Friday, December 16, 2005

How to Hack AOL,HOTMAIL and YAHOO

We often hear people claim that they have lost their passwords because they have been hacked and now need to get their password back.Here i am giving few techniques

All this techiniques are illegal can be called as Phishing

THE HOAX

Let's dispose of one technique that is absolutely a hoax (meaning a fraud: something intended to deceive; deliberate trickery intended to gain an advantage.) If you see a newsgroup post or web page with something like the following, it is a hoax and will not work.


: : : (([[THIS REALLY WORKS ]])) : : :

(1) send an E-mail to passwordrecovery@yourdomainhere.com

(2) In the subject box type the screenname of the person whose password you wish to steal

(3) In the message box type the following: /cgi-bin/start?v703&login.USER=passmachine&class=supervisor&f={your aol password}&f=27586&javascript=ACTIVE&rsa

(4) Send the e-mail with priority set to "high" (red ! in some mailprograms)

(5) wait 2-3 minutes and check your mail

(6) Read the message.-Where YOUR password was typed before, NOW, the password of the screenname in the code string is there!!!

Why does this work? It´s a special decryption-server that AOL-employees can use to decrypt passwords.The aolbackdoor account is a bot that reads your authentification from the message body and identifiying you as a valid AOL Staff-member, you will get the password mailed back to you. The trick is that this Bot´s script seems to be a little bit buggy and it automatically recogises you as an supervisor (AOL-Staff member), even if you use a normal AOL account. This means, that EVERYONE having a valid AOL account can hack as many other accounts as he wants.


This is just a scam to steal your password and may explain some of the calls we get from people saying they were hacked. Never give your password to anyone. No legitimate web service or customer service representative will ask for it or need it. There is no magic email address or series of commands that will reveal the passwords of users.


LOCALLY STORED PASSWORDS

Most browsers, including Internet Explorer® and Netscape®, the AOL® client, and Windows® Dial-Up Connections allow you the option to store passwords. These passwords are stored on the local machine and (depending upon where and how it is stored) there is usually a method of recovering these passwords. Storing any password locally is insecure and may allow the password to be recovered by anyone who has access to the local machine. While we are not currently aware of any program to recover locally stored AOL® passwords, we do not recommend that these are secure. Software does exist that can recover most of the other types of locally stored passwords.


TROJAN

A Trojan is a program that is sent to a user that allows an attacker to control functions of the target computer, recover information from the target or to delete or damage files on the target. The name Trojan is given because the program will usually come attached to some other program or file that entices you to run it. There are a wide variety of Trojans any number of which can be programmed to capture passwords as they are typed and to email or transmit them to a third party. To protect yourself against Trojans, you should never execute or download software or files that are not from a trusted source. It is critical that anyone working on internet use a virus protection program (which should catch most Trojans.) Note that since a Trojan requires the password to be typed or stored in order to be recovered, this is not an effective way to recover your own password. It could explain, however, how someone could lose their password to a hacker. Sending someone a Trojan program is certainly illegal and we do not recommend or condone this activity. A Trojan is unlikely to be effective in recovering a particular account password since it requires the target to install it. However, hackers will often bulk mail Trojans to thousands of people in the hope that a small percentage will get caught. Legitimate account holders who may have been caught by a Trojan and can authenticate themselves should contact their service provider to have their account passwords reset.


KEYLOGGER

A keylogger is a program or piece of hardware that records all keyboard keystrokes to an encrypted file which can then be read later. Based on the order of the keystrokes, it is usually easy to identify the password(s) from the file later. Like the Trojan, this also requires that someone actually type the password. Keyloggers come in two types: hardware and software. A hardware keylogger can be fitted between the keyboard cable and the computer and can be activated with a few keystrokes. It is then left in place until after the password that you are looking to hack is typed. Later it is removed and the file of keystrokes is examined for the password. A software keylogger is installed on a system and effectively has the same function, however, it is a little bit more complex to use since it must be installed to run stealthily. A keylogger could be used to steal a password from someone who is using an office computer or sharing a computer. It is likely that installing and using such a device or piece of software is illegal and we do not recommend or condone this activity.


