Ethical Hacking and The Hacker Culture

Nowadays most of us have heard the term Ethical Hacker due to ‘hacktivist’ groups like Anonymous gaining popularity in the media. But what exactly is Ethical Hacking? We have a general idea that it means hacking without any malicious intent, or more simply the kind of hacking the ‘good guys’ do. But if we delve deeper, it means more than that, it represents a philosophy and morality popular among the hacker and hacktivist communities.


Formally Ethical Hacking may be defined as the practice of systematically attempting to break into or penetrate for the purpose of locating weaknesses and vulnerabilities of the computer system by duplicating the actions of malicious black-hat hackers. Actually, what I just said defines Penetration Testing, to be precise ‘Ethical Hacking’ is a term coined by IBM meant to imply a broader category than just penetration testing. Ethical hackers do this ‘penetration testing’ on the request of or by being employed by the owner of the computer system so that he can fix these weaknesses and make the system more secure.


Ethical hackers generally follow a set of moral values and philosophy. They promote sharing of knowledge, they believe that all information should be free. They also believe bureaucracies such as corporates are flawed systems, they promote decentralization so that may lead to freedom of information exchange. They say that hackers shouldn’t be judged by their age, race, or qualifications, they should only by judged by their hacking skill. A common value of community and collaboration is also present among the hackers.

I should emphasize that being an ethical hacker doesn’t necessarily mean having these qualities and following these moral values and philosophies. Hacker ethics are separate from just being a hacker. But these ethics are very popular among the general hacking community and so it may be considered as a trait of the community, maybe not of an individual hacker.

Before concluding I would like to share a small essay written by a hacker by the name (rather pseudo name) of ‘The Mentor’ shortly after being arrested. It’s called ‘The Hacker Manifesto’, and is considered one of the cornerstone of the hacker culture. You can find it here –

Email | Structure and How to Trace it

We all have received fake spam mail telling us that we’ve won million dollars at some point in our life. Maybe one day you receive a threatening email or a simple phishing mail, and you want to find out who did it so that you can hack him in return. To do that you need to know the IP address of the mail server sending the email. In this article I’m gonna show you how to do that, after introducing you to the basics of the structure of an Internet Message or simply, Email.

Email is one of oldest mode of communication through a computer network (usually the Internet) which is still popular today. The Email which we are familiar with was standardized and came into popular usage in the early 1970s, and it has been a core foundation of the Internet since then. Nowadays we all use a fancy web interface or mobile app to send and view received emails, so we don’t have to worry about how is it working. But that isn’t enough for a hacker, is it? If we don’t know the detailed intricacies of its mechanism, how can we exploit it or do something advanced with it? So, keep reading!

The Internet Message Format

The current Email format is defined in RFC 5322. Multimedia Email attachments’ format is defined in RFC 2045 through RFC 2049, and this format is called Multimedia Internet Mail Extensions or simply MIME. You can read those RFC articles to get a fully detailed formal documentation of the structure and format of email, but it’s not necessary as I will discuss it in short here. Nevertheless, if you are interested to learn more, you can check them out after reading this post of mine.

At the most basic level, an email is a series of ASCII characters. It consists of line of characters, lines ending with ASCII ‘CRLF’ (carriage return and line feed). The entire email can be divided into two parts, the Header section and the Body. Let’s see an example email to get an idea of what we are talking about.

Received: by with SMTP id e31csp1128773qtc;
Tue, 18 Oct 2016 09:50:19 -0700 (PDT)
X-Received: by with SMTP id n82mr2118112ioi.125.1476809419401;
Tue, 18 Oct 2016 09:50:19 -0700 (PDT)
Received: from ( [])
by with ESMTPS id g126si21395826ioa.252.2016.
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 18 Oct 2016 09:50:19 -0700 (PDT)
Received-SPF: pass ( domain of designates as permitted sender) client-ip=;
spf=pass ( domain of designates as permitted sender)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=mime-version:from:to:reply-to:subject:content-type:content-transfer-encoding; s=smtpapi; bh=yheKlMFCWTtON78IXgxVWyAUb78=; b=I8q38u7TFdqinW6Y02 AM+ifHWAvTihYfBs5GSZl8JDnuc1BlMffeS8KUkWyRJjLY+B0ch4uPXBvCHdCZ75 VGkMp0jmmQRyVzQ4hfvAeTYVJ0fDzB89cHKyTzLTpd/ak9D0OAcc+6TJFqCgURMH CSrAzDL/ejxBTOEgepL8Y3Feg=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=mime-version:from:to:reply-to:subject:content-type:content-transfer-encoding:x-feedback-id; s=smtpapi; bh=yheKlMFCWTtON78IXgxVWyAUb78=; b=YK6zoBmBYxE2GRUFIh Qze6EJGuxLw1UtO+NGfdmUgSmtNVLUt8p/N+CS9nPNONFESaVo2Ebk0iV8OBXqs0 EhPaOVOIiAcnSI/fwzd8A/dN+y3gqNquU3ysc9Gyk3kDcFSI8nj9yC4uhAs4fpMv AC/2kWdHjFjHBiTRYcL07C46M=
Received: by with SMTP id filter0958p1mdw1.2775.580652C7AF
2016-10-18 16:50:15.915852162 +0000 UTC
Received: from ECPRID2AWEB004 ( []) by (SG) with ESMTP id aIawJW2DTFi0CgbichcKJg for ; Tue, 18 Oct 2016 16:50:15.917 +0000 (UTC)
MIME-Version: 1.0
From: Autodesk 
Date: 18 Oct 2016 16:50:15 +0000
Subject: Verify your Autodesk account
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
X-SG-EID: iimKsBOu00eJI3OJPONMulw6aZ/yjiemm1SqdEDLcTZBP1eHyN3Qr32i1Vdhd5J7BwflVrWhRCLr0j woo/OKUHaIA1bGmnv8Qd2DfN0OSocqGDQ8DK7afms0hcjbrNUG/S3Bsv7fJWCR15UEaoJ/qfJtpdgG gZSAdl3d07GxUEWB0KHMNBmsfHLUEhfyzWPfn5IBYcQ334wRxcWBQ/eu31XQd8fIXETIiBgrd19ic6 SiLuZKRyxs7mVzCv46+9G/
X-Feedback-ID: 1621835:SZNY+iwS6efjfOV9JjNuzvzTddPNBc3FolKu4zujGFA=:SZNY+iwS6efjfOV9JjNuzvzTddPNBc3FolKu4zujGFA=:SG


