I read an article the other day about some Australian dude who works out of coffee shops and hacks various companies and collects their bounties. He makes $250,000 / year.
There are companies out there that will pay you $500,000-1,000,000 for a hack of iOS (pic related).
How do I learn this stuff? It would be my dream job to HAXOR TEH GIBSON and make mad cash.
Can Sup Forums make a curriculum to study this shit to get good so a person can make money finding & reporting bugs and collecting bounties?
Step 1: Make a thread on Sup Forums. Step 2: Make a thread on reddit.
Xavier Gomez
You might seriously be retarded. Think of the number of computer programmers that exist. All of them know more than you BUT NONE OF THEM CAN HACK THE APPLE iOS AND MAKE A MILLION DOLLARS.
Samuel Martinez
Pentesting is all about perseverance, not about knowledge. If you're crazy enough to fuzz the shit out of somethign, you can stumble on a lot of low-lying bugs and make a really decent living.
>Now 21, it is his full time job. This month so far he has earned $21,150, in installments: he counted them out over the phone – “400, plus 400, plus 300, plus 100, plus 1,000, plus 3,000, plus 4,000…”
>Wakelam’s month-to-month profit varies considerably, but in an average year, he said, he can comfortably clear $250,000, working from his home in Melbourne or on his Macbook in coffee shops or nearby bars.
THis guy is fucking cool. I wanna be this guy!
Dylan Walker
No.
Connor Scott
Good luck doing it without having any knowledge about any of the devices you're pentesting.
Jace Moore
its bretty hard, thats why they paid that much and probably on dank weeb they would pay few times more for this exploit
Most of those webdevs are lazy af.
Like people asking on Sup Forums why would they need discrete math in programming
kek
Isaiah Thompson
>I read an article the other day about some Australian dude who works out of coffee shops and hacks various companies and collects their bounties.
Fucking traitor.
Parker Rogers
>find an exploit in a popular softwar >sell it on dank meme >few days later take money from the company which owns the software for discovering the bug >???? >profit
Jonathan Roberts
don't spoil the fun user Everyone must learn discrete math
Jordan Bennett
>ts bretty hard, thats why they paid that much and probably on dank weeb they would pay few times more for this exploit After the latest iOS exploit was exposed, the price of iOS exploits will shoot up again.
iOS is extremely hardened at this point. NCO needed 3 chained exploits to get RCE. Now all of that was patched and hardened even more.
Wouldn't surprise me if iOS RCE went for $2 million once iOS 10 is out.
Brody Evans
I am almost sure they really gonna fuck something pretty stupid but no one will find it for 2 years and the person who finds it will be rich Also what is NCO and RCE
Andrew Gutierrez
14 replies, no actual useful answers to OP's question.
never change Sup Forums.
Andrew Watson
You can't become a hacker.
Nathaniel Clark
Did you read about all the hacker wannabes who make $11k/year at their dayjobs as Walmart greeters while they try and fail to write exploits?
You have a way higher chance of making $250k/year working in compsec at one of the big three, and that's basically a prerequisite for being able to do this kind of work.
Liam Cooper
>follow online CS curriculum complete with free ebooks >study like hell for years >apply your knowledge Just like any other industry except here you don't need licensing and other shit. That doesn't mean it's easy though. I'm self-trained and a systems programmer who works on contract. Took me about seven years of self-study to start landing more than baby's first job kind of pay.
Some savant kids are going to kick right through the material and start pwning their way to money, but that's not the average person. If you want to emulate them you'll likely do it with hard work and grim determination.
The upside in this case is that you can do it from the comfort of your couch with a plate of tendies nearby.
ps. Also get /fit/ while you're doing it, self-improvement requires a better body and mind. Body-weight fitness is fine if you are too socially awkward to go outside and find a gym.
Jordan Gomez
>self-study meme
This never works. Nobody on this board without a degree is anything but a lying NEET. I teach CS at UCSD. I have seen what happens to drop-outs. Get the degree or go to McDonalds. Your choice.
Carter Lewis
so, which assembly and rev engineering books are good for someone to start with?
Isaiah Harris
>Can Sup Forums make a curriculum
That's what it is basically. Most stuff in CS is based off the same curriculum, with some specialties.
A curriculum has math as the base, then theory of computation, graph theory etc. over that, then data structures, algorithms and principles of programming languages over that. Then you learn programming languages over that, then things like Drupal, Joomla etc. over that.
Best thing is go for a BSCS at a college, get credit while learning.
Just look at recent Joomla or Drupal bugs and see if you can find stuff like that.
It's easier to find a bug in Joomla then a bug in Linux that lets you get root.
One reason to fill out your basic programming skills is if you get bored with bug bounties, you can do other stuff too.
Go to Youtube and look for "Henning Brauer" and "OpenBGP". On one video he said he implemented BGP correctly but in a way Cisco routers did not expect, so his program became a denial of service attack against Cisco routers (unexpectedly).
If you're not having luck, go back to basics. Learn Drupal better. Learn PHP better. Learn algorithms and data structures and the fetch execute cycle better. And so on.
Ayden Turner
thats some good shit! thanks user!
Benjamin Smith
I graduated with a 3.8 gpa from Michigan with a degree in computer science. I have a github with a bunch of contributions over the past few years.
Do you care to guess where I'm working? It has nothing to do with programming or technology. And no I don't have anything in my past that would disqualify me from a job. If I had been born black or a woman, I'd have a job in the industry.
It's not that people are weighing the decision between going to college and getting a job automatically after graduating vs skipping college and pursuing other things. It's that people are realizing that companies aren't fucking hiring the people best suited to fill the jobs and are instead are focusing on bullshit like hiring people because they're a minority or a woman, or importing H1-Bs to work for lower wages.
Jeremiah Williams
I self studied, and now I work at Google
Zachary Wood
1. Identify system you want to exploit or damage 2. Learn how the system operates, learn everything possible about it. 3. practice exploiting the system with a copy you have back home until you've found one that you think will work best 4. confirm exploit really works 5. apply to target
Thats the essence of it, go on from there and collect your knowledge of how things work that you want to be in control of.
Jack Bailey
step 3: click the first link for the first post to the appropiate sub/r/
Thomas Brooks
How much do those niggers pay for iOS device hardware exploits?
