When you first start the game you will want to create accounts on the following:

• Browser.exe > search "bank" > Create a bank account
  
• Browser.exe > search "mail" > Create an email account
  
• Browser.exe > search "shop" > Download all of the tools to your "/bin" folder

You will then receive an email or possibly a mission request. Complete the mission (can be done by reading the manual). Your email will have an IP link to a new website - type it into the browser. This is the link to the actual app store and job postings.

If you are on multiplayer you will want to open "Chat.exe". Even if you do not open this program; other players can see you online.

Keep a file named "dictionary.txt" on your computer. In it keep a list of all passwords you come across, each password separated by a new line of text. You should also copy dictionary files found on others' PCs. You will use this file in brute force cracks throughout the game.

You can, and should, open multiple terminals to run commands that require your computer to parse information (% completion commands).

To view the syntax of any given command (aside from reviewing Manual.exe) type the command in question followed or preceeded by " help". In real CLIs you would use the following syntax for an example using the "echo" command:

• Linux: "man echo"
  
• DOS: "help echo"
  
• DOS: "echo /?"

Tired of having to decipher root passwords everytime you hack into a new machine?
Try Root Spoofing!
Save the full root hash of an already deciphered/nuked account and copy paste it into the location of your current target. With this new hash copied and saved into the "passwd" file just "sudo -s" in with the known password. An example follows:
Pretend that this hash deciphers to "hello" root:sa4sda9f8as7fd3asdf21s6d8f41
Copy the entire line from your computer into the passwd file on the victim and save...it must be the only hash in the file (so remember to overwrite the others).
Type "sudo -s"
Type your known passoword: "hello"

DO NOT:

• Share your IP willfully
  
• Share any of your own passwords
  
• Share your usernames

DO:

• Use different passwords for each account
  
• Keep backups of your files

You can prevent your data from being stolen by deleting the content of your "/home/$USER/Bank.txt", "/home/$USER/Mail.txt" and "/etc/passwd" files. The system will re-add your information each time you log into the corresponding accounts...make sure these files do not retain your hash information.

If you really wish to play it safe you may change the Read/Write/eXecute permissions of critical file systems. (such as /boot /sys /lib and /usr) **Fun fact- "/usr" is not short for "user" but "Unix System Resources".
"chmod-rwx" will REMOVE Read, Write and eXecute permissions because it uses a minus sign.
"chmod+x" will ADD eXecute permissions because it uses a plus sign.
You may mix and match RWX permissions as you see fit. To do this you will need to be on the Root account (with command "sudo -s" or by prefixing "sudo" to each "chmod" line.

If you ever get traced or hacked by another player your PC will be completely wiped. All purchased programs and text files will be permanently deleted. You may remedy this with some preparation. Find an IP address with minimal security. Hack in and create a file hidden within the machine. Copy all of your precious files into it. In the event you are hacked, the only true cost will be repurchasing the tools necessary to hack into your personal repo to retrieve your programs/files.

What if a player finds and raids your backup server? Create a 'living repo'! Make friends with other players in chat. Once you find a player you can trust or negotiate with, have them hold your files by repeating the above steps and sharing the IP with them. They will then retrieve the files and hold them. In exchange they may ask you to take their files for safety as well.

Ports are exposure, running servers is a risky business. Don't open any more ports on your PC than you have to...ideally you will be running all servers from the machines of your previous victims. Later versions of the game may feature servers you may rent from a separate hosting company.

At some point the game may add hardware upgrades for your PC. Firewall devices may offer some protection for your machine.

By changing your WiFi connection you change your IP address. After a session of hacking numerous sites, and leaving logs on them, you can end the session by cracking into a new router to obtain a new IP. Any players attempting PvP will only find a dead address in the logs.

PreHack: Make sure you have AdminMonitor.exe enabled and running. This will alert you of some traces.

First Contact:
Run the "ps" command to produce a table of running processes, their PID and process name.
If you see any "dsession" processes open this is your queue that admins are watching.
••Currently your only possible remedies to admin traces are as follows:
•••Remove "rm" all of the files in "/boot" and/or "/sys"
•••Reboot the victim's pc with "reboot"
•••Act as quickly as possible as you may still be traced
In future versions of the game you may be able to terminate the admins tracing abilities by running "kill" or "xkill" commands with the following syntax (assuming PID 1197 is the dsession process) "kill 1197".

