Interesting Site

Read Newer Interesting Post on Facebook

Related Posts with Thumbnails
Showing posts with label Google Hack. Show all posts
Showing posts with label Google Hack. Show all posts

All In One Keylogger

www.tips-fb.com

Mac Parental Control
Protect Kids
Monitor your Mac
Monitor your Mac
Catch a cheating spouse
Cheating Spouse
Employee Monitoring
Monitor
employees




All In One Keylogger
Special Features

Captures all keystrokes (Keystrokes Recorder).
Records instant messengers.
Invisible in Task Manager (All Windows Versions).
Automatically flushes recorded logs into a USB stick upon plug in.
Disable Anti Keyloggers.
Monitors application usage.
Captures desktop activity.
Auto Uninstall at a specific date.
Captures screenshots.
Quick search over the log.
Sends reports via e-Mail, FTP, Network. Rec microphone sounds.
Generate HTML reports.
Disable unwanted softwares.
Filter monitored user accounts.
Captured screenshots "Slide Show".
Sends reports by FTP.
Sends reports in HTML format.
Blocks unwanted URLs.
Stops logging when computer is Idle.

Special Features:
Captures mouse Cursor.
Support for Dual Monitor.
Sends Logs Via Network.
Advanced Search for Log Viewer.
Full support for Windows Vista.
Captures snapshots of semi transparent windows.
Visual Surveillance filtering.
Support for Firefox web monitoring In addition to Internet Explorer.
Takes screenshot when one of predefined keywords is typed.
Auto Uninstall at a specific date.
Textual Surveillance filtering.
Keylogger was translated to Czech (Cestina).
2-Sides IM Logging.
Option to set Keyloger to capture only the active Window.
Support for Opera web monitoring In addition to Internet Explorer & Firefox.
Keylogger was translated to German (Deutsch), French (Francais), Dutch (Nederlands), Italian (Italiano), Spanish (Espanol) and Portuguese (Portugues).
Keylogger was translated to Swedish (Svensk).

For Window User, START HACKING NOW,

www.tips-fb.com

What to do when your Orkut Account is Hacked ?

www.tips-fb.com

It can be a nightmare if someone else takes control of your Google Account because all your Google services like Gmail, Orkut, Google Calendar, Blogger, AdSense, Google Docs and even Google Checkout are tied to the same account.

Here are some options suggested by Google Support when your forget the Gmail password or if someone else takes ownership of your Google Account and changes the password:

1. Reset Your Google Account Password:
Type the email address associated with your Google Account or Gmail user name atgoogle.com/accounts/ForgotPasswd – you will receive an email at your secondary email address with a link to reset your Google Account Password. This will not work if the other person has changed your secondary email address or if you no longer have access to that address.

2. For Google Accounts Associated with Gmail:
If you have problems while logging into your Gmail account, you can consider contacting Google by filling this form. It however requires you to remember the exact date when you created that Gmail account.

3. For Hijacked Google Accounts Not Linked to Gmail:
If your Google Account doesn’t use a Gmail address, contact Google by filling this form. This approach may help bring back your Google Account if you religiously preserve all your old emails. You will be required to know the exact creation date of your Google Account plus a copy of that original “Google Email Verification” message.It may be slightly tough to get your Google Account back but definitely not impossible if you have the relevant information in your secondary email mailbox.

www.tips-fb.com

How to Hack Orkut

www.tips-fb.com
How To Hack Orkut ???
Google uses a 4 Level Orkut login which makes it difficult to hack Orkut using brute force attack.

Second Level – Google account checks for cookie in the sytem of user
Third Level – Google provides a redirection to the entered User information
Fourth Level – Google doesn’t use conventional php/aspx/asp coding. So it is impossible to hack Orkut using input validation attack!!!

It is not an easy task to hack Orkut by breaking this security! But still some people manages to get access to other’s Orkut accounts. The question concerned is How they do it? Many of them just use simple tricks that fool users and then they themself leak out their password. Here are some points you need to take care of, to protect your Orkut account being hacked.

Common Ways to Hack Orkut

1. Using Keyloggers is one of the Easiest Way to Hack an Orkut (or any other email) password.Keylogger programs can spy on what the user types from the keyboard. If you think that you can just uninstall such programs, you are wrong as they are completely hidden.

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an Orkut account.

A keylogger program is widely available on the internet. Some of the best ones are listed below

All In One Keylogger

SniperSpy ,

Aobo Mac OS X Keylogger (For Mac User)

A detailed information on Keylogger Hack can be found in my post Hacking an Email Account.

