Hacking Demystified.

A prerequisite of myths is that myths emerge because they are larger than life. Any myth is usually a tale that has been blown out of proportion, and withdrawn from actual meaning. Hackers and hacking is surrounded by myths, and I think there are different kinds of hackers and different types of skills. If you know Perl that doesn't make one a hacker. If one knows B or C that also doesn't make one a hacker, let alone Javascript or PHP. Knowledge is what sets hackers apart, but with knowledge alone exploiting a system is useless. Being able to walk around a system in your mind and confront the system with different approaches takes creativity, something you cannot teach or learn. You either have it or not, and some have more creativity as others. A second hallmark of a hacker is using simplicity, a simple approach to compromise a system. That can be brute forcing the database with tools, or just guessing the password. So, that means that not everything about hacking has to be complex. I've seen many hacks that were so easy, it was almost embarrassing easy. But with all strokes of genius, most of them are just easy because no one ever bothered doing that or trying that particular thing out. I point a few tactics out in this article, which can result in the most impressive hacks.Shellcode.We start with a basic explanation of shellcode. There is such a big hype around it usually, that it sets apart the boys from the men. If you know what shellcode is, you know also that it isn't hard to understand. It's often easier to understand then doing intermediate mathematics, the difficulty lies in the concentration on the subject. Spending countless hours to figure out why the registry/memory points to different addresses is time consuming. If you are good in jigsaws, you probably find shellcoding a great leisure, because it will kill your time!The purpose of shellcode is to gain control over the program. Before getting control we must understand what happens in order to generate shellcode. basically it boils down to execute new instructions by overwriting the return address, when we put the address in some other memory segment. The most used methods are writing shelcode in hexcode or writing assembly instructions, then extract the opcodes to generate shellcode.With generating shellcode there are certain things you'll need to understand. First off it is the instruction code used to control the flow and manipulate the registers. This is called assembler syntax, just like any programming language there is a syntax to tell the machine what to do. A few basic instructions are:MOV (Copying)XOR (Exclusive OR)CAL(L) (Call)INT (Interupt)INTO (Interupt if overflow)INC (Increment)DEC (Decrement)POP (Pop data from stack)PUSH (Push data on stack)LEA (Load Effective Address)NOP (No operation)These are necessary to know in order to give new instructions which later on