The part before the first empty line is the header of this email, and after that the rest is body. Here you can see that the body part looks like some incomprehensible garbage, that’s because it is a MIME message, and the garbage part is actually HTML data encoded by Base64 encoding. You can decode it using any of the Base64 decoder found online and get the HTML data. Anyway, we are going to focus on the header part, because all other critical information resides in there, the body part contains just the message.

We can see the header part consists of header fields, each header field consisting of a field name and field value separated by a colon ‘:’.  for example a header field of this email is


Where ‘Delivered-To’ is the field name and ‘’ is the field value. Just to be clear, I replaced my original email ID with ‘’ here.

The header section can contain any number of information in this format, there is no restriction. So there can be different header fields in various emails. But there are certain fields that are mandatory, and those contain the information we need to trace the mail. You can read about various email header fields here on Wikipedia.

Tracing an Email

Now that we know the basics of the Internet Message Format, it’s time we dive into the fun stuff, tracing the email. For that, we need to concentrate on the Trace fields, so to speak. They contain the information needed to trace it, obviously. The trace fields are:

  • Received
  • Return-Path
  • Authentication-Results
  • Received-SPF
  • Auto-Submitted
  • VBR-Info

Among these, the Received field is the most important and most reliable. When an SMTP server receives a message it inserts this header at the top of the message. And as most emails go through several SMTP servers in the journey from the sender to receiver, it contains several Received fields, each one inserted by different SMTP servers. In the example email the Received fields are:

Received: by with SMTP id e31csp1128773qtc;
        Tue, 18 Oct 2016 09:50:19 -0700 (PDT)
X-Received: by with SMTP id n82mr2118112ioi.125.1476809419401;
        Tue, 18 Oct 2016 09:50:19 -0700 (PDT)
Received: from ( [])
        by with ESMTPS id g126si21395826ioa.252.2016.
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 18 Oct 2016 09:50:19 -0700 (PDT)
Received: by with SMTP id filter0958p1mdw1.2775.580652C7AF
        2016-10-18 16:50:15.915852162 +0000 UTC
Received: from ECPRID2AWEB004 ( []) by (SG) with ESMTP id aIawJW2DTFi0CgbichcKJg for ; Tue, 18 Oct 2016 16:50:15.917 +0000 (UTC)

As SMTP servers insert the Received field at the top of the email when they receive it, if we read them from top to bottom we can trace the path through the email has travelled. The field value of the Received header field generally contains the host name or IP address of itself and the host name or IP of the server from which it received the mail.

Another thing to note here, I’ve also listed the X-Received header field. Any field starting with X is a non-standard header and it cannot be trusted. It’s used by mail servers for their own benefit, generally a servers won’t trust X headers inserted by any other server. Anyway, I’ve still included this because it may give us some additional information, keeping in mind that it is not very reliable. So from the Received (and X-Received) fields of the example mail, we can trace the route of the mail, and it would look like this

  • []

The email went through these servers in this order. So the mail server that actually sent the email is the first one, and if you were after that one for reasons, you can focus on that.

