Hack Facebook, Gmail, orkut, Youtube, Windows Password

Phishing is the most popular and widely used method for hacking email accounts. Phishing is not as easy as it’s name. Creating a phishing page is an easy task and any one can download it from various hacking forums for free. The main step of phishing comes after creation of fake login page.
If you Haven’t Read about Phishing previously Please Click here

How to send this fake page to the victim?

Here comes the Tab Napping which can make your second step easy than before. No need to send fake page via email to victim.

Tab Napping use the modern browser’s multi tabbed environment. Now a days all people use multiple tabs for accessing Gmail, facebook, orkut and other websites simultaneously. The trick is to confuse user in his/her multiple tabs and redirect any of idle tab of his browser to your phishing silently. Tab Napping works on the user’s assumption that a tabbed web page stays the same when other Internet services are being accessed.

How does tab napping work?
It is done by checking whether your page is idle or not, if it is idle or not used for some particular time period then it gets redirected:
Things to be done:

 1.check for mouse movement
2.check for scroll bar movement
3.check for keystrokes

If any of the above event is not triggered till few seconds , this means user is not using that tab, either is off from system or using
 other tab, so if these coditions are met, then we redirect it to our phished page, which user thinks it to be genuine page.
The idea behind this is very simple and is done by javascript. Tab napping is all about the relation of 2 pages. suppose Page A and Page B. Victim was viewing page A in a tab of a browser and then left this idle and and now using some other website in another tab of browser. If the user will not return to page A for some pre-specified time, page A will automatically redirect to Page B. This Page B is your phishing page. This redirection and cheking for user actions is done by Javascript.

Tab napping in action:

Get the Java script for tabbed napping here
(Its just a text file which includes the script…so no need to worry about scanning it!)



Make a web page and use the tab napping script in that page say it page A. This script will not affect the layout or content of the page. This script will check for user actions. If the page is idle for some time, this script will redirect this page to a pre-specified page which may be your phishing page. You have to specify this page in the script. Be sure to change this in script.
check script for this line…

timerRedirect = setInterval(“location.href=’http://www.gmail.com’”,10000);

this line will redirect to Gmail after 10 sec. Change this location to the address of your phishing page. This line is used 2 times in the script so change is both lines.

so, page A with tab napping script will redirect to phishing page B.

Now send the link of the page A to your victim. This is a normal page. If the page is idle for some time it will be changed to page B otherwise no effect.

Spy Others PC To Secretly Record Their Passwords Which Are Automatically Sent to Your Email

A keylogger is a type of surveillance software (considered to be either software or spyware) that has the capability to record every keystroke you make to a log file, . A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard.


" REMEMBER TO DISABLE THE ANTIVIRUS WHILE FOLLOWING THE STEPS"
* YOU NEED PHYSICAL ACCESS TO THE VICTIMS PC IF YOU WANT TO SPY HIM.
* OR YOU CAN USE IT IN YOUR PC TO SECRETLY RECORD EVERY PASSWORD YOUR FRIENDS TYPE WHILE USING YOUR PC.

Step 1 Getting the Software


We're going to be using the FREE Keylogger made by Smithy.

1. Download Steel Keylogger by Smithy ( gOTO GOOGLE AND DOWNLOAD THE LATEST VERSION ) { Iam using  Steel Keylogger v 1.1.0.18}
2. Go to the directory that you downloaded Steel to, and extract the archive (right-click > extract here).
3. Put the Steel.exe in a private directory that a thief would not think to look under. Try to put it in a hidden folder, or obscure directory, for example:
    C:\WINDOWS
Then make a folder inside of that called "steel" and throw steel.exe inside of it. You'll end up with:
    C:\WINDOWS\steel\steel.exe

"REMEMBER TO PUT AN EXCEPTION TO STEEL.EXE IN YOUR ANTIVIRUS SO THAT THE ANTIVIRUS WON'T REMOVE IT IN THE FUTURE"


Step 2 Setup and Configuration
Now we're on to edit the preferences to optimize it for our needs. I recommend having a separate email JUST for steel, as it will be filled with logs and images.
1. Run steel.exe by double clicking on it.
2. Go to Options > Preferences.
3. Click Startup and Exit.
4. Click the check boxes for Start in Hidden Mode and Run at System Startup (All Users).
5. Check Hide for when Exit is pressed.


