Interesting Site

Read Newer Interesting Post on Facebook

Related Posts with Thumbnails
Showing posts with label Website Hacking. Show all posts
Showing posts with label Website Hacking. Show all posts

Phishing Tools Available Online

www.tips-fb.com

Tools that can help people potentially defraud innocent surfers are available for free download on the internet, it has been claimed.

The do-it-yourself kits provide all the essential tools for launching phishing attacks – those that use spoofed emails and fraudulent websites to trick people into giving out personal financial data.

Phishing scams are on the up. Security company MessageLabs has intercepted an average of 250,000 phishing emails a month so far in 2004, compared to just 14 phishing-related emails back in August 2003.

According to anti-virus company Sophos, the DIY kits contain all the graphics, web code and text required to construct fake websites that look like legitimate online banking or shopping sites. They also include spamming software which would let you send out millions of phishing emails as bait for potential victims.

“Until now, phishing attacks have been largely the work of organised criminal gangs, however, the emergence of these ‘build your own phish’ kits mean that any old Tom, Dick or Harry can now mimic bona fide banking websites and convince customers to disclose sensitive information such as passwords, PIN numbers and account details,” said a spokesman for Sophos.

“There is plenty of profit to be made from phishing. By putting the necessary tools in the hands of amateurs, it’s likely that the number of attacks will continue to rise.”

Surfers that receive a suspicious email that claims to come from an online bank or e-commerce site should delete them and not click on any included links.

www.tips-fb.com

What to do when your Orkut Account is Hacked ?

www.tips-fb.com

It can be a nightmare if someone else takes control of your Google Account because all your Google services like Gmail, Orkut, Google Calendar, Blogger, AdSense, Google Docs and even Google Checkout are tied to the same account.

Here are some options suggested by Google Support when your forget the Gmail password or if someone else takes ownership of your Google Account and changes the password:

1. Reset Your Google Account Password:
Type the email address associated with your Google Account or Gmail user name atgoogle.com/accounts/ForgotPasswd – you will receive an email at your secondary email address with a link to reset your Google Account Password. This will not work if the other person has changed your secondary email address or if you no longer have access to that address.

2. For Google Accounts Associated with Gmail:
If you have problems while logging into your Gmail account, you can consider contacting Google by filling this form. It however requires you to remember the exact date when you created that Gmail account.

3. For Hijacked Google Accounts Not Linked to Gmail:
If your Google Account doesn’t use a Gmail address, contact Google by filling this form. This approach may help bring back your Google Account if you religiously preserve all your old emails. You will be required to know the exact creation date of your Google Account plus a copy of that original “Google Email Verification” message.It may be slightly tough to get your Google Account back but definitely not impossible if you have the relevant information in your secondary email mailbox.

www.tips-fb.com

How to Hack a Yahoo Password

www.tips-fb.com

Everyday I get a lot of emails from people asking How to hack a Yahoo password? So if you’re curious to know how to hack a yahoo password then this is the post for you. In this post I will give you the real and working ways to hack Yahoo password.

There are number of sites on the web that provide information to hack a Yahoo password. So what’s special about this site? The only special about this site is that we do not bluff and mislead the readers. We actually teach you the real and working ways to hack a Yahoo password rather than telling some nonsense tricks to crack or hack some one’s yahoo password.

THINGS YOU SHOULD KNOW BEFORE PROCEEDING

With my experience of about 6 years in the field of Hacking and IT security, I can tell you that there are only TWO ways to hack a Yahoo password: They are Keylogging and Phishing. All the other ways are scams! Here is a list of facts that you need to know about hacking Yahoo password.

1. There is no ready made software or program that can hack a Yahoo password just by entering the target username. If you come accross a site that claims to sell a program to hack Yahoo password then it’s 100% scam.

2. Never trust any Hacking Service that claims to hack a Yahoo password just for $100 or $200. All the hacking services are scams.

The following are the only 2 foolproof methods to hack a Yahoo password.

1. EASIEST WAY TO HACK YAHOO PASSWORD

Using keylogger is the easiest way to hack a Yahoo password. Any one with a basic knowledge of computer can use a keylogger without any problems. It doesn’t matter whether or not you’ve physical access to the target computer. The following are some of the frequently asked questions about keyloggers.

1. What is a keylogger?

A keylogger is a small program that records each and every keystroke (including passwords) that a user types on a specific computer’s keyboard. A keylogger is also called as Spy program or Spy software.

2. Where can I get the keylogger?

There exists hundrends of keyloggers on the internet. But most of them are of poor quality and fail to deliver a good performance. The best keyloggers for hacking yahoo password are listed below.