During the Session:
Bounce your connections by visiting the CONNECTION BOUNCING section of this guide.

Exit:
Before leaving the victim shell you must check the logs. Currently there are no ways to remove the "disconnected" logs without having to return to the scene of the crime. As such you should NOT delete the logs reporting that you connected to the system - if an admin sees that you disconnected from a system without having entered (according to the logs) they will suspect foul play. With this in mind you must delete only logs that report your IP as having opened a "shell" on the system or any logs that report what may be interpreted as malicious behavior (ex: attempting to delete the entire "system.log" file, or "connection rerouted" logs).

Future versions of the game may offer solutions to the above issues. This may come in the form of a "ForkBomb". In the event that this attack is added you SHOULD delete your connection logs as you will fork exit without leaving a trace.

Type "iwlist eth0"
[find the SSID with the highest "PWR"]
Type "airmon start eth0"
Type "aireplay -b" followed by the info listed from the "iwlist eth0" command. An example follows:

Wait until you have ~7000+ ACKs. If the PWR level was strong you may need far more ACKs
Press "Crtl + C"
Type "aircrack file.cap"
The terminal will now produce the wifi password. Enter it accordingly (there is a wifi tool in your upper right screen)

Below are a number of ways to find victims to hack. They are in no particular order:

NSLOOKUP
Take any known in-game URL address; for this example we'll use "shop.com".
Type "nslookup www.shop.com" *Notice that you must include the "www." and ".com"

SYSTEM LOGS
Once you've broken into a machine you can read the "system.log" file found in /var.
Type "LogViewer.exe"
Navigate to "/var/system.log"
This will display all IPs that have connected to the device (NPC and real players).
Before you hack everyone you find consider this:
**You cannot delete your 'disconnected' logs...you leave logs too. Live by the sword, die by the sword.
Consider only hacking victims whom are NPCs or people who sloppily left their "Shell Opened" logs or deleted their 'connected' logs but forgot their disconnect logs will remain.


CHAT.EXE
Read the multiplayer chat...it's full of places to visit.

SCANLAN
If you're already connected to a device and believe there is more than meets the eye (as far as system users go):
Type "scanLan"
You will now see the IPs of local devices.
Read the FAQ section of this guide to learn how to hack local IPs.


MISSIONS
Connect to the hack shop page and visit the "Jobs" tab.
Read your email.

FTP access to a victim is unlike most other shells in that there are unique and limited commands for you to use. A full list of these commands can be found by typing "help ftp". [For an explanation on manuals see the general section of this guide].

To hack:
Type "nmap 123.123.123.123"
If the FTP port is in the Nmap list and is open:
Type "ftpnuke 123.123.123.123 fakepass" *You may replace "fakepass" with whatever word you like.
Type "ftp root@fakepass 123.123.123.123"
Depending on what other ports were open you may upload your escalation apps (sshescale", "web3xploit", etc.) with:
Type "ftp put " followed by the appropriate app you'd like to install
Run the command by typing its name into terminal. Ex: Type "sshescale" *This may or may not work at this point in the development cycle of the game.
You should now be able to "cd" / "ls" or FileExplorer.exe around to find passwords to fully access the system.
If you spot a file you need to retrieve type "ftp get " followed by the file name.
Follow the "Password Recovery" section of this guide.
Type "sudo -s" and input the password you have recovered.
You now own the system.

To hack:
Type "nmap 123.123.123.123"
If the SSH port is in the Nmap list and is open:
From here you either choose to be stealthy or to be aggressive.

Aggressive:
Type "sshnuke 123.123.123.123 -rootpw=fakepass" *You may replace "fakepass" with whatever word you like.
Type "ssh root@fakepass 123.123.123.123"

Stealthy:
Type "sshcrack -user person -P dictionary.txt 123.123.132.123"
If your dictionary file contains the password it will be bruteforced out of the system and displayed to you.
Type "ssh person@output 123.123.123.123" *"output" is the password found in the previous step.
If this found no results you may type "sshguest 123.123.123.123"
From here you may either upload your "sshescale" file into the /usr/bin directory and obtain root that way or you may decipher the "passwd" file and type "sudo -s" to obtain root.