6. Click Security and check Password Protect Unhide, and set your choice of password
7. Click Email and edit the credentials to fit yours. Make sure SSL is enabled. This will ensure that the logs are sent to your email, and your password can't be packet-sniffed.


8. If you want Images sent—I recommend this—check the box and in the drop down, select Every Hour.
9. Go to the Logging tab, and choose if you want a key combo to unhide Steel, or to type a password and cut it to reveal Steel. The choice is all yours.
10. Check Enable Screen Capturing.
11. Set the image quality and interval to what you desire.
12. Click the Save Settings button.

THERE ARE MANY COMMERCIAL kEYLOGGERS AVAILABLE. IF YOU FIND THEM COMFORTABLE TRY TO GET  THEIR FREE FULL VERSION.
EG. (http://monitoring-software-review.toptenreviews.com/)
1. SpyAgent
2. WebWatcher
3. PC Pandora
4. Spector Pro
5. eBlaster
6. Elite Keylogger
7. IamBigBrother
8. Refog Personal Monitor
9. XPCSpy Pro
10. SniperSpy

How to Unlock/Crack Winrar/Winzip Password

Have you ever ended up with a RAR file that was password protected? Maybe you set the password yourself and forgot it! Whatever the case, there are a couple of ways to crack the password on a RAR file if you get lucky.
Basically, there are two standard methods to cracking a password for any program: dictionary attack and brute-force attack. The first generates passwords using word lists from a dictionary and the latter simply searches all possible character combinations.
Obviously, the latter is harder and will take more time. If the password is very complex and doesn’t have any recognizable dictionary word in it, it might simply be impossible ( AS IT MAY TAKE DAYS OR EVEN MONTHS). However, it’s always worth a try.

By using cRACK (for Windows, Win32/Win64 ) . [ http://www.crark.net/ ]:
1. Download latesT version of cRACk


2. Then download Crark GUI wrapper for Windows. (http://www.crark.net/download/crark_gui.zip)



3. Then extract both tools ( cRACk  & Crark GUI wrapper) into the same folder.
( if while extracting the archive ask for password then click cancle because only some files are password protected which are not needed in the process . )


4. Run cRackGUI.exe


5. Choose the required options.
6 . Then click start.



7. Password is cracked ( remember the process takes time)




 There are some more software available but they cost about $20 - 30$. But if you search YOU can get the full versions ( YOu know what i want to say ).
Atomic RAR Password Recovery
The free trial will allow you to recover passwords up to 3 characters in length. If you have a longer password and the program is able to determine the entire password, you will see the 1st three characters followed by asterisks (*).
In this case, you can buy the program and it will unmask all the characters. If it never shows the asterisks, that means it can’t figure out the password and you don’t have to buy it! Nice.
RAR Password Cracker
This is another program that uses both the brute force attack method and the dictionary attack. It’s shareware also, so the free trial has some limitations.
Elcomsoft Advanced Archive Password Recovery

How to Hack windows password.

