In the game, hacking is the act of successfully connecting to another server (computer) with special permissions. There are, currently, two ways of hacking.
After a successful attack, every server is stored on the Hacked Database.
Every server is protected with a password. The brute-force method uses the Cracker software to systematically check all possible passwords until the correct one is found. It is very fast when cracking weak passwords, but more complex passwords can mean infinite time to crack. Therefore, the use of a Password Hash software is essential to protect against the attack.
When successful, it returns the root password, giving the attacker full access to the victim's computer.
Instructions to crack a bank account are similar, returning the account password instead.
The time needed to complete a brute-force attack is affected by both attacker's cracker version and victim's hasher version, plus the attacker's CPU power.
An alternative method of attack is known as exploitation. It consists of exploiting vulnerabilities on specific services running within every computer. These services are known as SSH and FTP, and are responsible for CPU-related actions and file transfers, respectively.
First, the attacker needs to scan an IP address to know whether the victim is vulnerable to his exploits. In order to be vulnerable to some (or both) exploits, the victim's Firewall version must be smaller than or equal to the attacker's exploits versions.
If the scan returns a positive result, the attacker can use at least one of his exploits to achieve special permissions on the victim's server. If only the FTP service is vulnerable, the attacker will achieve FTP permission and will be able to download and upload files only. If the SSH service is vulnerable, the attacker will be able to install, delete, run, hide or seek files on the victim, but won't be able to transfer files. In both cases, though, the attacker can view and edit logs.
If both FTP and SSH services are vulnerable, the attacker will have full root access, being able to do everything a brute-force hacker would do. The only difference is the password of the server won't be listed on the Hacked Database.
In order to login and keep logged, a few criteria needs to be matched.
To keep logged, the attacker must
To keep logged, the attacker must
In other words: User is disconnected if
Permissions are lost if
In this case, the user keeps logged with the permissions of the working exploit only.
Bank hacking is the act of discovering the password for a specific bank account.