2. Phishing Attack is the most popular way of hacking/stealing other’s password. By using fake login pages it is possible to hack Orkut. Here the users land on a page where they are asked for their login information and they enter their Orkut username and password thinking it to be a real page but actually it is other way round. It submits all the entered details to the creator of the fake login page.

3. Orkut New Features: I have come across a page(fake page) that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When the user submit’s his/her Orkut login information through this page, there goes his ID and password mailed to the coder.

4. Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT notORKUT. This is definitely a trap created by the hacker to hack your Orkut password. Clicking on this link will take you to a fake login page and there you loose up your password.

5. Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it. So be careful, javascripts can even be used to hack Orkut!

6. Primary mail address: If by some means a hacker came to know the password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on ‘forget password’. This way Google will send link to the already hacked primary email ID to change the password of the Orkut account. Hence the email hacker will change your Orkut account’s password. Hence your, Orkut account is hacked too.

So a better thing would be to keep a very unknown or useless email ID of yours as primary email id so that if the hacker clicks on ‘Forgot password’ the password changing link goes to an unknown email id i.e. not known to the hacker. Hence your Orkut account saved.

So, I hope that this post not only teaches you to hack Orkut but also to hack protect your Orkut account.

If you would like to share something, comment here and I will add up here with a credit to your name.

www.tips-fb.com

Hack Protect your Orkut Account

www.tips-fb.com

Most of the people ask me “How to hack an Orkut account” which I have already discussed in my previous post Hacking Orkut. But here I am giving you a detailed information about how to protect your Orkut accounts. As we all know most of the Google services are still in BETA. So,websites like Orkut, powered by Google is not totally secure!Several people feel proud in hacking other user’s account. You do a foolish thing, and next day your account is hacked. This is very sad indeed, but hackers are adding names to their victims list till now.

How can a hacker hack my Orkut account?
The answer to this question is already discussed in my previous post How to Hack Orkut.

But this post is meant for providing some safety measures to prevent your Orkut account from being hacked. There is not much you have to take care of. Just follow the simple steps and never get your orkut account hacked in your life.

1. Never try to login/access your Orkut account from sites other than Orkut.com.

2. Never click on any links from the sources you don’t trust while accessing your Orkut account. (or while accessing any other Google services like Gmail,Blogger etc.)

3. Delete any links on your scrapbook, no matter if a known or unknown person have sent it.

4. Never disclose your orkut login details with anyone.

5. Never ever use Javascripts on Orkut, no matter whatever it claims to do. Get satisfied with the services provided by default! Avoid using third party Scripts which might be malicious.

6. Never get excited to see a site claiming to have 1000 cool orkut tricks for which you have to just log in to your orkut account. Don’t trust that site. That’s a Phishing site.

7. Never tick the box “REMEMBER ME” on the orkut homepage if you are surfing from a cafe or a public area.

8. Always remember to hit Sign out button, when you are done.

www.tips-fb.com

Chat without Yahoo Messenger or Gtalk

www.tips-fb.com

Can we chat without Yahoo messenger? Most of us are familiar with the most widely used applications such as Yahoo messenger and Gtalk to carry out chatting with our friends.But here I’ll show how to chat without Yahoo messenger or Gtalk.As we all know the information we exchange with their servers(Yahoo or Gtalk) are recorded and stored along with the corresponding IP addresses.This may hurt our privacy since all the information we exchange while chatting has to pass through a third party server.

Moreover if the matter is highly confidential, then it is necessary to have a totally private chat where the messages are exchanged only between the people involved in the chat and not with any other third party servers.At these situations, it is better to chat without Yahoo messenger.
So, how to carry out a private chat without Yahoo messenger or Gtalk?
For this purpose there exists many softwares that support’s you to host a web-based chat system without any additional software or services.So with these softwares the exchange of messages takes place directly between the two persons engaging in the chat and will not pass through any other third party server.This ensures 100% privacy and eliminates the desperate need to chat with Yahoo messenger.
One of my favorite program for private chat is Easy Chat Server

Easy Chat Server is a Windows program that allows you to host a web-based chat system without any additional software or services. Unlike other chat server, you do not need to install Java. It allows you to build one or more web-based chat rooms on your machine, and provides advanced chat functionalities aiming to offer discussion space for your users, customers and partners.
Here are some of the screenshots of Easy Chat Server.