"whois 123.123.123.123"
This is used to find out which user on a network is the administrator.

"smtp-user-list 123.123.123.123"
All this program does is list the active user accounts hosted by the network. Use it for social engineering hacks. Once you know the user emails you can send them messages from a prepared template by pressing the "PF" button. Use the correct template for the correct type of victim (user or admin).

• Do not send the admin template to the admin
  
• Do not try and pose as the person you are emailing
  
• All account names are case sensitive.
  
• You will need the first and last name of at least one account holder.

"shellmail person@abcd 123.123.123.123"
Type this to enter the machine but replace "person" and "abcd" with the findings of your social engineering attack.

To hack:
Type "nmap 123.123.123.123"
If the web port is in the Nmap list and is open:
Type "shellweb 123.123.123.123"



You will then begin a guest session on the target machine.
Read the below section on PASSWORD RECOVERY in this guide.
From here you may either upload your "web3xploit" file into the /usr/bin directory and obtain root that way or you may decipher the "passwd" file and type "sudo -s" to obtain root.
You now own the system.

Connection bouncing is when you reroute your connection through multiple computers. This dilutes your true IP as you assume your latest victim's IP. Think of this as if you were wearing multiple layers of masks...how far would someone really be willing to go to see the person hidden at the core?

To bounce connections:
1. Hack into any machine and obtain root privileges.
2. Install (via copy/paste, FTP commands or etc.) the hacking tools you wish to use from the new PC.
**Notice that this new PC will likely not have these programs installed and you won't be able to shellweb, ftpnuke, etc. without putting them on the new device.
3. Now, from this victim's PC you will begin hacking more PCs.
4. Repeat the steps above indefinitely to bounce more connections.

*Notice how you can exit from each shell in succession

You may also bounce logs by manually adding server credentials into "Map.exe".

Logs
Each new connection will create additional "shell opened" logs on the latest victim's PC. You must still delete these logs...
FURTHERMORE, the victim PC that you just came from (the one that you were at just before the newly obtained shell bounce) will create a "connection rerouted" log.
You must also delete these logs as you clean up your breadcrumb trail, exiting each machine via the terminal and reviewing LogViewer.exe.

Obviously this cascading effect does lead back to your home PC... To circumvent this you may open up a terminal on YOUR desktop, shell into the first (or even first few) victims and immediately delete the "rerouted" logs to create a dead end for authorities who may be tracing you.

The below ports currently do not work in this version of the game.

• 6233 Students
  
• 3692 Employees
  
• 141 Bank
  
• 6344 Dpreports
  
• 6578 Crimestats

To recover passwords from a victim's PC copy/download the appropriate files from your victim (often times "Bank.txt", "Mail.txt" and "passwd")
The default save location for these is in "/home/$USER" where $USER is your username.
Type "decipher " followed by the name of the file containing passwords.
You may transfer them to your PC by either opening a FileExplorer.exe window or making use of the "mv" commands.

These files are formatted with a colon delimiter as [account:passwordhash]. To retrieve the bank account or email look for the string in front of the ":".
At this time- if a file contains multiple accounts the decipher command will not properly read the file. You must copy all of the lines into a blank Notepad.exe file and decipher each account in the original file separately.

Ordering PC parts for an upgrade is an expensive, yet simple, process. To get the "best bang for your buck" you'll want a sizeable cash supply and a rough idea of what parts you want / what areas are most important to you.

To make an informed decision it is important to recognize what the components on a PC actually do:

Harddrive (aka HDD) - This determines how much space your computer has...how many files and applications it can hold.
RAM (aka memory) - This represents how many programs or tasks you may have running at any given time. If your PC is slow or you often times receive an alert that you cannot open any more windows- this is your culprit.
CPU - To put it generally, this is the computer's "brain" it has a big influence on the machine's speed and ability to handle many various tasks at once.
Power Supply (aka PSU) - To support all hardware; a proper amount of electrical power must be provided to your machine. The amount of W (watts) determines how much power and hardware devices you may have.
Motherboard (aka mobo) - This is the foundation of your PC, the piece that connects all others together. To be able to support numerous other pieces of hardware; your motherboard must have the proper connections and "compatibilities".

