Email Hacking

Hack Email or Facebook Password using Iframe URI Phishing

4 weeks ago

by Raj Chandel in Email Hacking

First of all download Super Phisher and create a Phishing page (How to Create Phishing Page)

To get the URL of the phishing page upload the page on any webhost / localhost (XAMPP in my case).

Replace the URL link in the iframe code with the URL of the uploaded phishing page

Now visit http://dopiaza.org/tools/datauri/ , select Provide Text option in URL Generator page and pasting the modified exploit code (as shown above)

Once the code has been pasted in the Text Area , click on Generate Data URL

We will get the code as shown above after generating the URL.

In the code generated replce “plain” with “html”

Convert the above URL code in short URL by using “www.tinyurl.com”

Now send the converted URL to Victim

As soon the Victim will enter his credentials you will get the same

Reference URL: http://packetstormsecurity.com/files/121389/Iframe-URI-Phishing.html

Google+

Send Self- Destructing Messages through Google Docs

6 months ago

by Raj Chandel in Email Hacking, Others

First open Google Docs File from Here

Then you will get the option of “Create” On the Top at the left corner. Then choose the option Spreadsheet on it

Now choose the option “Script Manger” in Tools Section. As shown below.

As you will click on “Script Manager” option, you will get the picture like below on the screen. Now click the option “New”.

Then you will get “Google application script“open as shown below. Now, choose the option “Blank Project”

Now Paste the Following Script given below, and choose the time limit for message to get vanished after reading

function onOpen() { var time = 60; // Wait Time (in seconds)

var ss = SpreadsheetApp.getActiveSpreadsheet();

ss.toast(“This message will disappear after ” + time + ” seconds”);

Utilities.sleep(time*1000);

ss.toast(“We are now sending this private note to the shredder”);

ss.getActiveSheet()

.getRange(1, 1, ss.getLastRow(), ss.getLastColumn()).clear();

}

You will get the picture like below on the screen

Now, go to the option “File”. Now save it with any name in case it gets “Self Deleted”

Now , type a Message or any document you want to send in “Spread Sheet ”and click on share button in Top of Right Corner, as shown in the below picture.

Then, you will get the picture like this below on your screen. Now, choose the contacts that you want to send this message, and want to share.

Now, your message is ready to send to that person. When recipient get the mail & click on Spreadsheet Than message will self destruct with in 1 minute

Script Source: http://www.labnol.org

Google+

How to Hack Email using Web Jacking Method

1 year ago

by Raj Chandel in BackTrack 5 Tutorials, Email Hacking, Social Engineering Toolkit

The web jacking attack method will create a website clone and present the victim with a link stating that the website has moved. This is a new feature to version 0.7. When you hover over the link, the URL will be presented with the real URL, not the attacker’s machine. So for example if you’re cloning gmail.com, the URL when hovered over it would be gmail.com. When the user clicks the moved link, Gmail opens and then is quickly replaced with your malicious webserver. Remember you can change the timing of the webjacking attack in the config/set_config flags.

Requirement Backtrack 5

First open your backtrack terminal and type ifconfig to check your IP

Now Again Open Your Backtrack terminal and Type cd /pentest/exploits/set

Now Open Social Engineering Toolkit (SET) ./set

Now choose option 1, “Social – Engineering Attacks”

Now choose option 2, “Website Attack Vectors”

In this option we will select option 6 “Web Jacking Attack Method”

In this option we will choose option 2 “Site Cloner”

Enter the URL of the site you want to clone. In this case http://www.gmail.com and hit enter. SET will clone up the web site. And press return to continue.

Now convert your URL into Google URL using goo.gl and send this link address to your victim via Email or Chat

When the victim goes to the site he/she will notice the link below, notice the bottom left URL, its gmail.com.

When the user clicks the moved link, gmail opens and then is quickly replaced with your malicious webserver. Remember, you can change the timing of the webjacking attack in the config/set_config flags.