Key Features of Easy Chat Server:
  • Easy to use, Simple installation that will have you up and running in minutes.
  • 128-Bit Security Socket Layer(SSL) support. support for server level certificate creation.
  • Instantly runs a complete chat server on your PCs – does not need to install any Web Server.
  • Supports full private messaging and One to One private chat.
  • Support of images, smileys, avatar icons.
  • Full chat and access logs are available within the chat server.
  • Have a built-in IP Filter, supports banning/unbanning IP address, securely.
  • Multiple styles available for the user to customize rooms.
  • Unlimited rooms and users, no any annual, per-user, or maintenance fees.
  • No spyware, adware or other unwanted extra programs.
www.tips-fb.com

Email Tracking

www.tips-fb.com

One of most the frequently asked question is how to track an email back to the sender.That is how to determine the sender of the email? The most obvious answer is by looking at the “From:” line! But this way of tracking does not work all the time since most of the spammers forge the email address or most of the spam that we get has a forged email address.This is also known as a spoofed email.Is it possible to send email from other’s address?Yes it is possible to send email from anyone’s name.Why not, you can send an email even from Bill Gate’s Email ID.If you need a proof look refer the post Send Spam Email To Friends

For more information on how to send a spoofed email refer the following post (link).

How To Send Fake Emails

OK now let’s come back to the topic of email tracking.So how do you determine where a message actually came from?Inorder to track an email we have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack an email to the source network, sometimes the source host.

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message.I have double spaced the headers to make them more readable.

Return-Path: <s359dyxtt@yahoo.com>
X-Original-To: sriki@example.com
Delivered-To: sriki@example.com
Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7for <sriki@example.com>; Sun, 16 Nov 2003 09:50:37 -0800 (PST)
Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200
Message-ID: <n5-l067n7z$46-z$-n@eo2.32574>
From: “Maricela Paulson” <s359dyxtt@yahoo.com>
Reply-To: “Maricela Paulson” <s359dyxtt@yahoo.com>
To: sriki@example.com
Subject: You Have won $10000 in US Lottery Scheme
Date: Sun, 16 Nov 2003 19:42:31 +0200
X-Mailer: Internet Mail Service (5.5.2650.21)
X-Priority: 3
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=”MIMEStream=_0+211404_90873633350646_4032088448″
According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time.

This message didn’t come from yahoo’s email service.
The header most likely to be useful in tracking the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider in tracking is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.
Here’s is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.
sriki@nqh9k:[/home/sriki] $whois 12.218.172.108 AT&T WorldNet Services ATT (NET-12-0-0-0-1)12.0.0.0 – 12.255.255.255Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)12.218.168.0 – 12.218.175.255
# ARIN WHOIS database, last updated 2003-12-31 19:15# Enter ? for additional hints on searching ARIN’s WHOIS database.
I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.
sriki@nqh9k:[/home/sriki] $nslookup 12.218.172.108
Server: localhostAddress: 127.0.0.1
Name: 12-218-172-108.client.mchsi.comAddress: 12.218.172.108
Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com/, I get Mediacom’s web site.
There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host’s IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.
A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.


www.tips-fb.com

A Closer Look at a Vulnerability in Gmail

www.tips-fb.com

Gmail is one of the major webmail service provider across the globe. But as we all know Gmail still carries that 4 letter word BETA. Sometimes we may wonder, why Gmail is still in the testing stage even after years of it’s emergence. Here is one small reason for that.

Gmail follows a strict rule that doesn’t allow it’s users to have their first or the last name contain the termGmail or Google. That is, while signing up for a new Gmail account the users cannot choose a first or last name that contains the term Gmail or Google. You can see this from the below snapshot.

Google or Gmail cannot be used as first or last name

This rule is implemented by Gmail for obvious reasons, because if the users are allowed to keep their first or the last name that contains the term Gmail or Google, then it is possible to easily impersonate the identity of Gmail (or Gmail Team) and engage themselves in phising or social engineering attacks on the innocent users. This can be done by simply choosing the first and last name with the following combinations.

First Name Last Name

Gmail Team

Google Team

Gmail Password Assistance

From the above snapshot we can see that, Gmail has made a good move in stopping the users from abusing it’s services. However this move isn’t just enough to prevent the malicious users from impersonating the Gmail’s identity. Because Gmail has a small vulnerability that can be exploited so that the users can still have their name contain the terms Gmail or Google. You may wonder how to do this. But it’s very simple.

1. Login to your Gmail account and click on Settings.

2. Select Accounts tab

3. Click on edit info

4. In the Name field, select the second radio button and enter the name of your choice. Click on Save Changes and you’re done!

