Tuesday 29 October 2013

HOW TO HACK GMAIL AND FACEBOOK WITH BACKTRACK 5



Welcome again to "HACKERS CRUSADE - An approach to introduce and embed people with the truth of HACKING".  This article is only for educational purpose don't misuse this information. 
Requirement 
Attracker :: Backtrack 5
Open Backtrack
Type ifconfig to check IP
Now Again Open Your Backtrack terminal and Type cd  /pentest/exploits/set
Now Open Social Engineering Toolkit (SET) ./set
Choose option 2, Website Attack Vectors
Choose option 4, Tabnabbing Attack Method”.
Choose option 2, "Site Cloner"


Enter the URL of the site you want to clone. In this case http://www.gmail.com and hit enter.
Now send your IP to victim and when victim open IP is browser a fake Gmail page start working and when user input Username and Password in fake page. The Username and Password displayed on SET.
 
Hope you like the tutorial ... 

Be a real hacker - PROFESSIONAL, and change the trend of HACKING.

Hello friends today in my article I'll tell you what is SSL and how SSL create a secure communication between the web client and the web server. I know everyone know about http:// and https://, HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a secure communication between them. What is a Secured Socket Layer (SSL)? A Secured Socket Layer, or SSL, is the usual way that a website creates a secure connection with a web browser. Whenever a web surfer visits a secure site that uses SSL technology, it creates an encrypted link between their browser session and the web server. SSL is the industry standard for secure web communication and is used to protect millions of online transactions each day. What is a SSL Certificate? The web server must have an SSL certificate before it can create an SSL connection. When someone activates SSL protocols on their web server, they are asked to answer questions that will establish their identity. The questions ask for information about both the website and the company. After the SSL certificate is requested, the web server creates two cryptographic keys, one is a Private Key and the other is a Public Key. These keys are used along with the encryption formula to create the secure link between the web server and browser sessions. Public Keys vs. Private Keys As the name implies, the Public Key is not kept secret. It is placed into the Certificate Signing Request (CSR) which is a data file that contains the website's details. The CSR is submitted to the SSL Digital Certificate group for validation as part of the SSL certificate application process. Once the details are validated, the SSL certificate is officially issued, and the website is allowed to use SSL. Next, the web server confirms that the SSL certificate matches the Private Key. This makes sure that SSL certificate is only used by the website that originally requested it. At this point, the web server is able to create safe encrypted links, or communication paths, between its website and a customer's browser. What's in a SSL Certificate? Most SSL certificates include the domain name (web address), company name, company address, the certificate's expiration date, and information about the certification authority who issued the certificate. Individuals are not usually allowed to possess a SSL certificate. In virtually all cases, SSL certificates are only issued to companies. Which websites need SSL Certificate? The websites where a private conversation is occurred, Websites related to online transactions or other sensitive information needs to be protected needs to SSL Certificate. Security Tip : Hackers always use different types of attacks such as Packet sniffing or ARP Poisoning to steal your sensitive information, never give your password or credit card information or any other sensitive information on public computers or on Msn and any other Instant Messenger. Hope this is informative and if u have any question, query or any suggestion kindly post us.



 Hello friends today in my article I'll tell you what is SSL and how SSL create a secure communication between the web client and the web server. I know everyone know about http:// and https://,  HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a secure communication between them.


What is a Secured Socket Layer (SSL)?

A Secured Socket Layer, or SSL, is the usual way that a website creates a secure connection with a web browser. Whenever a web surfer visits a secure site that uses SSL technology, it creates an encrypted link between their browser session and the web server. SSL is the industry standard for secure web communication and is used to protect millions of online transactions each day.

What is a SSL Certificate?

The web server must have an SSL certificate before it can create an SSL connection. When someone activates SSL protocols on their web server, they are asked to answer questions that will establish their identity. The questions ask for information about both the website and the company. After the SSL certificate is requested, the web server creates two cryptographic keys, one is a Private Key and the other is a Public Key. These keys are used along with the encryption formula to create the secure link between the web server and browser sessions.
  