All in one Key Logger

For more information on keyloggers, installation procedure and FAQs please refer my previous post:How to Hack an Email Account

3. Which keylogger is the best to hack Yahoo password?

Both the above mentioned ones are best for hacking Yahoo. However I recommend SniperSpy since it is more reliable and has got a better advantage over WinSpy. To get a complete review of SniperSpy please see my new post Which Spy Software to Choose

If you’re really serious to hack a Yahoo password then I strongly recommend using the mentioned keyloggers.

For a complete installation guide and more information on this softwares visit the following links

All in One Keylogger

2. OTHER WAYS TO HACK YAHOO PASSWORD

The other most commonly used trick to hack Yahoo password is using a Fake Login Page (also called as Phishing). Today, Fake login pages are the most widely used techniques to hack Yahoo password. A Fake Login page is a page that appears exactly as a Login page of sites like Yahoo, Gmail etc. But once we enter our password there, we end up loosing it.

Fake login pages are created by many hackers on their sites which appear exactly as Gmail or Yahoo login pages but the entered details(username & password) are redirected to remote server and we get redirected to some other page. Many times we ignore this but finally we loose our valuable data.

However creating a fake login page and taking it online to successfully hack a Yahoo password is not an easy job. It demands an in depth technical knowledge of HTML and scripting languages like PHP, JSP etc. So if you are new to the concept of hacking passwords, then I recommend using the keyloggers to hack Yahoo. Because Keyloggers are the easiest way to hack Yahoo password.

www.tips-fb.com

What are IP Addresses

www.tips-fb.com

An IP address (Internet Protocol address) is a unique address that certain electronic devices currently use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address. Any participating network device—including routers, switches, computers, infrastructure servers (e.g., NTP, DNS, DHCP, SNMP, etc.), printers, Internet fax machines, and some telephones—can have its own address that is unique within the scope of the specific network. Some IP addresses are intended to be unique within the scope of the global Internet, while others need to be unique only within the scope of an enterprise.
The IP address acts as a locator for one IP device to find another and interact with it. It is not intended, however, to act as an identifier that always uniquely identifies a particular device. In current practice, an IP address is less likely to be an identifier, due to technologies such as Dynamic assignment and Network address translation.

www.tips-fb.com

How to Hack Orkut

www.tips-fb.com
How To Hack Orkut ???
Google uses a 4 Level Orkut login which makes it difficult to hack Orkut using brute force attack.

Second Level – Google account checks for cookie in the sytem of user
Third Level – Google provides a redirection to the entered User information
Fourth Level – Google doesn’t use conventional php/aspx/asp coding. So it is impossible to hack Orkut using input validation attack!!!

It is not an easy task to hack Orkut by breaking this security! But still some people manages to get access to other’s Orkut accounts. The question concerned is How they do it? Many of them just use simple tricks that fool users and then they themself leak out their password. Here are some points you need to take care of, to protect your Orkut account being hacked.

Common Ways to Hack Orkut

1. Using Keyloggers is one of the Easiest Way to Hack an Orkut (or any other email) password.Keylogger programs can spy on what the user types from the keyboard. If you think that you can just uninstall such programs, you are wrong as they are completely hidden.

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an Orkut account.

A keylogger program is widely available on the internet. Some of the best ones are listed below

All In One Keylogger

SniperSpy ,

Aobo Mac OS X Keylogger (For Mac User)

A detailed information on Keylogger Hack can be found in my post Hacking an Email Account.

2. Phishing Attack is the most popular way of hacking/stealing other’s password. By using fake login pages it is possible to hack Orkut. Here the users land on a page where they are asked for their login information and they enter their Orkut username and password thinking it to be a real page but actually it is other way round. It submits all the entered details to the creator of the fake login page.

3. Orkut New Features: I have come across a page(fake page) that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When the user submit’s his/her Orkut login information through this page, there goes his ID and password mailed to the coder.

4. Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT notORKUT. This is definitely a trap created by the hacker to hack your Orkut password. Clicking on this link will take you to a fake login page and there you loose up your password.

5. Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it. So be careful, javascripts can even be used to hack Orkut!

6. Primary mail address: If by some means a hacker came to know the password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on ‘forget password’. This way Google will send link to the already hacked primary email ID to change the password of the Orkut account. Hence the email hacker will change your Orkut account’s password. Hence your, Orkut account is hacked too.

So a better thing would be to keep a very unknown or useless email ID of yours as primary email id so that if the hacker clicks on ‘Forgot password’ the password changing link goes to an unknown email id i.e. not known to the hacker. Hence your Orkut account saved.

