Rating: 5 out of 5 stars
5/5
Ebook214 pages1 hour
How to Hack Like a Pornstar: A Step by Step Process for Breaking into a BANK
By Sparc FLOW
Rating: 4.5 out of 5 stars
4.5/5
()
About this ebook
This is not a book about information security. Certainly not about IT. This is a book about hacking: specifically, how to infiltrate a company’s network, locate their most critical data, and make off with it without triggering whatever shiny new security tool the company wasted their budget on.
Whether you are a wannabe ethical hacker or an experienced pentester frustrated by outdated books and false media reports, this book is definitely for you.
We will set up a fake – but realistic enough – target and go in detail over the main steps to pwn the company: building phishing malware, finding vulnerabilities, rooting Windows domains, pwning a mainframe, etc.
Related to How to Hack Like a Pornstar
Titles in the series (3)
How to Hack Like a Pornstar: A Step by Step Process for Breaking into a BANK How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5Ultimate guide for being anonymous: Avoiding prison time for fun and profit Rating: 4 out of 5 stars4/5
Related ebooks
How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5How to Hack Like a Legend: Hacking the Planet, #7 Rating: 5 out of 5 stars5/5Ultimate guide for being anonymous: Avoiding prison time for fun and profit Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar: Hacking the Planet, #1 Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Hacked: The Ultimate Guidence Rating: 5 out of 5 stars5/5How to Hack Like a GOD: Hacking the Planet, #2 Rating: 5 out of 5 stars5/5How to Investigate Like a Rockstar: Hacking the Planet Rating: 0 out of 5 stars0 ratingsUltimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5Ultimate Hacking Challenge: Hacking the Planet, #3 Rating: 5 out of 5 stars5/5Wifi Hacking Strategy & Ideas Rating: 0 out of 5 stars0 ratingsHacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Zero to Hacking: Zero Series, #1 Rating: 0 out of 5 stars0 ratingsHacking into Hackers’ Head: A step towards creating CyberSecurity awareness Rating: 5 out of 5 stars5/5Deep Web Secrecy and Security: an inter-active guide to the Deep Web and beyond Rating: 4 out of 5 stars4/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Ethical Hacking: A Beginners Guide To Learning The World Of Ethical Hacking Rating: 3 out of 5 stars3/5Hacking Rating: 3 out of 5 stars3/5Learn Ethical Hacking: A Help Book of Ethical Hacking Rating: 0 out of 5 stars0 ratingsEnter the Dark Net: The Internet’s Greatest Secret Rating: 4 out of 5 stars4/5Hacking: Computer Hacking for beginners, how to hack, and understanding computer security! Rating: 5 out of 5 stars5/5Hacking : Guide to Computer Hacking and Penetration Testing Rating: 5 out of 5 stars5/5Ethical Hacking Rating: 4 out of 5 stars4/5Hacking the Hacker: Learn From the Experts Who Take Down Hackers Rating: 3 out of 5 stars3/5
Security For You
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsThrough the Firewall: The Alchemy of Turning Crisis into Opportunity Rating: 0 out of 5 stars0 ratingsRemote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsCodes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsMike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Hacking For Dummies Rating: 4 out of 5 stars4/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsUltimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5What is the Dark Web?: The truth about the hidden part of the internet Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5
Related podcast episodes
69: Human Hacker: Human Hacker 0% found this document usefulRERUN: Hacking for Dollars 0% found this document usefulOSINT: Who's watching you? 0% found this document usefulBonus: Afternoon Cyber Tea: IoT-Based Infrastructures 0% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document usefulMobile Forensics 0% found this document useful"All Online Crimes Start with Identity Theft" 100% found this document usefulEp 25: Alberto: Illegal hacker or security professional? 100% found this document usefulInformation is the life blood of social engineering.: Information is the life blood of social engineering. 0% found this document usefulIs enhanced hardware security the answer to ransomware? [CyberWire-X] 100% found this document usefulSocial Engineering works because we're human. 0% found this document usefulLockBit 0% found this document useful
Related articles
My Deep Dive Into One Of The Largest Dark Web Hacking Forums | Dylan Curran The GuardianArticle
My Deep Dive Into One Of The Largest Dark Web Hacking Forums | Dylan Curran
Jul 24, 2018
4 min read“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive” PC Pro MagazineArticle
“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive”
