Think about your financial information, and personal emails that your account holds. Don’t risk being hacked. read the post  information and follow then  u will never get hacked even if ur account  got hacked u can get it back

now a days  most off  the email services like gmail and yahoo introduced the captcha system so old brute forcing method wont work   .

check the email hacking methods so that  you can defend from those attacks

the main steps  to  hack proof your email comes while registering the email accout

you must set up the secondary mail id and also the security question

Where did you meet your spouse?

What was the name of your first school?

Who was your childhood hero?

What is your favorite pastime?

What is your favorite sports team?

What is your father’s middle name?

What was your high school mascot?

What was your first car of bike?

What is your pet’s name?

For example, a pet’s name. Don’t write your real pet’s name. Invent one! so that no one can guess that  add some special characters to your password like @#$*^ ” these cant be recorded by most of the keyloggers

make the note of the security question  and the secondary id some where in your dairy.

keyloggers are  mostly responsible for steeling of the date both account passwords

Here are the best tools to  protect your information from being stolen.

Web Based On Screen Keyboards

Some website such as Citibank has an on-screen javascript keyboard which you can use your mouse to click the character. This way, you can avoid using your keyboard. There is no need to install anything because everything is loaded from the website. If you’d like to implement an on-screen keyboard on your website, please visit the links below.

1. JavaScript Virtual Keyboard by Dmitry Khudorozhkov.

2. Javascript VirtualKeyboard by WingedFox.

- In my opinion, WingedFox’s Javascript VirtualKeyboard is much better than Dmitry’s JVK.

Program On Screen Keyboards

If you want to use an on-screen keyboard on a website but the on-screen keyboard is not available, you can download and use program type of on-screen keyboard. Usually the on screen keyboard program is very small in size and free to use.

1. Neo’s SafeKeys

2. MiloSoft Virtual On Screen Keyboard

3. Click-N-Type virtual keyboard

4. Mouse Only Keyboard v1.4 (MOK)

Softwares:

1. QFX KeyScrambler

2. I Hate Keyloggers

3. SnoopFree Privacy Shield 1.0.5

4. MyPlanetSoft Anti-Keylogger v1.5

5. KL-Detector v1.3

6. PSMAntiKeyLogger

Read More

This is the first post on hacking and this is also the ultimate post that will teach you how to hack any email. After reading this post u can hack gmail, yahoomail, hotmail, aol mail

The following article is not only teach you email hacking, but it has more to do with raising awareness on some common email hacking methods.

You all are very lucky for reading this post in learnhacking.org, because i worked very hard about more than 3 months to learn this.

Getting started :

There are so many ways to hack emails depending on the victim
Hacking with Keyloggers
Hacking with Trojans
Usage of Fake pages

Keyloggers :

Installing the keylogger in the victim’s system records each and every keystroke (every keyborad button including symbols), its very easy if u have the physical acsess to his/her system and its a bit complicated when it comes in remote installation.

A keylogger records the every keystrokes (as said above) the victim presses and mail you the info. By installing the keylogger u can not only hack his email password u can get the list of the sites he visits and their passwords you can also hack bank and paypal accounts with this.

Keyloggers are widely available on the internet, you can google it (google search) for more info or you can just check our upcoming posts on hacking emails using keyloggers.

Soon we will upload some videos too.

Trojans
These are the hackers best friends, also called as Remote Administration Tools, you can play with the victim’s system with the help of these tools, you will have total control over his system, some of the features of these programs are as follows

- Pro – connective ( Reverse Connection)

- Run any Program in the victim’s pc.

- Run MS-Dos Command.

