New to hacking. ( LEGALLY) + Is Brute Force Attacke Legal?

Hi, welcome to HackThis!! :)

If you want to learn more about computers, you’re in the right place. As you can see, there’s a lot of level you can do to upgrade your skills step by step. And there’s a lot of informations on the forum if you’re stuck at one level. If you want to defend yourself, you first have to learn how someone can attack you.

And about the brute-force… I’m not lawyer but I think that this is illegal in a lot of countries.

There are already various threads about how to start.

Brute-force attack is in itself not illegal, but, as with many things, can be used in a way that is illegal. You should consider any attack on a system/network for which you do not have permission as illegal.

dloser thank you! Was getting very confused

Which way could I use to do bruteforce attack legally?

4 posts in a row :o Congrats
Also if you wanna bruteforce legally, you could code something password protected and bruteforce it.
You can do legal bruteforce from the moment when you are allowed to do it :)

Sorry! Dunno what I was doing?

And what about if you forgot a passwprd to a facwbook account which you set up on ypur own computer but you want to bruteforce the account so you can get it back?

click on forgot password is a better way to do I think

Like @r4v463 said I think performing a bruteforce attack on Facebook even if it’s on your account, is still illegal
You better use the given ways to reset your password :)

I meam if you forgot your password or email

@—x
it should be enough to get you started ;)
https://ghostbin.com/paste/jrr89

kakarot007 thabkyou x

Yes read that, it’ll be interesting to you

if you forgot your password, use the “forgot password” on Facebook
If it’s about the email, you could connect using your phone numbers or your facebook email ( facebook_id@facebook.com )

Yeah thanks, I just wondered because I have an ask.fm account that was left because I forgot the password and I used a fake email : ( btw what ways can you use bruteforce in the ways that it would be legal? )

Anyways, got the answered I needed. Thanks

X

If you had a ask.fm account and you can’t remember password / reset password because of the fame email
Then, two things ;
- Create a new account
- Use a true mail !

And about how could you performs legal bruteforces, I already answered lately

Yeah i’m using a new email now…

I meant in what ways as in could you give examples

But thanks though, this really cleares things up! The internet is full of mixed signals

I mean what do you by coding a password protected?
( im sorry this may be stupid I just dont know muh about hacking )

He means developping a website protected by a password so you can bruteforce your own website

Yes, thank you. That is very helpful. One more question: in what ways could I use bruteforce such that it is legal? Perhaps @Mugiwara27 can explain?

Can you @people on here?

She said she did but I didn’t get what she meants by coding ( I am not just new at hacking but with computers also )

It has been answered by three members now (multiple times by @dloser who didn’t even get credits for it…).
If the answers were too vague then perhaps this would be a little easier to understand…

Brute forcing something that you do not own, this as in you not owning the software or website, is always illegal unless you have permission by the owner of the software or the owner of the website.
For penetration tests of networks this is more complicated as you need permission of the owner of the devices, so either the ISP and/or network admin and/or data center.

//Tip: You can compare any kind of hacking with breaking into a house, if it is your own it’s fine, if it’s someone else’s house it’s illegal unless you have permission in the form of a contract.

To give a direct answer on your initial question, the only legal brute force is on the things you own or the things you have permission to.
Breaking into “your” account is NOT legal.
The account you claim is yours is not yours at all, in fact, ask.fm owns your account and you are the privileged user of that account.
(Don’t believe me? Read the stuff that no one ever reads when creating an account.)

I understand that brraking into your account is illegal it’s when she said ‘ coding ’ password protect I got confused I understand now she meant it’s okay to brute force something you own/have the right to ( I didn’t interpret her right)

I gave dloser credit( i’m sure he only replied once ). I asked him which ways you can use bruteforce legally.

After I asked if you can use bruteforce to trace an old password legally and the response I got was no (legally ) I asked which other examples can you use bruteforce legally ( I didnt get what she meant by password coding, i’m sorry if I sound stupid I don’t know anything about computers ,)

I understand now that she meant you can hack into things that you own.

