Ok now that you have my attention :lp: Please read this guide that will
burst your bubble, beginner hackers. I am sorry for that.
You CANNOT hack emails or websites with just one or two clicks with some email hacking apps. You need to have proper information about the person that you are hacking. If you see sites that claim that they can hack email accounts within minutes and charge hundreds of dollars for it, just laugh at them and move on. Do not waste money on them as they will be just scamming you.
There are two ways to hack Accounts of a Website.
You CANNOT hack emails or websites with just one or two clicks with some email hacking apps. You need to have proper information about the person that you are hacking. If you see sites that claim that they can hack email accounts within minutes and charge hundreds of dollars for it, just laugh at them and move on. Do not waste money on them as they will be just scamming you.
There are two ways to hack Accounts of a Website.
Client Side Hacking
This method can be done depending what you choose. Client side hacking is basically hacking the person's pc and extract information. Antiviruses will detect the apis, assemblies, etc and prevent you from infecting them. In this case you need
1) Keylogging : This basically taps all the keystrokes that users type. When user types password you get it. The victim requires to execute the keylogger "server" file in order to be infected.
2) Password Stealing : Here you steal password saved on user's pc. Browsers often save passwords to provide quick login to the user, but this can be harmful sometimes. Here same as keyloggers you need to execute a file on client pc. You can use combination of keylogger and password stealers, such as my Emissary Keylogger/Stealer.
3) Cookie Stealing : Here you are stealing cookies of the user. Cookies can be used to auto login as they hold information about the account.
4) Remote Administration Tools : These tools are very dangerous and give you full control of a computer. You can view webcams, desktops live, transfer and download files.
5) Social Engineering : Social Engineering is nothing but fooling someone to download your malware or extracting sensitive information from them.
6) Phishing Attacks : Phishing is creating fake login pages similar to that of a website's login page and then fooling the person to enter their username and password into the login box. The triggered php scripts shall send the entered passwords to your log file.
7) Zombies/Bots : This is like keylogging and pass stealing if victim executes your malware he she can be infected with a bot. A bot will connect them to your irc channel or host server and make them your "Zombie". You can do whatever you want with them.
That covers the client part.
Server Side Hacking
1) Exploiting : Exploiting means finding a vulnerability and using it to your advantage. There are various publically disclosed vulnerabilities and exploits that you can simply search on google and HC. There are ways to exploit a server the most common ones are
1) XSS Cross Site Scripting,
2) RFI, LFI
3) Uploading Shells
4) SQL Injections
5) CSRF
6) Gaining Root Access to websites hosted on the same server and then intruding another site on the server.
7) Using Scripts to gain information known as Exploits.
These methods are very vast and cannot be explained in a few lines so I am not explaining them in this guide.
2) Bruteforce Attack : Bruteforcing is using a bruteforcer software to try combinations of words, numbers and symbols to fetch the login of your victim. But this rarely works and you need to have a powerful computer.
3) Reverting Accounts : Here we are fooling the website servers that we are the authorized user and we are the holder of an account. One of this vulnerability exists in Hotmail and existed in Facebook. Users just supplied some information about the clients such as last accessed ip address, contacts on contact list, date of birth, location, etc. With a bit of SE its not that hard to extract such information from the client.
That covers most of the basics of Email/Website Account "Hacking". Hope you don't buy into any of the bullshit after reading this guide.
Thank You, for reading.
2 comments:
you must write more posts on this topic because i really need
Yup, i'll. Thanks...
Post a Comment