Jan 6, 2022
7 min read“Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker” PC Pro MagazineArticle
“Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker”
Aug 12, 2021
If you’ve ever attended an infosec or cybersecurity event, you will no doubt have noticed the preponderance of “Hacking is NOT a Crime” stickers. In 2018, some 500 such stickers were handed out at the DEF CON 26 event, the following year 5,000 were d
7 min readNetwork Attacks TechLifeArticle
Network Attacks
Sep 21, 2020
Though less common than malware and social engineering, network-based attacks are still a threat to every computer and mobile user, and everyone should have at least a basic understanding of what they are and how to avoid them. So this month let’s lo
4 min readUnpeeling The Onion Browser Linux FormatArticle
Unpeeling The Onion Browser
May 5, 2020
8 min readThe Hacker’s Pearl Harbor NewsweekArticle
The Hacker’s Pearl Harbor
Nov 11, 2016
6 min readSocial Engineering Maximum PCArticle
Social Engineering
Oct 15, 2019
5 min read“When The Biggest Dark Web Market Gets Busted, The Broken One Is Quickly Replaced Like Shark Teeth” PC Pro MagazineArticle
“When The Biggest Dark Web Market Gets Busted, The Broken One Is Quickly Replaced Like Shark Teeth”
Mar 11, 2021
7 min readHacker’s Manual Maximum PCArticle
Hacker’s Manual
Mar 2, 2021
1 min readHacker’s Manual Linux FormatArticle
Hacker’s Manual
Nov 17, 2020
1 min readEverything You May Have Wanted to Know About Ethical/Whitehat Hackers TechfastlyArticle
Everything You May Have Wanted to Know About Ethical/Whitehat Hackers
Oct 21, 2020
5 min readRun Kali Linux NetHunter on Android Linux FormatArticle
Run Kali Linux NetHunter on Android
Jan 14, 2020
7 min readIntroducing Kali Maximum PCArticle
Introducing Kali
Mar 2, 2021
4 min readRevisiting Tor TechLifeArticle
Revisiting Tor
Aug 24, 2020
4 min readHacker’s Toolkit 2o22 Linux FormatArticle
Hacker’s Toolkit 2o22
May 31, 2022
1 min readHack The System Linux FormatArticle
Hack The System
Dec 17, 2019
If you followed our handy guide on the previous pages, then you’ll already have augmented your Kali Light installation with Nmap, a port-scanning utility par excellence and a vital part of any pen-tester’s arsenal. As mentioned on the DVD page (there
4 min readTurn Your Raspberry Pi Into A Cloud Server Linux FormatArticle
Turn Your Raspberry Pi Into A Cloud Server
Aug 24, 2021
6 min readThe Low-Tech Hack You're Not Prepared For EntrepreneurArticle
The Low-Tech Hack You're Not Prepared For
Sep 1, 2016
1 min readHacker Distributions Linux FormatArticle
Hacker Distributions
Nov 17, 2020
1 min readFrom Child Hacker To Bug Hunter How It WorksArticle
From Child Hacker To Bug Hunter
Mar 19, 2020
Why did you become a black hat hacker? At school I would finish my work in ten minutes and spend the rest of the lesson playing on the computer. I was 10 or 11 when I stumbled across a chatroom whose members taught me how to hack – I was just a bore
1 min readCyber Insecurity Linux FormatArticle
Cyber Insecurity
Nov 17, 2020
Each year we proclaim it’s time to learn how to hack. But why? Jonni always gets angry at the subversion of the term ‘hacking’ and I can understand why. Hacking is fun, as is finding out how systems work and how to get them to do things they were nev
1 min readNmap Deep Dive Linux FormatArticle
Nmap Deep Dive
May 31, 2022
5 min readSherlock Linux FormatArticle
Sherlock
May 31, 2022
1 min readHacking Banks Linux FormatArticle
Hacking Banks
Dec 17, 2019
4 min readKRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know MacWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know
Nov 29, 2017
5 min readHack The Planet/Parrot Linux FormatArticle
Hack The Planet/Parrot
May 31, 2022
2 min readKRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know PCWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know
Dec 4, 2017
5 min readPeople Are Secretly Buying Handguns On The Dark Web FuturityArticle
People Are Secretly Buying Handguns On The Dark Web
Apr 24, 2019
2 min read‘Open Ports’ Leave a Hole in Smartphone Security FuturityArticle
‘Open Ports’ Leave a Hole in Smartphone Security
May 8, 2017
Smartphone apps that use “open ports” to share and receive data are more vulnerable to security breaches than previously thought, mainly due to the their widespread use in internet communication, a new study suggests. The vulnerability the researcher
3 min readHacking Power New PhilosopherArticle
Hacking Power
Jul 30, 2018
4 min read
Reviews for How to Hack Like a Pornstar
Rating: 4.5 out of 5 stars
4.5/5
2 ratings1 review
- Rating: 5 out of 5 stars5/5Honestly nothing else better! I wouldnt waste my time with all the other books that teach you textbook garbage that we all learnt in school nothing exciting THIS GUY IS A BOSS!!!!