- Run Batch Script

- Run Vb Script

- Run Registry Entry

- Receive MSN , Steam , IExplorer, Firefox, Anti virus , Dial-Up , Crypted Passwords

- Keylogger ( Live keylogger, you can see in Live ! ) *New*

- ScreenShot + WebCam ( Live ! ) *New*

- Files Manager with PRO Options

- Search Files

- Registry

- Admin FTP

- Windows

- Application ( Max Process , Directory Of File, Memory RAM, Refresh and Kill Button )

- Online Editor *New*

- Printer

- Downloader

- Give Damage

- Clip board

- Shut Down PC

- Control Panel

- MSN Stuff ( You can add a contact , delete a contact, change his status and chat with his contacts in Live ! ) *New*

- Funny Stuff ( Hide Desktop Windows, Hide Start Button , Hide task bar, Open CD-ROM, Swap Mouse Buttons, Minimize All Windows, Start Mouse Control, Modify/Upload Wallpapers, Play Sound, Control keyboard, Lock Ctrl+Alt+Del, HTML Script) *New*

- Chat ( With Custom Skin , Nickname) *New*

- Alert Message ( Custom Error messages, Questions with answers)

and also a lot of things can be done with these trojans.

If you want to know how to hack with trojans and where to get them, just check our upcoming posts on email hacking with trojans.

Fake pages

Hacking by fake pages is the best easy and effective way its mostly used and 33% of the total passwords hacked are by using this method .

In this method we will send him a fake page of the site which we want to hack, fake page looks exactly the same like the real one the only difference is the address or url of the page , the victim thinks that fake page as original one and enters the password then we will get his password to our mail

1.HACK GMAIL

2.HACK YAHOOMAIL

3.HACK HOTMAIL

4.HACK AOL

4.SNIFFING

This method is used when the victim and you are in the same lan then we can sniff all his passwords and also record all his traffic.

For more info check our upcoming post on hacking email by sniffing.

Read More

How to get back a hacked orkut or gmail account

Now a days most of the hackers are targeting gmail accounts dude to the no of services offered by the google

if hacker change the secret question and secondary email to new ones. Once these two things are changed, you cannot get back your account through the forgot password tool.

then follow these steps

Gmail has a special page to report such incidents when someone hacks into your account.

check it here :https://services.google.com/inquiry/gmail_security1.




The Gmail Team considers numerous data points when determining original account ownership in a hijacking case. In addition to the information requested on the form, you can also include the following information to help them process your claim.
The email addresses of up to 3 Frequently Mailed Contacts
The names of up to 3 Labels
Any other Google services you used with this account and the date you started using each one
Your ip-address

You can also resubmit the form later if you find any additional information that would help them investigate. This process is said to take about 4-10 days.

Read More

BackTrack 4 Pre Release Available For Download

You may remember back in February the BETA of BackTrack 4 was released for download, the team have made many changes and have now released BackTrack 4 Pre Release.

For those that don’t know BackTrack is the top rated linux live distribution focused on penetration testing. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.

It’s evolved from the merge of the two wide spread distributions – Whax and Auditor Security Collection. By joining forces and replacing these distributions, BackTrack has gained massive popularity and was voted in 2006 as the #1 Security Live Distribution by insecure.org. Security professionals as well as new-comers are using BackTrack as their favorite toolset all over the globe.


The new version has busted the 700mb file size though so it’d DVD or USB, it’s recommended to use a USB drive to run it or install it on your HDD as running from a CD isn’t exactly speedy.

Full details available in the PDF guide:

BackTrack 4 Guide [PDF]

You can download BackTrack 4 Pre Release ISO here:

bt4-pre-final.iso

Or read more here.

Read More

Massive Malware Outbreak Infects 30,000 Websites

This looks like a fairly complex infection mechanism combining exploiting websites, injecting JavaScript code then attempted exploitation of host machines and failing that prompting a download for some fake malware.



The way they have it all setup is pretty clever too hiding behind common technologies so their infections don’t look out of place.



An obfuscated JavaScript meant to look like Google Analytics code? That’s smart.



A nasty infection that attempts to install a potent malware cocktail on the machines of end users has spread to about 30,000 websites run by businesses, government agencies and other organizations, researchers warned Friday.



The infection sneaks malicious javascript onto the front page of websites, most likely by exploiting a common application that leads to a SQL injection, said Stephan Chenette, manager for security research at security firm Websense. The injected code is designed to look like a Google Analytics script, and it uses obfuscated javascript, so it is hard to spot.



The malicious payload silently redirects visitors of infected sites to servers that analyze the end-user PC. Based on the results, it attempts to exploit one or more of about 10 different unpatched vulnerabilities on the visitor’s machine. If none exist, the webserver delivers a popup window that claims the PC is infected in an attempt to trick the person into installing rogue anti-virus software.



