Is "hacking" essentially... (theory)

[Coldblackice]

(I loathe the hackneyed term "hacking", but for lack of a more cohesive, condensed word, I'll use it here. This is more of a conceptual question, rather than a "How do I h4cks" type question)

Is hacking essentially a function of 1.) memorizing attack vectors, and 2.) chaining attack vectors together to achieve a goal...?

 

[sheesh721]

(I loathe the hackneyed term "hacking", but for lack of a more cohesive, condensed word, I'll use it here. This is more of a conceptual question, rather than a "How do I h4cks" type question)

Is hacking essentially a function of 1.) memorizing attack vectors, and 2.) chaining attack vectors together to achieve a goal...?

Nope, hacking is using a computing system in a way that it was not intended. It's really that simple. The vast majority of hackers in the sense of what you're thinking about are just script kiddies using a gui based application they downloaded off the internet.

 

[the_servicer]

1.) memorizing attack vectors, and 2.) chaining attack vectors together to achieve a goal

Does this definition only apply to computers? It seems kind of narrow.

 

[Ultima99]

Does this definition only apply to computers? It seems kind of narrow.

It appears he is referring to "computer hackers" in general.

And sheesh721 makes a good point. There are the script kiddies who use methods they read about online and/or tools they download, then there are the real hackers who use real skill to exploit flaws/weaknesses/bugs in hardware or software that the script kiddies will later use through a tool.

The difference is akin to the guys who make iOS jailbreaks and the people who download the program they release. The first takes skill, the second does not.

 

[Cheetoz]

As software gets bigger, there are more vulnerabilities to use the code in a way that was not intended. Then this is used in either a mailicious way (entering into a computer which you shouldn't be allowed to) or to gain access to more features (jailbreaking an iPhone).

An example would be how java 6 is no longer supported but a lot of people still have it. Hackers looked like the security patches that were applied to java 7 (which is supported), and then used that to go back and exploit the older java 6 version. This also used to be done with Windows security patches to exploit those who don't update.

Moving up to zero-day exploits is even more "pro." And that is were the biggest $$$ comes in.

And then there is also cracking, which some call hacking as well. What this looks like in real life is running code on a debugger. (Not having the source code, all you have the assembly code to look at). You keep inserting breakpoints and running the program until you more or less reach around the area you want to target (like lets say part where the program verifies your serial key). You then analyze the conditional jumps and the way the registers are modified to determine how the code knows if your key is correct or not- then modify the code to signal that it IS correct.