Book preview
How to Hack Like a Pornstar - Sparc FLOW
How to Hack Like a Pornstar
A step-by-step process for breaking into a bank
Copyright © 2021 Sparc FLOW
All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher, except in the case of brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law.
Foreword
This is not a book about information security. And it’s certainly not about IT. This is a book about hacking—specifically, how to infiltrate a company’s network, locate their most critical data, and make off with it without triggering whatever shiny new security tool the company wasted their budget on.
Whether you are a wannabe ethical hacker or just an enthusiast frustrated by outdated books and false media reports, this book is definitely for you.
We will set up a fake—but realistic enough—target and go in detail over the main steps to 0wn the company: building phishing malware, finding vulnerabilities, rooting Windows domains, pwning mainframes, and so forth.
I have documented almost every tool and custom script used in this book. I strongly encourage you to test them and master their capabilities as well as their limitations in an environment you control and own. Given the nature of this book, it is ludicrous to expect it to cover each and every hacking technique imaginable, though I will try my best to give as many examples as I can while staying true to the stated purpose of the book.
I wrote this book as a hacking introduction, intended for an audience a tad familiar with computer science. We will not, and cannot, tackle the latest Windows security features without first covering some basic concepts that every hacker should know, such as pass-the-hash, dumping LSASS memory, and so on. Keep in mind that the attacks presented in this book are tightly tied to their context. You cannot replay a payload crafted for a Windows 2012 server on a 2019 version and expect to get away with it. But if you break down that same payload, understand what it does and how, you can make it work just as fine on newer versions. That’s what we will try to learn together.
I will do a flyover of some concepts like IPSEC, TOR, and NTLM by briefly explaining how they work and what they mean in the context of the hacking scenario. If you feel like you want to go deeper, I strongly advise you to follow the links I offer near each item and explore the dark, fun concepts behind each technique and tool.
Note: Custom scripts and special commands documented in this book are publicly available at www.sparcflow.com.
Important disclaimer
The examples in this book are entirely fictional. The tools and techniques presented are open source and thus available to everyone. Pentesters use them regularly in assignments, but so do attackers.
If you recently suffered a breach and found a technique or tool illustrated in this book, this in no way incriminates the author of this book, nor does it imply any connection between the author and the perpetrators.
Any actions and/or activities related to the material contained within this book are solely your responsibility. Misuse of the information in this book can result in criminal charges being brought against the persons in question.
The author will not be held responsible in the event that any criminal charges are brought against any individuals who have misused the information in this book to break the law.
This book does not promote hacking, software cracking, and/or piracy. All the information provided in this book is for educational purposes only. It will help companies secure their networks against the attacks presented, and it will help investigators assess the evidence collected during an incident.
Performing any hack attempts or tests without written permission from the owner of the computer system is illegal.
Content table
How to Hack Like a Pornstar
Foreword
Safety first
Blank slate
Smuggle data like a champion
Third layer—The last stand
System anonymity
Getting in
Gotta phish them all
Emails emails emails
Email content
Basic evil attachment
Empire strikes back
Ol’fashioned
Public exposure
Mapping public IP addresses
Web applications
Miscellaneous services
North of the (fire)wall
Know thy enemy
The first touch down
Stairway to heaven
Fooling around
Rise and fall
It’s raining passwords
Inside the nest
Active Directory
Where are we going?