Public Keys vs. Private Keys

As the name implies, the Public Key is not kept secret. It is placed into the Certificate Signing Request (CSR) which is a data file that contains the website's details. The CSR is submitted to the SSL Digital Certificate group for validation as part of the SSL certificate application process. Once the details are validated, the SSL certificate is officially issued, and the website is allowed to use SSL. Next, the web server confirms that the SSL certificate matches the Private Key. This makes sure that SSL certificate is only used by the website that originally requested it. At this point, the web server is able to create safe encrypted links, or communication paths, between its website and a customer's browser.
  
What's in a SSL Certificate?

Most SSL certificates include the domain name (web address), company name, company address, the certificate's expiration date, and information about the certification authority who issued the certificate. Individuals are not usually allowed to possess a SSL certificate. In virtually all cases, SSL certificates are only issued to companies.

Which websites need SSL Certificate?

The websites where a private conversation is occurred, Websites related to online transactions or other sensitive information needs to be protected needs to SSL Certificate.

Security Tip : Hackers always use different types of attacks such as Packet sniffing or ARP Poisoning to steal your sensitive information, never give your password or credit card information or any other sensitive information on public computers or on Msn and any other Instant Messenger.

 Hope this is informative and if u have any question, query or any suggestion kindly post us.

TRACING E-MAIL





Welcome to (HACKERS CRUSADE - "An approach to introduce and embed people with the truth of HACKING"), Hello friends today in my article I'll tell you how can you you trace your e-Mail's on Internet but before starting i Just want to ask something from you....

  • Are you receiving abusive e-mails from unknown people?
  • Are you being blackmailed or threatened through e-mail?
  • Are your children receiving e-mails filled with adult contents?
Now you can solve all these questions with little understanding of E-MAIL tracing. Most modern day Internet user uses standard e-mail clients like Opera, Microsoft outlook, Outlook Express etc to send or receive e-mail messaging on the Internet. It is extremely important for Internet users to understand how e-mail travel on the Internet.

All e-mails communications on the Internet is governed by rules or regulation, which is sub divided into two different protocols:
  • SMTP (SIMPLE MAIL TRANSFER PROTOCOL)  (Port 25)
  • POP (POST OFFICE PROTOCOL) (Port 110)
The SMTP protocol is used to send e-mails, while POP protocol is used to receive e-mails.

Generally, the path taken by an email while traveling from sender to receiver can be explained by following diagram.

E-MAIL HEADERS                                                              

The most effective & easier way to trace an e-mail is to analyze its headers. Most cyber crime investigators turn to e-mail headers for evidence in any kind of e-mail related crime. E-MAIL headers are automatically generated and embedded into an e-mail message both during composition & transfer between system. A typical e-mail header looks something like this:



To read the e-mail header you have to start reading it from bottom, there are several puzzle pieces which you have to solve. In example or for simple understanding divide the e-mail header into 2 part:


This part of header tell you the e-mail sent from Sahil Mahajan <sahil_mahajan91@yahoo.com> to sahilmahajan91@gmail.com with Subject: HACKING begins on Date: Wed, 2 Feb 2011 06:01:57, MESSAGE ID is very useful part of e-mail, many crime investigation companies use this ID code to solve cases.

In another part of the email header is very critical portion of the e-mail, which contains the sensitive information about the path traveled by e-mail. bottom to up rule is implemented to read this part of e-mail.
 
 
Received: from [218.248.64.165] by web120406.mail.ne1.yahoo.com via HTTP; Wed, 02 Feb 2011 06:01:57
This is the last received line in the email header their we examine in above picture, it shows that someone using the IP [218.248.64.165], this is the source system from which the e-mail is delivered to mail server, trace this IP address and you can easily find the Sender from which you receives the fake or  abusive e-mails. Tracing e-mails have many faces but due to some security reason we cant reveal them but by simply following this method you can easily detect any unknown sender who send you fake mails....

Hope this is informative and if u have any question, query or any suggestion kindly post us.

Be a real hacker - PROFESSIONAL, and change the trend of HACKING.