Oh! Just seen rv43 response about bruteforcing ! i understand now! (I didn’t see it)

He means developping a website protected by a password so you can bruteforce your own website

With coding most people mean creating either a website or a piece of software.
Password protecting it is then just adding some security to it in the shape of a password. (Like that article I made about VBA BFing) :)

Finally he understood what was bruteforcing and which ways were legals/illegals :D

I’m a she ( sorry for calling you a girl )

Aha yeah i’m a total noob to this so forgive me if I don’t understand the technical jargon.

You’re a she ? wut ?

Loooool, girls be into hacking aswell :s

Am I not allowed on here?

It’s just that “I’m a she” is not english I guess x)

Ohhh I understand now !
[s]In english we say : “I’m a girl”[/s]
( Non-English native speakers ? )
Oh and they are no problem with the thing that you’re a girl :)

I’m from the uk… Lol?

Idk i’m not too fussed with the grammar on the internet

I have APD it makes me word things in a ‘ off ’ way

“I’m a she” is common usage in English.

Oh, btw, @Sigma18 is looking for you, @—x**.

I didn’t know, thanks @dloser :)
lol yeah he need some females hackers

Who’s that? Lol

This desperate guy.

I didn’t know whether :o Thanks dloser ans sorry —x ^^

Looooool

& it’s okay @r4v463

About what you want to learn @—x ;
You should take a try searching on google some basic stuff like ;
- How computers works
- How Internet works
- What are viruses ; types of viruses

Somethings like that could help you to understand how it works in general

Can’t I just learn here?
This is what I came here for?

Unless you guys are some serious hardcore hackers

You can learn a loooot of things on there but there are not everything on here.

For you, what’s a serious hardcore hacker ?

Not sure if I answered this. But I will keep my answer clear.

Brute attacks are not legal if you don’t have the direct and written permission from who owns the device, network, etc.

Basically don’t try to get into a system if you don’t have permission.

Basically someone to expolites a weakness in ‘back door 'codes ’. Whatever that means.

Someone who hackes into accounts and expolites their infomation ( like the sony hackers ) basically.

crua9 yes I know. (Now)

The ones that hacks into accounts and exploits their information are black hat hackers
And everyone even the good ones can break codes ( that’s how they find new vulnerabilities everyday )
A backdoor is a means of access to a computer program that bypasses security mechanisms ( a secret door ).

The problem with what you’re asking for (hacking into companies to get info) is you’re highly depending on human error. 90% or so of hacking is social. The rest is a mixture of things.

Back door codes, are a pain. More than not you’re going to be dealing with a 0 day (which means you have to know what you’re doing to find it, and you will be one of the only people to know about it). Other than that, it is 100% human error for not patching the back end. (that or letting you get your hands on a password or something that lets you get in)

But this isn’t a white hat thing to do. At best it’s a gray hat. Like finding a 0 day on Google. (google actually pays pretty good for people who find them)

Good luck finding a 0day on Google :D

^ I dont want to hack into people’s accounts ( tbh im not interested in expoliting a weakness ) I just simply want to learn about hacking. I do not want to hack illegally but I want to learn how to hack right to ‘ black hat ’ level ( or even above if there’s a above ).

So you want to fully understand everything without practicing ? I don’t think it’s possible :)

@Mugiwara27
Some people do, but I’m just using them as an example. You can find 0 day on most companies. But, only a handful of them will pay you for finding them without them asking.
There is plenty of stories where companies just say thanks. That or the person who turns in the 0 day gets sent to jail for a few years.

Okay I dont even know what 0 day is….

But thanks… I want to do white hat things

I’m already getting very confused

Yeah @crua9 that’s why some 0day aren’t disclosed because companies do not pay for the work behind this 0day
Because of that, people know that by doing black hat things with it, they’ll earn way more much than doing the white hat and reporting it.

