How do Anonymous hack into servers?

There are a couple of different answers to how this is done, but they all basically involve reverse engineering, either technically or logically.

The logical reverse engineer involves thinking backwards through how you became a netizen, basically, and set up accounts and so on. Most of us, if we are standard, non paranoid web-users, have a junk email account or two which we use to set up accounts, do registrations for dumb sites which require such, and tasks of that nature. Personally I tend to hold on to old email accounts for this purpose. And generally, if we are incautious people, as most of us are statistically, we have some passwords stored inside email, etc. Remember now that there are procedures to follow at most email providers for lost passwords, which generally rely on another piece of information that "only you could know" such as the name of your first grade teacher, the name of your first pet, your favorite brand of pipe tobacco, or whatever.

So follow it through - you have a large number of people in a corporation who have basic access to the network. Many of them are statistically incautious, no matter what assurances their IT department might offer after the fact. So all you have to do is figure out the name of one of those people's first grade teacher, or pet or pipe tobacco or whatever, do the reset password thing, get into their Hotmail or AOL email, then follow up the chain from there. You're likely to find a mention of their password doing a basic search on the files in their sent folder. For a lot of people, if you find one password, you gain access to about half their shit because they aren't bothered to change it.

So that's the gist of this technique - you figure out, person by person, how to access each new level into a place. This is more or less exactly how they hacked something of Palin's last year, but I have only sort of a vague memory of that and don't remember what or why. I'm kind of baked, honestly. Shit - would you say that to a five year old? Probably not. Probably wouldn't say shit either, but you never know - kids can be cool about that stuff sometimes.

Anyways, so the other type of reverse engineer is to think technically backward through the pipes on a web server. When you think about it, much of the data on a web server is publicly available by design. Otherwise surfing the web would involve entering a lot of passwords and shit (earmuffs!) to just look at normal stuff. Plus, a lot of the features on a web server are by design interactive, so they are reacting to data which you give them and giving you results, as in a search feature, for instance, or a form. Now, when that data gets passed back and forth - there's a lot of capacity for failure in the exchange. All of those interactions involve giving instruction to the web server, like "find me all of the puffy pictures you have on this server". So in a nutshell, hackers try to include more instructions with that literal line and often that works. So they basically add a line of code that says "find me all of the puffy pictures you have on this server, and by the way, what's the root password to your database?" And a lot of the time, the server is configured wrong and tells you both answers. That's SQL injection in a very simplified way from a guy who's never done it. Just another reliable piece of internet information, basically.

There are more complicated ways to hack web servers, but all of them are basically aimed at getting the root password for the server, at which point you can wreak complete havoc on anything you want. So that's what they need - one keyphrase that is human readable and probably known by 3 or 4 people at the very least. Given just that simple fact, it's pretty easy to see how any basic web system can be hacked given enough time, people, and determination.