All purchased parts must be compatible to function properly. Examples:

• An LGA CPU will not install into a DGA motherboard
  
• A DDR3 RAM socket will not work on a DDR2 motherboard
  
• You cannot put 4 sticks of RAM in a motherboard with only 1 RAM socket

Hopefully you noticed how important your motherboard choice is as it's oftentimes the limiting factor in your purchases (aside from price).

The primary factors for what hardware you will need come down to CPU socket and RAM model. Both of these elements must be compatible with the motherboard which, preferably, allows for future expansions.

My game won't run but I meet all of the system requirements?
This may be an issue with DirectX drivers. Add the following line to your game launch options:
"-force-d3d9"


How do I play this game on another (real life) PC?
Visit the storage location of your game files (on your real PC). The location should be something like: C:\Program Files (x86)\Steam\steamapps\common\Grey Hack
In the \Grey Hack_Data folder locate GreyHackDB.db - copy this file into the same directory on another PC.
Steam Cloud integration is on the developer's roadmap for future updates.

How do you connect to victim's IP once logged into public IP?
1. "nmap 123.123.123.123"
2. Buy or download a program from the shop that relates to open ports. These ports are listed in this guide.
3. Follow the above sections about properly opening ports.
4. Once you're in you'll probably be a guest. "cd" and "ls" around the file structure looking for a password file that you can decipher on your own PC. You may open multiple terminals and even a FileViewer.exe on the target's pc to quickly copy/paste files between computers.
4a. If you are unable to find a password file you may need to use one of your permission escalation programs. Think of "sshescale" and "web3xploit" for example.
5. Once you have the "root" password run the command "sudo -s". You will be prompted to enter the password.

You are now connected as the admin.
6. With root access you may now begin uploading files to the system folders. Copy in your hacking tools
7. Nmap the IP address of the local PC. The IP will be something similar to "192.168.x.x"
8. Keep in mind that you are still shelled into your first victim - you will now begin the entire process (from #1) but within this shell.
9. Once you've hacked the victim you are now chained in through multiple shells. Act accordingly and finish your mission.

What is "SUDO"?
"Super User Do"- It allows you to take administrative control over system processes and protections. You may prefix commands with "sudo " for a one line use or type "sudo -s" to keep your root access open.

All of the ports on this IP are closed. What do I do?
Your best bet will be to consider all of the information that has been provided to you about this particular IP. This, in addition to the SMTP / social engineering hacks may provide you with some entry options. At this point in the game, there are servers that cannot be hacked for one reason or another...you might just be out of luck.

• Do you need to buy more apps?
  
• Have you considered all of your apps? (root escalators)
  
• If you can't hack the system can you hack its users? (social engineering)
  
• Does the mission even require you to enter the system? Can your goals be accomplished outside of the system?

I am running a hosting service right now and have open ports. How do I close them?
At this point in the game you cannot close ports. To see a list of security options read the ACTIVE DEFENSE and PASSIVE DEFENSE sections of this guide.

I've hacked into an IP but no commands are working?
There are three possible reasons for this.
1. You're in via FTP ports and therefore must use only the provided FTP commands (type "ftp help") until you can gain more traditional shell access.
2. Another player has been there before you and has either deleted or modified all of the /bin and /usr/bin files. The system was borked...that's hacking.
3. You are encountering a glitch.

I accidentally deleted my "connection" logs...what do I do?!?
1. Return to the device that has the missing logs ASAP
2. Delete only the "disconnected" and your most recent "shell opened" or "connection rerouted" logs.
3. Exit the system

How do I hack other real players or know if I'm in one's PC?
You can hack into other players' devices the same way as anyone elses...the trick is finding the IP. You will know you're in when you start seeing things unlike those found on NPC computers:

• There are hacking files in the /bin/ or /usr/bin directories.
  
• Files that usually contain passwords have been modified.
  
• They left a "ReadMe.txt" message for you to find.
  
• They have a massive dictionary file.
  
• They've used "chmod" in a lot of places.
  
• The Bank.txt account has amounts that you would not expect to regularly see.