In this article we are exactly going to tell you the same.
Hacking / Bypassing windows passwords is not a difficult task actually. If you have the required tools you can easily get into anyone’s computer by Hacking / Bypassing the password.
However Learn Hacking highly discourages the use of blackhat hacking techniques and use this knowledge only for a good reason. Say you forgot your computer’s password and want to recover it, you may use this method.
Now coming back to the main topic again:-
We are going to use a tool called Hirens Boot CD to crack windows passwords.
Download Hirens boot cd from
http://www.hirensbootcd.org/files/Hirens.BootCD.15.1.zip
Q) Where are windows password saved?
A) Windows first encrypts the password using some algorithm and then saves it to a Sam file.This sam file is locked and no user account including the administrator can use this file.This file is located in windows/system32/config.
Q) What is the above link ?
A) The link given above is the download link for “hirens boot cd “.
It is a special type of **live cd** bunched with popular and useful freeware tools .The link is to hirens boot cd 15.1 ,but you can download any earlier version.
The main reason for choosing this cd is that it contains number of useful softwares.There are many other Live cds too ,you can even try them.
Q) what is a **live cd**?
A) Live cd is a cd/dvd or any other portable media containing bootable Operating system.These media have the unique ability to run operating system without altering the files and operating system installed on the hard disk of the pc.
It generally places it files in the Ram[random access memory ,volatile memory],so when a pc is rebooted all it files are deleted automatically.
Q) How does this cd helps us?
A) Since this live cd doesnt use the pre installed operating system ,we can edit/delete files [even the locked ones ie sam file].You can also use utilities present in this cd to change the windows password.
Steps to use Hirens Boot CD to Hack Windows Password:-
1 ) Download the zip file from the above link.
2 ) Extract it.
3 ) There will be a .iso file . Burn that file to cd using nero/poweriso or anyother software you have.
4 ) Boot using this cd ie insert this cd in CD-Rom and restart [Make sure that cd-rom has the highest boot priority]
5 ) After booting ,It will show a menu , Choose “Mini windows xp”.It will take some time to launch.
6 ) After it is finished ,You will be having a windows classic style desktop.
7 ) Click on start>>Hiren boot cd menu [HBCD menu]
8 ) It will open a dialogue box,click on “Menu” >>click on “password and keys”, there you will be having a list of softwares,click on “”Password renew”".
9 ) Now click on select target ,Browse to your windows ie “c:windows” and press ok.
10 ) Click on “Renew exisiting user password” and then choose the Your user account .
11 ) Enter the desired password and hit install.
12 ) You are now done just restart Your pc and login using your new password.
Prevention :
In the Bios settings set the minimum boot priority for removable devices . In this way the CD?DVD/USB wont boot and the method specified above wont work . Also set the password at the BIOS  so no one will be able to change the Boot settings .

Megaupload Premium Link Generator

Your download is in the queue… - Sounds familiar?
Well! That’s a story of the past now especially with the MegaUpload premium link generator. What more now you can download 200mb using just the MU link or file ID. Isn’t that neat?
The icing on the cake is that you also have the option of using the unlimited service, which means no restrictions on file size. Faster access – faster downloads!
Here are top 10 sites for MegaUpload premium link generator.

Site#1: Rapid 8

Free or Paid: Basic login (200mb download) is free | Premium Login for unlimited download: $5.99

Website URL: http://www.rapid8.com/

Site#2: Hluesoe

Free or Paid: 100% free download.

Website URL: http://www.hlusoe.info/

Site#3: ATayALay

Free or Paid: Free with restrictions. Maximum download of 3x150mb and a limit of 12 downloads.

Website URL: http://www.atayalay.info/?ref=hlusoe.info

Site#4: Plgdown

Free or Paid: Free. Registration and completion of survey must to get free account.

Website URL: http://plgdown.com/mu

Site#5: Leech King

Free or Paid: Demo version is free with file size limit of 100mb. Premium version is priced at $6.99 per month with unlimited file size.

Website URL: http://www.leechking.com/vip/register.php?id=new

Site#6: Tiger Leech

Free or Paid: Trial version is free with file size limit. Premium version is priced at $10 per month with maximum file size of 2GB.

Website URL: http://tigerleech.com/

Site#7: Mega Upload

Free or Paid: Trial version is free with a maximum file size of 150MB and 1 download per day.

Website URL: http://www.megauploadlinkgenerator.com/

Site#8: Zevera

Free or Paid: Trial version is free with restricted file size. Premium version with unlimited file size and costs $14 per month.

Website URL: http://www.zevera.com/USDefault2.aspx

Site#9: Mega Leech

Free or Paid: Free download.

Website URL: http://www.megaleech.us/

Site#10: Kikisso

Free or Paid: Free download of unlimited file size. Offer two MegaUpload premium link generator options: Megapid and Megafast.

Website URL: http://www.kikisso.com/en/file-sharing/premium-link-generator/megaupload/
Go ahead and start downloading your favorite movies, presentations, much more at the click of the mouse!

