Getting Began as a Excessive College Bug Hunter: Cubed’s Hacker AFK


In the present day’s hacker Cubed

JXoaT >>

What was your expertise with the phrase hacker, or what introduced you to hacking within the first place?

Cubed >>

So, in elementary college, we had a pc lab. One of many first issues I observed on this class was that I knew extra about computer systems than different children. So, I used to assist out children with all their pc points.

I’d stroll round serving to children with login points or navigating web sites. It was even to the purpose the place lecturers finally requested me for assist. So, as time went on, it might be widespread for lecturers from down the corridor to seize me for his or her help points. That was once I began to understand how completely different I used to be compared to some individuals. I had this proficiency with computer systems.

However– in fourth grade, I bought the nickname hacker. I used to be in a classroom with a substitute trainer, and I confirmed off a command line immediate to different children within the class, typing [shutdown /i]which is like some lame script kitty command to close down one other pc in your community.
It did not work– I do not assume it ever labored. It was a coincidence that every time I typed that command to close down a pc, one other pc would flip off. The children who watched me do it freaked, considering I used to be a hacker. Finally, the information reached my trainer. I used to be a goodie-two-shoes and was by no means in bother. So, she was shocked that she needed to ship me to the principal’s workplace for hacking. I bear in mind her telling me how severe it was that I used to be hacking. So, I keep in mind that scared me for some time.

Cubed2

JXoaT >>

That is exhausting! It undoubtedly reveals how individuals default to worry after they hear the phrase. I would get bizarre seems for operating the netstat command in random courses once I was studying networking. So there’s only a baseline worry that is on the market.
So, the place are you once you’re AFK?

Cubed >>

More often than not, I am in a university lecture. I actually get pleasure from occurring walks, consider it or not. I hate being caught in the home, so I’ll attempt to get out in nature when attainable. More often than not, I am hacking at nighttime– once I’m in my zone. I would say the bulk is spent doing homework.
As soon as, I discovered a essential vulnerability, and I used to be messaging somebody on Slack, saying, “Oh, sorry, I have to finish my homework first. I’ll submit it later.” And he bought fairly mad.
He is like, “Oh, I’m waking people up just to take down the site, and you’re telling me you have to finish your stupid math homework. Come on, submit it.” 😆

JXoaT >>

I really like that line you tread between being a scholar and a hacker.

Cubed >>

The maths homework had a deadline, however the essential vulnerability did not!

JXoaT >>

As a university scholar, do you’re feeling that universities are educating useful info to hackers? Additionally, do you hear about hacking once you’re on campus?

Cubed >>

So I attend a satellite tv for pc college of a bigger college, the College of Michigan. And at the very least inside my campus, I do not hear a lot about hacking. However on the primary campus, I attend a cybersecurity membership– WolfSec. I wish to give them a shout-out. They’re among the smartest individuals I’ve ever met. I got here into the membership considering I used to be already good at bug bounties, so I believed I’d know every part, but it surely fully humbled me. There are numerous good individuals in numerous areas of cyber safety.
So yeah, in that regard, for a much bigger college, there are extra alternatives to listen to about hacking. However at the very least for my smaller campus, probably not.

cubed3

JXoaT >>

Alright, the transfer is to exit and discover your nearest cyber safety group on campus and be part of them. (If you can’t find a security group on campus, why not start one?)
Does the knowledge you study in your courses assist you to as a hacker?

Cubed >>

In a approach, yeah. My specialty is internet safety, however I needed to department out into binaries and reversing. The principle factor that I’ve discovered in my faculty courses is C++. It’s the smartest thing I may have ever discovered to develop my data of how computer systems work. I am particularly within the meeting language course I’ll take subsequent semester. That is going to assist quite a bit.
Cyber safety, when it’s taught in schools, is extra of a buzzword. Cyber safety is one thing you study after you learn the way computer systems work. I discover that it’s higher to learn the way computer systems work in parallel with hacking.

JXoaT >>

It is unbelievable to see bug bounty hunters popping out of highschool and advancing into pc science levels. What’s your expertise as a highschool bug bounty hunter?

