the US. If you do something really big, or find some new exploit, they'll make an example out of you. Back in the day , a guy who burned 10 DVD's got 5 years and a nasty fine.
•If you get caught for something big and you're a kid, you are going to tell them EVERYTHING. You won't be able to get a good job (legally) or possibly even go to your college of choice if you get convicted of a felony. SQL injection in a lot of cases is a federal offense and a felony (if you pull sensitive info out), but almost all of them can be lowered to a misdemeanor, or lowered to reduce jail time/fines with a guilty plea and cooperation. You will also save a hell of a lot of time in a Juvenile Detention center for this.
•Don't let your guard down on foreign sites. While corporations may not be able to do jack shit, these mother fu****s http://www.justice.gov/criminal/cybercrime/ccips.html
will nail your a** if the US is contacted.
Share
0 comments:
Post a Comment