How do I find out which version of an app I have? ...I forgot
At this point you cannot find out. What you can do is rename your apps after you buy them to include the version number:
"shellweb" --> "shellweb31" to represent version 3.1
** Do not add "." to a file name unless it's part of the file extention.

Ctrl+C and Ctrl+V work everywhere in the game except the terminal...
Yes- this is how terminals are supposed to work. Typing those keystrokes actually sends commands to a Linux terminal so they will not be used for copy/paste. For example, pressing Crtl+C in a real Linux terminal will stop any commands/scripts that are currently running.Use right click to highlight text and copy/paste or use Crtl+Shift+C instead.

I think I found a glitch, what do I do?
1. Ask in Chat.exe if anyone is experiencing something similar or if you're just not seeing something.
2. If others are having the same experience; try your best to describe the symptoms and steps that could be retraced to reproduce this issue. Screenshots are welcome!
3. Contact the games sole developer "KuRouZu" with the above information.

I keep getting disconnected from multiplayer..
When the server officially reboots there is usually a warning prompt.
At this point in time the game does not seem to have a lag buffer - if you lose your (real life) internet connection for a brief amount of time you will be dropped from the server.

How realistic is this game?
The commands/tactics/UI and many other facets of this game are based on real life penetration testing functions. Clearly there has been a significant amount of content left out for simplicity as this is a game. Do not think you can hack successfully because you enjoy this game...

Where can I find the tools used in this game?
ask someone Knowledgeable in ALl areas of Information technology.

Black Hat
Pronoun / Adjective:
A hacker/system user or action with malicious or self serving intentions. They often bring destruction and lulz.
See also: White Hat, Grey Hat

CLI
Noun:
Short for "command line interface"
Text based computational programming. Examples include Microsoft DOS/Powershell and Linux Shell.
See also: GUI

Grey Hat
aka Gray Hack
Pronoun / Adjective:
A hacker/system user (or action) who doesn't always have malicious intentions, but isn't always playing by the rules either.
See also: White Hat, Black Hat

GUI
Noun:
Short for "graphical user interface"
Visual computational programming. Examples include explorer and browser windows.
See also: CLI

Hat
Adjective:
White, Gray, Black (we'll skip Red for now) Hats are descriptors of system users or hackers. The term originates from old black and white TV cowboy shows in which, due to a lack of color, the 'good guys' and 'bad guys' were distinguished by the color of their hats.


Linux
Noun:
The operating system that saves you from Microsoft's constant BS. Learn it. Love it. Be free.


Repo
Short for: Repository
Noun:
This is the method by which users install / manage programs in Linux. As far as this game is concerned it's a cache or dump of free files to be shared.

Root
Noun:
The administrative account/permission on Linux based systems.

RTFM
Acronym:
The origins of this term stem from the Arch Linux community...people in this community may appreciate the irony in this link:
"What does RTFM mean?"[www.letmegooglethat.com]

Shell
aka Bash (for all intents and purposes)
Noun:
Refers to the general terminal and its commands.
Noun:
Having obtained, often times illegal, root access remotely to another person's PC.

Skid
Pronoun - derogatory:
Short for "script kiddie"
One who can run premade, oftentimes GUI based, programs to accomplish hacking tasks but has no idea what the programs are actually doing or how to perform the same actions without the assistance of a script.
Adjective:
A preassembled script for convenient use.


White Hat
Pronoun / Adjective:
A hacker/system user (or action) who hacks with benevolent intentions. Often times this includes reporting security flaws or bad actors
See also: Grey Hat, Black Hat

I play as "cryptomunger" feel free to ask me questions and offer your advice!

To be added to later guides:
Port forwarding via 192.168.0.1 (recommended addition by serverSlayer)
Scripting - when added as a gameplay mechanic
Server hosting (FTP/SSH/HTTP):

• Domain hijacking
  
• Hosting EXEs
  
• Renting domains

HINTED FUTURE GAMEPLAY MECHANICS

• It is believed that at some point players will be able to run their own app stores via rented servers.
  
• It is possible at some point players will be able to write their own shell scripts.
  
• There will be more apps and terminal commands released in upcoming versions.

Join the discord at:
https://discord.gg/wAmwwC

A big thank you to KuRouZu for producing such an involved, intricate and educational game!