Cubed >>

So, I began out in my sophomore yr of highschool. I bought a 200$ bounty on the time. And I believed that was simply the best factor on the earth. I simply spent a yr watching movies about bug bounty and studying Hacktivitystudying completely different individuals’s stories. In my sophomore yr, a pair months earlier than COVID, I used to be in a pc lab for a enterprise class– and I’d by no means do the work. I simply used to scroll by way of Hacktivity. I’d simply learn up on hackers who’re getting these large bugs and sit there, gazing my display with 200$ in my HackerOne steadiness, considering it was the best factor ever.

JXoaT >>

I’m going by way of Hacktivity generally and see among the crits we’ve got reported, and I am identical to, “GEEZ, How?”

Cubed >>

Yeah, I do know! I used to be so impressed by it. I believe COVID made issues higher; I do know that sounds horrible, however the pandemic simply gave me numerous time. So, I spent my days till 4am, watching movies of PoCs (Proof-of-Idea).

JXoaT >>

So, you are speaking about Hacktivity stories, a brilliant helpful performance on the HackerOne platform. It’s a good way to realize insights into publicly disclosed stories. Did you employ Hacktivity extra to pump your self for bug looking? Or have you ever discovered a method to ingest and use materials from stories?

cubed6

Cubed >>

I’d take a look at Hacktivity stories to pump myself up and get impressed, however I did study a bit. What actually helped was occurring YouTube and trying to find a proof of idea video. I’d watch and observe the place they clicked and what they had been typing, after which after that, I’d go to Burp Suite documentation for particular vulnerabilities and study extra about why they had been impactful.
So, I would use each of these. First, I would watch PoC movies after which go onto Hacktivity to learn their affect assertion. Among the best items of recommendation I ever bought was to examine one bug and check out it on every part.

JXoaT >>

Wow, that is glorious recommendation. Folks can get misplaced within the sprawl of knowledge on the market, simply making an attempt to study every part all of sudden. So, that recommendation is essential.
This subsequent query considerations the LHE we met at, H1-407! What had been a few of your takeaways from attending considered one of our stay hacking occasions?

Cubed >>

The primary takeaway was, dang– I am so younger. I am the youngest particular person right here. I am this little child in comparison with all these individuals right here.  I bear in mind once I bought the e-mail, and it acknowledged it was a family-friendly occasion; convey your children. I used to be shocked that there have been individuals right here with full-on households, and I used to be identical to, “I am the kid.”
So, that was the primary takeaway. The second takeaway was in regards to the different hackers. And I actually do not know why I had this thought, however I used to be considering I will meet these big-time hackers, and so they may need an ego as a result of they’ve already been to all these stay hacking occasions… However, as an alternative, it was the precise reverse. They had been essentially the most useful individuals and gave me among the greatest recommendation I may have requested for.

cubed4

The final takeaway is HackerOne went all out. They made everybody really feel included as a result of I may convey my sisters with me. Even they felt included. My sisters talked about this themselves.

JXoaT >>

We set expectations excessive for these occasions; numerous planning on our staff goes into making certain everybody has a time they may bear in mind.

Cubed >>

As a part of this interview, I would like to offer a shout-out to Years. I would not be doing something at HackerOne if it weren’t for him. He was the one who introduced up HackerOne to me. He and I had been in the identical information mining group, which is my different begin to hacking– so I need him included as a result of he is the explanation I am right here.

JXoaT >>

Here is my final query– what recommendation do you could have for hackers your age?

Cubed >>

Do not be a black hat. Get into bug bounty early. For those who’re into video video games and dig modding, it is a great way to show it right into a profession. Lots of people get sued for making cheats. Simply convert your data into completely different avenues in hacking, and you will find your self on an ideal path.

cubed5



Author: HackerOne
Date: 2023-04-21 14:31:07

Source link

spot_imgspot_img

Subscribe

Related articles

spot_imgspot_img
Alina A, Toronto
Alina A, Torontohttp://alinaa-cybersecurity.com
Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.

LEAVE A REPLY

Please enter your comment!
Please enter your name here