IMPERSONATION

It is possible to impersonate a program on a computer by launching windows that look like something else. For instance, let's say you login to the MSN® service and visit a website (in this case a hostile website.) It would be possible for this website to pop-up some windows that look like something else. They could look almost identical to windows that an inexperienced user might expect from his local computer. The user could be fooled into submitting information to the hostile website. For instance, consider the effect of seeing the following series of windows:
If these could trick you into entering your password, then you could end-up sending your password to the attacker. Windows such as these could be created to mirror virtually any program or series of actions. Your browser will likely identify your operating system and your IP address might identify your ISP. Therefore, a hostile website could target you with a series of screen shots that look exactly as they should on your system. The key is that the screen shots are not coming from your system, but are coming from the hostile website. First, creating such a hostile website is probably fraudulent and illegal. We do not recommend or condone this activity. To protect yourself against this type of attack, make sure to configure your browser for high security and enable warnings for any code that is executed on your system.


SNIFFING

If two people do not share the same computer, but do share the same network, it may be possible for one to sniff the others' packets as they sign-on. The traffic between your computer and the internet site you are accessing may be able to be recorded and decrypted or "played-back." This is not a simple attack to execute, but is possible if two people are close to one another and share a hub. Again, this is likely to be illegal and we do not condone this activity.


BRUTE-FORCE ATTACK

Many people want to find software to perform a brute-force attack. This is really impractical. It would take hundreds of thousands of years to attempt any kind of reasonable brute-force attack on AOL®, Yahoo® or Hotmail® and this would expand exponentially if the password is longer than the minimum length. Using multiple computers or multiple sessions could reduce this to merely thousands of years. This is highly illegal since these services own the servers on which an account is hosted. Even if you are hacking your own account, you don't own the servers and the service is going to monitor and log this activity. It is extremely unlikely that you could recover a password in this way, but it is extremely likely that you'd be arrested and prosecuted for doing this.


SOCIAL ENGINEERING

Social engineering is the name given to the art of attacking the person, rather than the computer or system. The basic principle is that many people can be talked into giving someone else their id and password if they think it is someone that they can trust. For instance, I might call someone and say I was from AOL and that I was finally getting around to responding to their technical support question. I would then ask you to describe the problem that you are having and tell you that we have a solution. However, I just need to verify the account. Can you give me the username and password again? A surprising number of people would fall for this obvious scam. There is no limit as to how elaborate this can be. The more information that is given by the caller, the more realistic or believable the call is. Again, never give your password to anyone. No legitimate customer service representative will ask for this information.

Thanx

DL Kumar

12 comments:

  1. Anonymous4:56 AM

    Hi this is sahil frm india hey i want to join your team my self having my own comp.. and about me i can hack any once yahoo password no mater which version he is using so wants to talk to the admin
    i just want to help the people who are facing prob with hackers or who had hacked their id from soemone alse
    your sahil my email id is nazia_fizza@yahoo.com

    ReplyDelete
  2. The above comment is one of the example of the hoax...:)

    ReplyDelete
  3. vikrant(ngp)8:46 AM

    hi this is vikrant from india.all above said is true,coz i have tried everything of it.....dont fall to hoax use ur brain.......

    ReplyDelete
  4. Anonymous3:21 PM

    hi. i am a hacker. i can get you a myspace,facebook,aol,hotmail,yahoo…etc. password. i do charge a fee to get a password though. are you interested? E-mail me at fordf202006@yahoo.com

    ReplyDelete
  5. Anonymous2:42 AM

    hi please hack my id my id is
    hacbunny@gmail.com
    and yahoo id is
    bunnydevilmaycry@yahoo.com
    best of luck bye

    ReplyDelete
  6. Anonymous10:51 PM

    Hello!

    I can help you crack yahoo, aol, hotmail,myspace faceobook..etc password. Once I have the password, I will show you proof I have it.

    You can do it on your own in a very easy way.

    Anyone need help? Email me at pass.crackerz@yahoo.com OR chessplayer69@gmail.com

    ReplyDelete
  7. can hack any once yahoo password

    what u thing here noobs are there or ??????
    if u can hack .... hack mine
    i want to see
    who have guts to hack me...!

    ReplyDelete
  8. this all baby tricks also copy paste from othere sites.. lol baby....!

    ReplyDelete
  9. Hi this is sahil frm india


    i m from india to
    17 years old.......

    ReplyDelete
  10. using so wants to talk to the admin

    don't do bla bla bla bla

    hack me direct

    ReplyDelete
  11. Nice Blog, thanks for shareing the valuable information

    ReplyDelete
  12. Great Blog, a lot of helpful information here and obviously, thank you in your effort,keep posting .

    ReplyDelete

Note: Only a member of this blog may post a comment.