White hat hackers work legally and ethically by obtaining explicit permission from companies to hack their systems. They aim to identify vulnerabilities and fully disclose their findings to help companies improve security. In contrast, grey hat hackers do not have permission but generally do not abuse exploits for personal gain, instead offering to disclose vulnerabilities for a fee. Black hat hackers deliberately exploit systems illegally and maliciously, hiding their activities and selling information to third parties without consent.