[…] it focuses on how to become an ethical hacker. Mastering the art of hacking can be an extremely powerful skill that we hope will be used for good. The most successful hackers know how to navigate the thin line between right and wrong while hacking. Many people can break things, and even try to make a quick buck doing so. But imagine you can make the Internet safer, work with amazing companies around the world, and even get paid along the way. Your talent has the potential of keeping billions of people and their data secure. That is what we hope you aspire to.[…] – Pete Yaworski
Where went on the real hackers?… ethical hackers?… fuck Pete… have you sniffed the network at your school?, changed your notes?, stolen passwords?… good people always lose… hackers need to be unethical… fuck off with the world. If you can do something, do it.. weak people suffer, and it is ok.
I hate “ethical” hackers.
Great talk about some things that happen in the bug bounty hunter’s life…
When I moved to Mexicali I passed a lot of months without finding bugs, without money, with a lot of hungry, living under a bridge (literally) and eating a lot of Maruchan soups… and I needed to invest a lot of effort on be disciplined.
To see all the talk click here: https://www.youtube.com/watch?v=BEaMhs9LmoY
Some months ago I lost my Facebook account, it was hacked by… yep.. by Karen. But, how the incredible, invencible, fabulous vendetta could be hacked?…
Well it was easy… actually very easy…
I was happy seeing a lot of extreme porn on the Internet when Karen asked me for help, so I connected to a VPN, yeap.. my fault, we were at the same IP range.
She used Ettercap to perform a DNS spoofing to www.facebook.com, pointing to her computer, and in her computer she configured a fake landing page using The Social Engineering Toolkit. I usually need to be connected to different VPN’s to work, so it’s normal to me be disconnected from my accounts. I entered to the Facebook’s messenger, entered my credentials and… pwned!
And that’s all… you don’t fall me very well que we say!
Slide from a talk presented in the Bugcrowd’s conference… and of course it isn’t hacking.