Hack Administrator Password In Windows 7,Xp And Vista

Most of us might have experienced a situation when we forget our Windows administrator password.And we are not able to login into windows and access our all necessary data and programs.At that time the only solution that comes into or mind is the installation of fresh copy of windows but this will lead to loss of all data and files that are in the windows drive.There is also another way around using which you don’t need to install a fresh copy of windows and without losing any data.We are providing here the method to reset windows administrator password.This tutorial is only for the purpose of recovering your windows 7,xp or vista password.This should be used only when you forgot or lost your password and not for hacking into somebody else’s system.Using this hack you can reset your administrator password or leave it blank.
By using this tutorial
1.You donot need to know anything about your old password.
2.You can unlock locked or disabled accounts.
3.Also edit the registry.
The requirements for using this method are:-
1.Blank CD/floppy disk.
2.Access to Internet.
3.Cd or floppy writer
These requirements can be easily fulfilled by spending 15 minutes in cybercafe or at friends computer
Now here is the step by step tutorial with screenshots on how to hack administrator password in windows 7,vista or xp.

1.Download this small utility.
Click Here To Download
2.You will get an zipped file with ISO image in it.Extract his image using winrar or inbuilt windows software.
3.Put your blank cd in CD-ROM and burn this using Nero or any other image burner software.this is most important step and make sure you burn the ISO image properly.
4.Now put this CD in the system whose password is to be reset.
5.Restart your system and when prompted press enter to boot from the CD.

Note:If you do not get prompt of boot from CD.Then restart you system and press f2 or f6 or f8 or Esc key(anyone of them should work for your system) before the booting of the windows start.Now you will enter into bios and you should change the boot order from here with the first preference as CD-ROM.And again restart your system
6.Now the software will load automatically.It will ask you to select the windows drive and after that provide you with the option of resetting password.
If you have any queries or suggestion do not hesitate to ask.

How To Find the Administrator Password in Windows 7

An administrator password in Windows 7 is the password to any account that's setup to access administrator level functions in Windows 7.
There is also an account called "Administrator" but it's disabled in Windows 7 by default. What you really need in most cases is the password to any account that can act as an administrator.
There are a few times when you will need this password. You may need an administrator password in Windows 7 if you're trying to run certain types of programs or access certain Windows 7 recovery tools.
Follow the steps below to quickly find an administrator password in Windows 7:

Difficulty: Average

Time Required: Finding the password to an admin account may take minutes up to hours depending on the situation

Here's How:

1. Try leaving the password blank if you're trying to log on to the actual "Administrator" account. Just press Enter without typing anything when asked for it.
   This trick doesn't work nearly as often in Windows 7 as it did in Windows XP but it's still worth a shot.
2. Enter the password to your account. Often times, depending on how Windows 7 was setup on your computer, the primary user account will be configured with administrator privileges.
3. Try to remember your administrator password. As I mentioned in the last step, your account might be configured as an administrator, especially if you installed Windows 7 on your computer yourself.
   If that's true, but you've forgotten your password, you might be able to make really good guesses at what the administrator password might be.
4. Have another user enter his or her credentials. If there are other users that have accounts on your Windows 7 computer, one of them may be setup with administrator access.
   If this is true, have the other user designate you as an administrator as well.
5. Recover an administrator password using a Windows password recovery tool. You may be able to recover or reset an administrator password with one of these free tools.
   Note: Some password recovery tools in the list I linked to above also have the ability to add administrator privileges to regular Windows 7 user accounts which could be valuable if you know your account's password but it's not an administrator account. Some can also enable accounts like the "Administrator" account.
6. Perform a clean install of Windows 7. This type of installation will completely remove Windows 7 from your PC and install it again from scratch.
   Obviously don't attempt this extreme solution unless you absolutely have to. For example, if you're needing an admin password to access operating system diagnostic tools and this is your last effort to save your PC, performing a clean install will work because you'll have an opportunity to setup a new account from scratch during Windows 7 setup.

Best Password Cracker

THC-Hydra

A very fast network logon cracker which support many different services.
Have a look at the feature sets and services coverage page - including a speed comparison against ncrack and medusa!