PROTECT YOUR FOLDER

Welcome to (HACKERS CRUSADE - "An ESTIMATE to introduce and embed people with the truth of HACKING"),  Hello friends today in my post I'll tell you how can you secure your folder without using any software or any password to any folder, i found an unique way to hide the folder and secure your private data from other
 users. Many of people use additional software to lock folder or use hide folder technique but these are easy to detectable and disclose sensitive data to every user. Today I'll tel you how can you secure your data within in a folder with a simple trick by which we can easily change a normal folder to some unique folder. In this technique a folder is changed in to My Computer, Recycle bin, Search box, History, Control Panel etc.
Just rename your folders to given below CLSID values and hide your sensitive data  in it.

Codes to change the folder type                                                       

  • My Computer : {20D04FE0-3AEA-1069-A2D8-08002B30309D}
  •  
  • Control Panel : {21EC2020-3AEA-1069-A2DD-08002B30309D}

  • History : {FF393560-C2A7-11CF-BFF4-444553540000}

  • Recycle Bin : {645FF040-5081-101B-9F08-00AA002F954E}

  • Search : {1f4de370-d627-1161-ba4f-00a0c91eedba}

  • My Documents : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (Vista)

Implementation : Create a new folder and rename it, then write above code as extension to folder.
 Follow these steps to open folder : To open folder to see the contents of folder you have to rename it from DOS or you can easily open you folder to make an .Bat file. Example : Make two batch files to access or hide the contents of folder.

 Save this file as .bat file, this batch file is to access the contents of folder.

Save this file as .bat file, this batch file is to hide the contents of folder.

Hope this is informative, kindly post your views and suggestions or comment on it.

Be  a real Hacker - PROFESSIONAL, and change the trend of HACKING. 

Thanks and regards :
Monday Desmond AKA MASTACODA

HIDE DATA IN PICTURES

G

Today in this post I'll tell you how can you hide your data in a picture. This is an easy technique to secure your data from misuse. Everyone wish to place there sensitive data in a secure manner, so there is an alternative to hide your data in a picture without uploading any additional software in your system, before explaining I'll introduce you with this technique this is called Stegnography.


What is Stegnography ?

Stegnography is defined as the art of hiding information, data or messages in an image. Even the different file formats can be used for the purpose of hiding the information like for example the video or audio etc. The purpose is to pass on the information with out any regard or knowledge of others safely to the destination. The advantage of stegnography is that those who are outside the party even do not realize that some sort of communication is being done. 

Follow these steps to hide data in picture :

  • Copy your data and image file to the same Folder.  
  •  Start > Run > CMD > CD to the folder that contain data, image files.
  • Type this command:

    copy /b image_file.jpg +data_file.rar image_file.jpg
     
 NOTE: image_file.jpg is an image file and data_file.rar is a data file.

To show the data file again just rename the image_file.jpg to data_file.rar, then your data file will be displayed, after that just rename it to image_file.jpg to hide data again.

 Hope this will be informative for you, kindly post your comments ask any kind of problem occur on this article.

HIDE YOUR DRIVES FROM MY COMPUTER



  in this article I'll teach you how to hide your drives for My Computer and secure your from misuse. Well their are mainly three methods to hide your drives in computer so no one can access those drives without your permission. Today I'll teach you an effective method to hide your drive partition from My Computer and make your data private and secure. Now a day everyone want to hide their drives because of
security reasons or to protect data from multiple users. To protect your data from misuse just follow these steps.

Follow these steps to hide your drives

  • Click on START button & then click on RUN. 
  •  Type "DISKPART"  (window pop like cmd)
  •  Type LIST VOLUME
  •  Type which drive you want to hide..
  •  Type SELECT VOLUME 3 (example: If we want to hide D drive then select volume 3 )
  •  Volume 3 is the selected volume. 
  •  Now type REMOVE LETTER D. 
  •  DiskPart removed the drive letter.  
  • Reboot your system.
By using this method you can easily hide your driver & make your data secure from misuse. To show the drive again in My Computer is simply done by changing the keyword "REMOVE" to "ASSIGN", just replacing these word you can easily show your drives in My Computer.

