1.PHISHING
2.KEYLOGGING
METHOD 1
1.PHISHING
First of all you need to create an account in a form handling service. In the registration form enter your email address in the field “Where to send Data” and in redirect enter the URL of the site whose account is to be hacked( For yahoo it will be http://mail.yahoo.com and for google it is mail.google.com/mail). After registering you will get an email from the web form designer with your form id.
Now follow the following steps :
- Open the website of HotMail or GMail or YahooMail, its your wish. If you want to HACK yahoo id, then goto www.yahoomail.com
- Now press “CTRL+U”, you will get the source code of yahoo page. NOw press “CTRL+A” copy all the text.
- Open NOTEPAD, now paste it here. SAVE it as YAHOOFAKE.HTML
- Now open the the file yahoofake.html using noepad, here you ll find a code which starts with <form method=”post” action=”https://login.yahoo.com/config/login?” autocomplete=”off” name=”login_form”> ( This code is for Yahoo. For any other site this code will be different but you need to find the code starting with (form method=”post” action=”xxxxxxxxxxxxx”))
- Now in place of (form method=”post” action=”xxxxxxxxxxxxx”)
put the following code after placing your form id:
Now Save the yahoofake.html.
To hack the victim’s password and username the victim has to login through this page. Many people had sent me queries about how to make someone login through your link in the previous version. I have the solution for that also.
First of all upload your page using some free webhosting services. Tip: Register to those webhost which don’t give their own ads and which gives URL of type “your site name.webhost.com”.
Now select your site name as mail.yahoo.com/support. You can also add some rubbish numbers and make is very long so that the victim does not see the name of webhost in the link.
Now send a fake mail from support_yahoo@yahoo.com to the victim’s email address with subject ” Account Frozen” and in the mail write that Due to some technical errors in yahoo we need you to login through this link otherwise your account will be frozen.
After reading this your victim will click and login through the page you created and as you have give the redirection URL as the URL of the site itself so it will goto the login page again and the victim will think that he might have given wrong password so the page came again but in reallity the username and password has been sent to your email account you specified and the victim is still not knowing that his account is hacked.
METHOD 2
2.KEYLOGGING
1. How to Hack Gmail account passwords – The Easiest Way
The easiest way to hack gmail is by using a keylogger(Spy Software). It doesn’t matter whether or not you have physical access to the target computer. To use a keylogger it doesn’t need any technical knowledge. Anyone with a basic knowledge of computers can use keyloggers.
1. What is a keylogger?
A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. A keylogger is also called as a Spy software or Spy program.
3. How to install a keylogger?
Keyloggers can be installed just like any other program. At the installation time, you need to set your secret password and hotkey combination, to unhide the keylogger program whenever it is needed. This is because, after installation the keylogger becomes completely invisible and start running in the background. Because of it’s stealth behaviour the victim can never come to know about that the presence of the keylogger software on his/her computer.
4. How can a keylogger hack Gmail account?
You can hack gmail using keylogger as follows: You install the keylogger on a Remote PC (or on your local PC). The victim is unaware of the presence of the keylogger on his computer. As usual, he logs into his Gmail account by typing the Gmail username and password. These details are recorded and sent to your Sniperspy account. You can login to your Sniperspy account to see the password. Now you have successfully hacked the Gmail account.
In case if you install the keylogger on your local PC, you can obtain the recorded Gmail password just by unhiding the keylogger program
5.Which keyloggers are the best for remote installations?
Here is the list of keyloggers to use:
1.Winspy
2.Sniper spy
THese both are the best for remote installations.
METHOD 3 BY SOFTWRAE
A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers’ conference in Las Vegas.
Last week Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, and not only, authentication. Users who did not turn it on now have a serious reason to do so as Mike Perry, the reverse engineer from San Francisco who developed the tool is planning to release it in two weeks.
When you log in to Gmail the website sends a cookie (a text file) containing your session ID to the browser. This file makes it possible for the website to know that you are authenticated and keep you logged in for two weeks, unless you manually hit the sign out button. When you hit sign out this cookie is cleared.
Even though when you log in, Gmail forces the authentication over SSL (secure socket Layer), you are not secure because it reverts back to a regular unencrypted connection after the authentication is done. According to Google this behavior was chosen because of low-bandwidth users, as SLL connections are slower.
The problem lies with the fact that every time you access anything on Gmail, even an image, your browser also sends your cookie to the website. This makes it possible for an attacker sniffing traffic on the network to insert an image served from http://mail.google.com and force your browser to send the cookie file, thus getting your session ID. Once this happens the attacker can log in to the account without the need of a password. People checking their e-mail from public wireless hotspots are obviously more likely to get attacked than the ones using secure wired nework. Todd Mumford, from the SEO company called SEO Visions Inc, states “This can be a serious problem for internet Marketers who travel often and use their wireless laptops and Gmal services often and do not always have access to a secure connection”
Perry mentioned that he notified Google about this situation over a year ago and even though eventually it made this option available, he is not happy with the lack of information. “Google did not explain why using this new feature was so important” he said. He continued and explained the implications of not informing the users, “This gives people who routinely log in to Gmail beginning with an https:// session a false sense of security, because they think they’re secure but they’re really not.”
If you are logging in to your Gmail account from different locations and you would like to benefit from this option only when you are using unsecured networks, you can force it by manually typing https://mail.google.com before you log in. This will access the SSL version of Gmail and it will be persistent over your entire session and not only during authentication.
if u like plz comment