First they hack their web interface, using SQL injection (as chrisname said this is fairly easy), after that they dump their database and begin cracking passwords(e.g. john the ripper). After cracking their passwords they log on to the CEO's email and use social engineering to gain access to their server.
Hacking is a collection of skills, and knowing c/c++ almost required, assembly is next, then it kind of splinters on what you like doing.
An important question to ask yourself is why do you want to hack. What do really want to achieve. There are many good reasons and even more bad reasons.
Phrack is an online magazine that has many interesting things, and has articles on nearly all aspects of hacking.
The Matrix Realoaded has one of, if not the, only realistic hacking scenes, where Trinity uses nmap to exploit a bug in an SSH server (this was a real bug which existed in 2001): http://nmap.org/movies.html
That would depend on your definition of hacker. Most people seem to be confusing hackers with script kiddies and crackers. Real hackers are just programmers who sometimes find exploits and report them. Imagine Linux without hackers around to make it (and make it better).
So this forum is two-faced? :/ One guy asks about hacking games and gets told to go to a hacking site and not discuss it here. Then a few days later a different hacking thread starts and gets 3 pages to it. I think if you are going to shun one user from asking about hacking you shouldn't continue to talk about another aspect of hacking in another thread.
In that thread, I'm pretty sure the OP just wanted to mod games, not to make no-CD cracks (which is ridiculously easy and can be done with nothing more than a hex editor, assembly knowledge and knowledge of how games detect CDs). Also, I think it's pathetic that some people withhold information just because someone might do something bad with it. It's pretty well known that security-through-obscurity doesn't work (take, I don't know, literally every closed-source program which has ever had or currently has a security hole (in other words, most probably all of them)). And that's not to mention the ethical problems with controlling people by controlling the flow of information. If you don't want someone to know that there's a security flaw in something, fix the security flaw.
Also, if you're concerned about the legality, tell him it's illegal. Otherwise, he's just going to go somewhere else where they might not tell him it's illegal.