 Hope this will be informative for you, kindly post your views or comments on this article.

Be a real hacker - PROFESSIONAL, and change the trend of HAcKING.

Thanks & Regards:

Monday Desmond

RECOVER YOUR DELETED FILES



Today in this articale I'll tell you how can you recover your deleted files from Hard Drive. Some time accidentally we delete files from Hard Disk, Do you want to Recover them back ?? Then you don't need to panic.It is possible to recover Photos & files even if you have deleted them even if you have deleted them from recycle bin. In this post I'll tell you can find information on How to recover files from windows.
Today there exist hundreds of recovery tools but all of them are not capable to recover deleted files in their original manner or neither they are capable of recovering deleted files.

So it is very much necessary to make the right choice of the recovery software in order to recover deleted files back in the original condition. We recommend the following software to recover the deleted files:


RECUVA - RECOVER FILES (FOR WINDOWS)

visit link : http://www.piriform.com/recuva

Recuva :Runs on Microsoft Windows 7, Vista, XP and 2000. Including both 32-bit and 64-bit versions. 

 Features of RECUVA 

  • Undelete files on your computer. 
  • Recovery from damaged or formatted disks. 
  • Recover deleted emails. 
  • Recover deleted iPod music. 
  • Restore unsaved Word documents. 
  • Quick-Start Wizard. 
  • Deep Scan. 
  • Securely delete files you want to erase forever. 
  • Portable version.
  • Full Windows OS support and many languages.
What are the Chances of Recovering my files Back?Since the operating system does not use the space for deleted Files so its certainly possible to recover files in its original condition.The only condition is to act as early as possible before the hard disk re use the deleted space.

Hope this will be informative for you, kindly post your views or comments on this article.

posted by: Monday Desmond AKA MASTACODA

HOW TO HACK / BYPASS CYBEROAM



Today in this post I'll tell you how can you hack or bypass Cyberoam security. Mainly Colleges, Institutions or Offices use Cyberoam to block certain Websites at their places. My friends always asked me about " How to access blocked websites " so guys this article is for you. Some times keywords or IP addresses are blocked by Cyberoam  to restrict number of proxy sites. Accessing blocked websites form Proxy Websites are doesn't works always and quite difficult to find right proxy website to access blocked websites.

What is Cyberoam ? 


Cyberoam’s identity-based Unified Threat Management solution and Cyberoam Central Console are products of Elitecore Technologies Limited and offer identity-based security. 
Cyberoam's hardware firewall offers stateful and deep packet inspection for network, application and user identity-based security. Cyberoam UTM Firewall thus protects organizations from DoS, DDoS and IP Spoofing attacks.
Cyberoam’s patent pending, Layer 8 Human Identity-based firewall appliance enables work-profile based policies and a single interface for policy creation across all the UTM features, providing ease of management and high security with flexibility. Cyberoam regularly identifies certain keywords and add them to its database of blocked keywords. Now if any of these keyword is included in the Website TITLE or URL then it will be automatically blocked

TECHNIQUES TO BYPASS OR HACK CYBEROAM  
  • USE TOR
  1. Download TOR Browser ( Download )
  2. Install or Extract TOR browser in a portable USB drive.
  3. Plug your USB drive in computer and start TOR browser and start surfing on Internet, Now all websites like FACEBOOK, ORKUT, BLOGGER are accessible.
  • CACHED HACK
This HACK work for all blocked websites. You can easily open blocked websites using this technique. When you search anything using google In the each search result there are two things in blue color prior to URL i.e Cached and Similar. To view that blocked Website You have to click on Cached
 Click on CACHED to access blocked websites.
  • PING HACK
There are millions of Proxy websites available on Internet. Find non popular proxy websites to open blocked websites. Then follow these steps
  1. Start Command Prompt.
  2. Type Ping www.proxywebsite.com
  3. Copy IP address of that proxy website and paste into on you browser.
  4. Your blocked website will be unblocked.
Note : Try to find non popular proxy website, there are lots of proxy websites available on Internet and not be able to cyberoam block all proxy websites from Internet so this hack will surely work if you find non popular proxy website which make fool to cyberoam.
  • HTTPS HACK
Try to find proxy website that uses https i.e. SSL proxies are also not blocked by any Cyberoam.