@—x A 0day is an undisclosed vulnerability ( in website for example ). And only few peoples ( or even just one man ) know this vulnerabilty. That’s why it’s called 0day :)

@—x

I have a load of videos on hacking on my channel
https://www.youtube.com/playlist?list=PLioOFeHwQV5wT-55UfUP2w14miGVeg15h

That and getting info from other places is the nearest you’re going to be at learning things without actually do it. But, without putting in the work, you will not be good.

Hacking sounds cool, and the movies make it seem great. But, it’s boring as all out.

(Keep in mind, there is good money to be made in 0 days. The FBI and a few countries have been caught with their hands down their pants after a hacker group was recently hacked. Some of the groups were paying them several million for the 0 days.)

I want to do legal things ( if white hat is legal)

I’m sorry but there has to be a way to learn without actually illegally practicing. My was was a hacker and he learned ( until the Syrian government was tracing his steps and he decided to pack it in ). He said he will not teach me but to look on Backtrack Linux ( which was gone by the time I got round to searching on the internet ).

Aka I mean there’s got to be a way to learn without actually hacking, if you get my gist.

@—x

I just pointed out a method. I and many others have YouTube channels. Beyond that, there really isn’t much to learn from.

You can learn from text, but there is no way to actually prove what you’re reading works.

Hacking does not mean illegal
Using your hacking skill you can do legal/illegal things. Depends on the hacker.

Of course you can learn white hat hacking but you’ll need to practice it, locally for example, so it’s a legal way :)
Oh Backtrack, now you got Kali Linux which is the new version of Backtrack :)

@Mugiwara27
That highly depends on what country this guy is in. In the USA and many first would nations, you would be 100% right. Some of the other areas, the gov thinks they own what you bought or it’s still the companies.

This is a huge problem when it comes to doing almost any international IT work.

(which is why I tell everyone if they really want to be a white hat. They must be able to afford a good lawyer)

@crua9
Yes I heard about some countries where you’re not allowed to do things like that
But I’m talking about countries with “good” laws about white hacking

True, that’s why a lot of hackers know coding because their work are coding but in background they can do hacking ( I know someones like that )

The UK?

I think the UK is okay with that

Ya, the UK is fine with that. The laws are almost 1 to 1 with the USA when it comes to this topic.

Just to make thing clear I am NOT a “Guy”. Mugiwara27 and dloser I been out of town for a couple of days but when I come back I come back I find youz talk'in shit behind my back.

Shit I say.

SHIT! :o

So you’re a woman ? ;)

hahaha yeah

It’s common knowledge that there are no women on the internet.

What? dloser

They probably don’t have time to be online because they are too busy cleaning the house and cooking, right?

Troll mode: ON

On a more serious note: if you don’t know something, google it. Google and Wikipedia are generally a good initial resource for most things. Being able to figure things out on your own is a crucial skill. (And would make this thread a whole lot smaller… :P)

If you don’t want to get into trouble, just stick to playing on your own computer(s) and sites like these. Perhaps start here: https://www.hackthis.co.uk/articles/welcome-to-hackthis

dloser I’m gonna kill u :)

[quote=dloser]
It’s common knowledge that there are no women on the internet.
[/quote]
Yay ! True !

common Knowledge, doesn’t sound so common -_-

Joking @Sigma18, just joking :D

I know I know

I was just teasing u my self ;)

But you are still going to kill me, right?

Also: http://knowyourmeme.com/memes/there-are-no-girls-on-the-internet

She’s just gonna kill the whole Internet

dang that was a long article.

Sounds like some weird geeky feminist wrote it.

Jezz.

Oh and dloser I’m still gonna kill u

hahahah(Evil laugh :D )

Long articles yes ‘-’ Top Ten thread detected in an answer !!

if she kills dloser, then i’m sure he will love that. the first and last time being touch by a girl ?

btw dloser is right about you needing to be able to use google

yeah but dloser is a girl too or maybe an IT no one will ever know.

and as for google it’s mah middle name :)

i learn something every day

good good ull learn more my child Muhahahah (Evil face and laughter) _

Thanks fo rthis ( late rply lol x )