Current Version: 6.5 (plus diff)
One time only: Mac OS/X compiled package of v6.5+diff
Last update 2011-08-01


[0x00] News and Changelog

        INFORMATION FOR VERSION 6.5:
        As the next version will be v7.0 which will get a rewrite of the main function,
        it will take some months for the next release.
        For important issues there will be diff patches provided here for 6.5

        PATCH: The following diff patches two issues in the http-form module: PATCH


        Check out the feature sets and services coverage page - including a speed comparison against ncrack and medusa (yes, we win :-) )

        It was tested to work on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX.
        No more windows .exe cygwin port. Too many clueless people hassled me why hydra.exe
        does not work for them when they double-click on it ... duh
       
        CHANGELOG for 6.5
        =================
        * Added dpl4hydra script by Roland Kessler, which creates a default
          password for a device. Thanks!
        * Greatly improved HTTP form module: getting cookie, fail or succes condition, follow
          multiple redirections, support cookie gathering URL, intelligent
          cookie learning, multiple user defined headers, etc. works with OWA now :-)
        * Added interface support for IPv6, needed for connecting to link local fe80::
          addresses. Works only on Linux and OS/X. Information for Solaris and *BSD welcome
        * Added -W waittime between connects option
        * The -x bruteforce mode now allows for generated password amounts > 2 billion
        * Fix if -L was used together with -x
        * Fixes when using the  service://target/options format
        * Fixed a bug in the restore file write function that could lead to a crash
        * Fixed XMPP module jabber init request and challenge response check,  thx "F e L o R e T"
        * Fix: if a proxy was used, unresolveable targets were disabled. now its fine

You can also take a look at the full CHANGES file


[0x01] Introduction

Welcome to the mini website of the THC Hydra project.

Number one of the biggest security holes are passwords, as every password security study shows.
Hydra is a parallized login cracker which supports numerous protocols to attack. New modules
are easy to add, beside that, it is flexible and very fast.

        Version 6.x was tested to compile on Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX.

        Hydra is made available under GPLv3 with a special OpenSSL license expansion.

Currently this tool supports:
  afp cisco cisco-aaa cisco-enable cvs firebird ftp[s] http[s]-{head|get} http[s]-{get|post}-form
  http-proxy icq irc imap ldap2 ldap3[-{cram|digest}md5] mssql mysql ncp nntp oracle
  oracle-listener oracle-sid pcnfs pop3 pcanywhere postgres rexec rlogin rsh sapr3 sip
  smb smtp smtp-enum snmp socks5 ssh svn teamspeak telnet vnc vmauthd xmpp
          AFP, Subversion/SVN, Firebird, LDAP2, Cisco AAA (incorporated in telnet module).

        For HTTP, POP3, IMAP and SMTP, several login mechanisms like plain and MD5 digest etc. are supported.

This tool is a proof of concept code, to give researchers and security consultants the
possiblity to show how easy it would be to gain unauthorized access from remote to a system.

        The tools is maintained by van Hauser and David Maciejak.


[0x02] Disclaimer

1. This tool is for legal purposes only!
2. The GPLv3 applies to this code.
3. A special license expansion for OpenSSL is included which is required for the debian people


[0x03] Documentation

Hydra comes with a rather long README file that describes the
details about the usage and special options.


[0x04] Development & Contributions

Your contributions are more than welcomed!

If you find bugs, coded enhancements or wrote a new attack module for a service,
please send them to vh (at) thc (dot) org and add the word "antispam"
in the subject line.

Interesting attack modules would be:
RDP, PPTP, ...
(or anything else you might be able to do (and is not there yet))


[0x05] Screenshots


(1) Target selection


(2) Login/Password setup


(3) Hydra start and output


[0x06] The Art of Downloading: Source and Binaries

1. The source code of state-of-the-art Hydra: hydra-6.5-src.tar.gz + diff
   (compiles on all UNIX based platforms - even MacOS X, Cygwin on Windows, ARM-Linux, etc.)


2. The source code of the stable tree of Hydra in case v6 gives you problems on unusual platforms:
   hydra-5.9.1-src.tar.gz

        3. Mac OS/X binary package (Intel 32 bit, compiled on snow leopard)
           This package will not be maintained or updated! One time only!
           Mac OS/X compiled package of v6.5+diff

4. The Win32/Cywin binary release: --- not anymore ---
   Install cygwin from http://www.cygwin.com
   and compile it yourself. If you do not have cygwin installed - how
   do you think you will do proper securiy testing? duh ...

        5. ARM and Palm binaries here are old and not longer maintained:
     ARM:  hydra-5.0-arm.tar.gz
             Palm: hydra-4.6-palm.zip