Hope this will be informative for you, kindly post your comments or question related on this article.
Be a Real Hacker - PROFESSIONAL, and change the trend of HACKING.

Thanks and regards : Monday Desmond

HOW TO ACCESS BLOCKED WESITES



in this article i'll teach you how to access the blocked websites, some times at colleges, cyber cafes and offices some of websites are blocked by some reasons so these sites can't be accessed by any
user. This article suggests workarounds to help you unblock access to restricted websites at universities, school and offices. Social sites that are often blocked include Google News, Blogger blogs, YouTube, Face book, Orkut, My Space, Photo bucket, Yahoo! Messenger, AOL AIM, Flicker etc at schools and colleges.
Well today i m telling two alternative ways two access the restricted websites.

METHOD 1 :   Change http to https

In this method when we write URL in address bar, try https instead of http, well this method is not applicable for each and every site, so many few websites might be accessed by this method.

.
METHOD 2 :   Proxy Websites To Access Blocked Websites

In this second method we use proxy websites to gain access to restricted websites, Proxy websites allows us to bypass our current ISP’s IP and connect to targeted website with a different IP; thus hiding our actual origin from detectable. Well there are many proxy websites on Internet based proxy server to hide the original IP to access blocked websites. Internet users use proxy websites for various reasons, some to access websites potentially blocked by their colleges or workplace, some use it to test their scripts. Instead of going directly to the those website open your browser and connect to proxy websites to gain access for restricted websites. Here i m introducing a cool Internet based proxy server which help you to access blocked websites.
COOL TUNNEL : http://www.cooltunnel.com/ ( click on given link)


here in  below you found an input box, just past your website URL and click on Browse, after few seconds the blocked website you will be able to access.
Hope this was informative, kindly post your views or comments on this article.

posted by: Monday Desmond AKA MASTACODA

PROTECT AND SECCURE YOUR BROWSING



Today in this post I'll tell you how can you secure your browsing, we all know that when we surf on Internet and type URLs on address bar it was tracked, mainly the purpose of saving your each and every URLs in address bar to save you from typing the URLs next time that you visit the site. Yes it was very
essential and save our time, but now think it from another side, when we type URLs on anther computers or another public place cafes !! In result every user that access that system can find out that address you type in address bar and some time most probably you can also store your "ID PASSWORD" in public place computer & some time when we visit an link then its colour might be changed and anyone can judge that this link was visited earlier. To avoid all these mistakes and to make your browsing secure there is an alternative to make your own portable browser so if you save your passwords or not clear your history then it was doesn't show to any one and you can easily browse on Internet without any fear. Mozilla Firefox, Portable Edition make this job easy, we all know that Mozilla Firefox is a free and open source web browser descended from the Mozilla Application Suite and managed by Mozilla Corporation. Mozilla firefox is well known for its high performance, easy customization, advanced security.

Mozilla Firefox (Portable Edition)                                     

Mozilla Firefox , Portable Edition introduce an effective way to keep your browsing simple, easy and secure. You can easily Install Mozilla firefox into your USB, just install your Mozilla firefox into USB drive by changing the drive letter and path and secure your browsing, when you browse on public place computers then you just only need to plug your USB and open your own browser, with the help of this you can secure you browsing and also carry your history addresses with your USB. To make your private browsing open your USB mozilla firefox browser, Go to Menu bar> Click on Tools> Start private browsing. In a Private Browsing session, Firefox won't keep any browser history, search history, download history, web form history, cookies, or temporary internet files.  However, files you download and bookmarks you make will be kept.




Download :: Mozilla Firefox , Portable Edition
To stop private browsing Go to Menu bar> Click on Tools> Stop private browsing.

Hope this was informative, kindly post your views or comments on this article.
Thanks and Regards...