So, I hope that this post not only teaches you to hack Orkut but also to hack protect your Orkut account.

If you would like to share something, comment here and I will add up here with a credit to your name.

www.tips-fb.com

Hack Protect your Orkut Account

www.tips-fb.com

Most of the people ask me “How to hack an Orkut account” which I have already discussed in my previous post Hacking Orkut. But here I am giving you a detailed information about how to protect your Orkut accounts. As we all know most of the Google services are still in BETA. So,websites like Orkut, powered by Google is not totally secure!Several people feel proud in hacking other user’s account. You do a foolish thing, and next day your account is hacked. This is very sad indeed, but hackers are adding names to their victims list till now.

How can a hacker hack my Orkut account?
The answer to this question is already discussed in my previous post How to Hack Orkut.

But this post is meant for providing some safety measures to prevent your Orkut account from being hacked. There is not much you have to take care of. Just follow the simple steps and never get your orkut account hacked in your life.

1. Never try to login/access your Orkut account from sites other than Orkut.com.

2. Never click on any links from the sources you don’t trust while accessing your Orkut account. (or while accessing any other Google services like Gmail,Blogger etc.)

3. Delete any links on your scrapbook, no matter if a known or unknown person have sent it.

4. Never disclose your orkut login details with anyone.

5. Never ever use Javascripts on Orkut, no matter whatever it claims to do. Get satisfied with the services provided by default! Avoid using third party Scripts which might be malicious.

6. Never get excited to see a site claiming to have 1000 cool orkut tricks for which you have to just log in to your orkut account. Don’t trust that site. That’s a Phishing site.

7. Never tick the box “REMEMBER ME” on the orkut homepage if you are surfing from a cafe or a public area.

8. Always remember to hit Sign out button, when you are done.

www.tips-fb.com

Proxy Servers and Anonymizers

www.tips-fb.com

Proxy is a network computer that can serve as an intermediate for connection with other computers. They are usually used for the following purposes:

  • As firewall, a proxy protects the local network from outside access.
  • As IP-addresses multiplexer, a proxy allows to connect a number of computers to Internet when having only one IP-address.
  • Proxy servers can be used (to some extent) to anonymize web surfing.
  • Specialized proxy servers can filter out unwanted content, such as ads or ‘unsuitable’ material.
  • Proxy servers can afford some protection against hacking attacks.

Anonymizers

  • Anonymizers are services that help make your own web surfing anonymous.
  • The first anonymizer developed was Anonymizer.com, created in 1997 by Lance Cottrell.
  • An anonymizer removes all the identifying information from a user’s computers while the user surfs the Internet, thereby ensuring the privacy of the user.
www.tips-fb.com

Port Scanning

www.tips-fb.com

Port Scanning is one of the most popular techniques used by hackers to discover services that can be compromised.

  • A potential target computer runs many ’services’ that listen at ‘well-known’ ‘ports’.
  • By scanning which ports are available on the victim, the hacker finds potential vulnerabilities that can be exploited.
  • Scan techniques can be differentiated broadly into Vanilla, Strobe, Stealth, FTP Bounce, Fragmented Packets, Sweep and UDP Scans.

Port Scanning Techniques


Port Scanning Techniques can be broadly classified into:

  • Open scan
  • Half- open scan
  • Stealth scan
  • Sweeps
  • Misc

Commonly used tools for port scanning

1.Tool: SuperScan 3.0

2. Tool: NMap (Network Mapper)

3. Tool: NetScan Tools Pro 2003

4. Tool: ipEye, IPSecScan

www.tips-fb.com

Domain Hijacking – How to Hijack a Domain

www.tips-fb.com


Domain hijacking

In this post I will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So let me first tell you what domain hijacking is all about.

Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).

The operation of domain name is as follows

Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.

1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.

2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.

For a clear understanding let me take up a small example.

John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.

What happens when a domain is hijacked

Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.

For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).

In this case the John’s domain name (abc.com) is said to be hijacked.

How the domain names are hijacked

To hijack a domain name, it’s necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients

1. The domain registrar name for the target domain.

2. The administrative email address associated with the target domain.

These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.

To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.

The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it. Email hacking has been discussed in my previous posthow to hack an email account.

Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or theadministrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.

How to protect the domain name from being hijacked

The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain. So refer my previous post on how toprotect your email account from being hacked. Another best way to protect your domain is to go forprivate domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.

www.tips-fb.com
Related Posts with Thumbnails