Password reuse
Missing link
More passwords
Hunting for data
Exfiltration technique
Strategic files
Targeted emails
Wide net emails
Customer records
Hacking the unthinkable
Pole position
Riding the beast
Hunting for files
Hold on, isn’t that cheating?
Rewind - First contact
Then there were CICS
Programs, transactions, and some pwnage
Closing note
Safety first
Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say
Edward Snowden
If there is a section that most hacking books and blog posts currently disregard, it is the stay safe
section on hacking. In other words, they fail to detail the schemes and techniques a typical hacker can use to guarantee a certain level of anonymity and safety. You may be the best hacker in the world, but if you cannot control your footprint on the internet and correctly erase your trail, you will simply crash and burn.
So, before trying out any nifty hacking techniques, we will cover in detail how to stack up layers of security to ensure maximum protection. If you want to start hacking right away, feel free to jump to Chapter 2, but make sure you find the time to read this section at a later date.
Blank slate
The single most effective rule for hacking safety can be summed up in seven words: Start from scratch each and every time. By from scratch,
I mean get a new computer, new hotspot, new IP address and new servers for each hack.
Investigators will look for common patterns between attacks. They will try to piece small evidence together to obtain a bigger and clearer picture: "Did we see this IP in another attack? Which browser was it using at that time¹? Which Gmail/Yahoo/Microsoft/Facebook account did it access?"
Do not think for a second that law enforcement agencies are working alone when conducting an investigation. They have access to a pool of information, ranging from your local internet service provider’s record to social network sites databases. To get a sense of the massive surveillance projects conducted by governments (the USA, France, Canada, UK, etc.), check out the story of Edward Snowden², a former NSA contractor and whistleblower who brought to light some of the most shocking surveillance programs conducted by the United States government. Prepare to be amazed.
Starting afresh each time helps keep a shroud of mystery around the artifacts gathered by an investigator, and doing so will also prevent them from combining elements to trace them back to your real identity.
The first corollary of the blank slate principle is to never use your home/university/work IP address. Never. Not even with two layers of anonymity on top of it. Always assume that, at some point, a small glitch in the system could somehow leak your real IP address to an investigator. This could be a tiny detail you omitted, a stray DNS call made by a tool you haven’t fully mastered, or the NSA’s superpower intelligence systems.
A small connection to the real world is all it takes to motivate a law enforcement agent to dig deeper, issue warrants, and pressure you to confess. We do not want that.
Which IP should you use, then? I would strongly recommend public Wi-Fi hotspots, like fast-food places (Starbucks, Olympus, McDonalds, etc.) or large public gathering places, like malls and train stations, as long as there are enough people to hide you from possible cameras. People tend to form special bonds with their neighborhoods; it’s comfy and it feels familiar, so they just go to the local café to perform their hacking business. No. There should be no ties or pattern that could link back to your real identity. Hop on a train and try a hotspot from a different city altogether. Even better, get a car and drive around looking for open hotspots.
When accessing a Wi-Fi hotspot, you might be asked for your personal information, but, of course, you can just enter any information you want. If they ask for mobile verification, choose another spot or use a prepaid SIM card—paid for in cash—if you have access to one.
If they ask for email confirmation, use a throwaway email provider, such as Maildrop.com. It is a website that gives you access to a mailbox in literally two seconds, which is quite useful for validation links and spam messages.
Smuggle data like a champion
The second layer of hacking safety is by far the most important one. It usually consists of a tunneled network that encrypts anything that travels in it and, ideally, maintains zero journals about who accessed which IP address.
TOR, available at https://www.torproject.org, is a free, open-source project that does just that. It is a network of servers that exchange encrypted information. For example, a request will leave your computer from France, enter the TOR network, get encrypted a few times, and leave from a server in China before reaching its final destination (Facebook, Twitter, etc.).
The service visited, say, Twitter, but cannot see the original IP address; they only see the IP address of the exit node. Since multiple people are using this exit node, it can quickly become very confusing for anyone investigating later on.
The first node knows your real IP address, and thus your real location, but it does not know which exit node your request will end up using.
Given the large number of nodes available to bounce user requests, the chances of going through both a malicious entry and exit node seem pretty low. While that is true, there are still ways to break a user’s anonymity that have proven quite effective.
Imagine a malicious website that injects code into your TOR web browser. The code
Enjoying the preview?
Page 1 of 1