Automating the Tracing of an Email

Although it’s good or maybe essential for a hacker to know how to manually trace an email, you don’t have to do it every time. There are many tools in the Internet that automate this process. You just have to paste the email header in those tools and they will trace the route of it. Just search email header analyser in Google and you’ll get a lot of tools like this. There’s one made by Google itself, you can get it here. Happy hacking!

cheap viagra amoxicillian cialis 20 mg viagra cialis natural viagra alternatives that work amoxicillin rash axoloti cialis on line viagra government funded cialis vs viagra viagra pills amoxicillin 500mg capsules generic viagra 100mg cialis 10 mg viagra canada amoxicillin 500 mg for sinus infection cialis viagra cost axolotyl is viagra government funded revatio vs viagra buy viagra amoxicillin side effects in men amoxicillin tablets amovil viagra 100mg tablets retail price viagra coupons viagra patent expiration viagra from canada viagra dosage cialis generic tadalafil axolotl amoxil 500 mg cilias amoxicilina amoxycillin viamedic cialis utilisation viagra augmentin 875-125 amox-clav 875-125 mg tablet xolotl is viagra federally funded cialis 5 mg levitra vs viagra where to buy viagra amoxicillin for cats cialis canada buy viagra online axoltl free viagra cialis copay card what is amoxicillin used for amoxicillin 500 mg and alcohol side effects of cialis viagra for women viagra side effects female viagra cialis for men viagra government funding cialis price cialis medication viagra ingredients cialis professional cialis effects cialis testimonials amoxicillin medscape cialis tadalafil pfizer viagra viagra generic when will cialis go generic viagra without a doctor prescription generic cialis tadalafil cialis coupon 20 mg viagra alternatives cialis coupon cialis side effects amoxicillin 875 mg canadian viagra wholesale cialis trial viagra sample cialis sample cyalis viagra coupons 75 off amoxicillin generic for cialis cialis otc viagra girls amoxidal how does cialis work mexican salamander viagra pill amox/k clav 875-125 amoxcillin cialis alternative cialis free trial discount cialis cialis coupons 2017 how to take cialis viagra costs cialis from canada cialis savings card discount viagra cost of viagra cialis for women price cialis cealis cialis or viagra cialis patent expiration 2017 is viagra covered by insurance cialis pharmacy prices amoxicillin 250mg cvs pharmacy viagra coupons cialis generic cialis dosage amox-clav 875-125 mexican walking fish viagra dose walgreens viagra substitute is viagra government funded in america erectile dysfunction cialis dosage of amoxicillin amoxicillin uses amox-clav 875-125 mg viagra from amazon online cialis cialis 30 day trial coupon amoxicillin 500 mg viagra single packs inexpensive viagra pills viagra pills for sale sex viagra for women amoxi cialis for daily use cialis canadian pharmacy viagra coupons from pfizer amoxicilin side effects of amoxicillin amoxicillin/clavulanic acid amoxicillin and clavulanate potassium 875 125 cialis pills for sale axolotls amoxicillin 500mg augmentin 500 cialis samples overnight viagra single packs cost cialis patent expiration viagra porn viagra online amox clav 875 cialis dosage strengths viagra substitute axlotl amoxicillan cialis voucher how long does viagra last what is cialis cialis daily viagra best price canadian cialis sildenafil vs viagra cialis coupons non prescribed viagra viagra otc viagra viagra 100mg price walmart cialis for bph cialis 20mg directions liquid cialis amoxicillin dosing pfizer viagra coupons viagra vs cialis natural viagra cialis 20mg amox clav 875-125 viagra vs cialis amoxicillin 500 augmentin drug class amoxicillin side effects best price viagra amoxacilin what is viagra cialis pills amoxillin trimox tamoxifen side effect of amoxicillin amoxil cialas amoxin cialis for sale how does viagra work cialis discount herbal viagra how much does cialis cost cialis 5mg daily cialis online stendra vs viagra healthy man viagra cialis samples online viagra amoxicillin uti daily cialis cialis coupon print viagra prices lowest cialis prices cialis vs viagra amoxicillin dosage sophia viagra cialis 5mg free cialis cialis coupons from manufacturer cialis reviews anadrol cialis or viagra cialis 30 day sample side effects of viagra viagra without prescription viagra price buy cialis online viagra sex side effects of amoxicillin 500 mg generic viagra available in usa what is amoxicillin viagra samples cialis website cialis cost cialis without a doctor’s prescription generic cialis buy cialis cialis trial cialis coupons printable cialis prices female viagra pills amoxicillin side effects in women cialis dosage recommendations is viagra funded by government viagra activate viagra on line no prec viagra without a doctor prescription usa what does viagra do how much does viagra cost generic viagra canada viagra cialis cheap axolot viagra pharmacy order online viagra 200 cialis coupon viagra savings offer viagra vs cialis vs levitra what is anoxia over the counter viagra women viagra does viagra work amoxicillin trihydrate 500mg augmentin dosage moxil amoxil dosage generic for viagra cost of cialis viagra coupon cheap cialis viagra prices without insurance viagra on line amox viagra for sale cialis pricing cialis patent expiration date extended canada cialis amoxicillin clavulanate does the government fund viagra cialis generic availability generic cialis at walmart