Now, Gmail accepts any name even if it contains the term Google or Gmail. You can see from the below snapshot

gmailhack

Allowing the users to have their names contain the terms Gmail or Google is a serious vulnerability even though it doesn’t seem to be a major one. This is because a hacker or a malicious attacker can easily exploit this flaw and send phishing emails to other Gmail users asking for sensitive information such as their passwords. Most of the users don’t even hesitate to send their passwords since they believe that they are sending it to Gmail Team (or someone authorized). But in reality they are sending it to an attacker who uses these information to seek personal benefits.

So the bottomline is, if you get any emails that appears to have come from the Gmail Team or similar, don’t trust them! Anyone can send such emails to fool you and take away your personal details. Hope that Gmail will fix this vulnerability as soon as possible to avoid any disasters.

www.tips-fb.com

Gmail Hacking Tool – A New Way to Hack Gmail

www.tips-fb.com

A new Gmail hacking tool that is capable of automatically stealing the Gmail IDs of non-encrypted sessions and breaking into Gmail accounts has been presented at the Defcon hackers’ conference in Las Vegas.

Last week Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, and not only, authentication. Users who did not turn it on now have a serious reason to do so as Mike Perry, the reverse engineer from San Francisco who developed this Gmail hacking tool is planning to release the tool in two weeks.

When you log in to Gmail account the website sends a cookie (a text file) containing your session ID to the browser. This file makes it possible for the website to know that you are authenticated and keep you logged in for two weeks, unless you manually click the sign out button. When you click sign out this cookie is cleared.Even though when you log in, Gmail forces the authentication over SSL (Secure Socket Layer), you are not secure because it reverts back to a regular unencrypted connection after the authentication is done.

According to Google this behavior was chosen because of low-bandwidth users, as SLL connections requires high bandwidth.The problem lies with the fact that every time you access anything on Gmail, even an image, your browser also sends your cookie to the website. This makes it possible for a hacker to sniff the traffic on the network to insert an image served from http://mail.google.com and force your browser to send the cookie file, thus getting your session ID. The new Gmail hacking tool is capable of doing this. Once this happens the hacker can log into the account without the need of a password. People checking their e-mail from public wireless hotspots are more likely to get hacked than the ones using secure wired networks.

Perry mentioned that he notified Google about this situation over a year ago and even though eventually it made this option available, he is not happy with the lack of information. “Google did not explain why using this new feature was so important” he said. He continued and explained the implications of not informing the users, “This gives people who routinely log in to Gmail beginning with an https:// session a false sense of security, because they think they’re secure but they’re really not.

“If you are logging in to your Gmail account from different locations and you would like to benefit from this option only when you are using unsecured networks, you can force it by manually typinghttps://mail.google.com before you log in. This will access the SSL version of Gmail and it will be persistent over your entire session and not only during authentication.

Some of the Simple and Effective ways to Hack Gmail (or any email password) and the Tools used for Hacking is discussed in my previous post Hacking an Email Account. It is highly recommended that you refer this post.

www.tips-fb.com

How to Hack an Email using Hardware Keylogger

www.tips-fb.com

Did you know that keyloggers are the simplest way to hack an email password?. Today I’ll be giving you a detailed information on hardware keyloggers and their use.I will also teach how to hack an email using hardware keylogger. If you are new to the concept of keyloggers or haven’t read my previous post about email hacking then you must refer my previous post Hacking an email account. Here i’ll give a breif description about keyloggers.

A software keylogger (or simple keylogger) is a stealth computer program that captures every keystroke entered through the keyboard.

Now i’ll tell you what is a hardware keylogger and how it can be used for hacking an email.

Hardware Keyloggers are used for keystroke logging, a method of capturing and recording computer user keystrokes. They plug in between a computer keyboard and a computer and log all keyboard activity to an internal memory. They are designed to work with PS/2 keyboards, and more recently with USB keyboards. A hardware keylogger appears simply as a USB pendrive (thumb drive) or any other computer peripheral so that the victims can never doubt that it is a keylogger. So by looking at it’s appearence it is not possible to identify it as a keylogger. Here are some of the images of hardware keyloggers for your convenience.

So by looking at the above images we can come to know that hardware keyloggers look just like any USB or PS/2 device. So it is very hard to identify it as a keylogger.

Insatalling a Hardware Keylogger to Hack the Email Password

The hardware keylogger must be installed between the keyboard plug and the USB or PS/2 port socket. That is you have to just plug in the keylogger to your keyboard’s plug (PS/2 or USB) and then plug it to the PC socket. The following image shows how the keylogger is installed.

Once you install the hardware keylogger as shown in the above two images the keylogger starts recording each and every keystroke of the keyboard including email passwords and other confidential information. The hardware keylogger has an inbuilt memory in which the logs are stored.

www.tips-fb.com
Related Posts with Thumbnails