If you imagine 30,000 websites have been installed, how much traffic do these sites have in total? And out of that how many client computers have been infected.



The numbers could be quite huge.



The rogue anti-virus seems fairly intelligently designed too with polymorphic techniques to avoid signature scanning by real AV engines.



The rogue anti-virus software uses polymorphic techniques to constantly alter its digital signature, allowing it to evade detection by the vast majority of legitimate anti-virus programs. Because it uses obfuscation, the javascript is also hard to detect by antivirus programs and impossible to spot using Google searches that scour the web for a common string or variable.



“For the common user, it’s going to be possible but difficult to determine what the code is doing or if it’s indeed malicious,” Chenette told The Register. “We can see this quickly growing.”



The infection shares many similarities with a mass website malady that’s been dubbed Gumblar. It too injects obfuscated javascript into legitimate websites in an attempt to attack visitors. So far, it’s spread to about 60,000 sites, Websense estimates.



Several differences in the way the javascript behaves, however, have led Websense researchers to believe the two attacks are unrelated. The researchers have also noticed that the code, once it’s deobfuscated, points to web addresses that are misspellings of legitimate Google Analytics domains that many sites use to track visitor statistics. The RBN, or Russian Business Network, has used similar tactics in the past, and Websense is now working to determine whether those responsible for this latest attack have ties to that criminal outfit.



Seems like it could possibly be from Russia (the RBN) and it’s not related to Gumblar, even though they have quite a few similarities.



Interesting case to watch, and make sure any sites you run are up to date, secured and not open to SQL injection!



Source: The Register

Read More

China's Mandated Site-Blocking Software is Pirated code

ccording to Solid Oak Software, the makers of CyberSitter, one of the more popular Internet-filtering programs, not only does Green Dam look similar to CyberSitter, it uses DLLs identified with CyberSitter, and even gets updates from Solid Oak's servers.



Piracy?  A Chinese company stealing intellectual property   No way !!!!!!!!!

CYBERsitter - Solid Oak Software





Green Dam - Software

Seriously, not only does the software use pirated code, a University of Michigan study shows that the software contains security vulnerabilities.



The good thing is, the software needn't be installed on PCs bought in China; the OEM merely has to provide a CD with the installable image. Additionally, the software is uninstallable, although the University of Michigan study notes that it leaves the log files behind, so even after uninstalling, historical user activity can be ascertained.



An interesting conundrum, however. Since the Green Dam program contains CyberSitter code, any OEM providing the code on or with their computers would be facilitating piracy. Of course, if they don't do so, they won't be able to sell to China. Ooof.





via

Read More

How to Send Anonymous Emails

The art of sending this kind emails is known as Email Spoofing.This method used to work successfully in the past, but today it has a very low success rate since Gmail and Yahoo(all major email service providers) blocks the emails that are sent directly from a PC. In this post I have come up with a new way to send anonymous emails (spoofed emails) that has 100% success rate. If you have to successfully send an anonymous email or spoofed email, you should send it using a relay server.

What is a Relay Server?

In simple words, a relay server is an SMTP Server that is trusted by Google or Yahoo as an authorised sender of the email. So, when you send an email using a relay server, the email service providers like Yahoo and Gmail blindly accept the emails and deliver it to the inbox of the recipient. If the SMTP server is not authorised, Google and Yahoo will reject all the emails sent from this SMTP server. This is the reason for which using our own SMTP server to send emails fail.

So What’s Next?

Now all we have to do is, find a trusted SMTP server to Send Spoofed Emails. Usually all the emails that are sent from web hosting providers are trusted and authorised. So, you have to find a free web hosting provider that allows you to send emails. But, most of the free Web Hosts disable the Mail feature and do not allow the users to send emails. This is done just to avoid spamming. However all the paid hosting plans allow you to send any number of emails. Once you find a hosting service that allows to send emails from their servers, it’s just a cakewalk to send anonymous emails. All we have to do is just modify the email headers to insert the spoofed From address field into it.

I have created a PHP script that allows you to send emails from any name and email address of your choice. The script can be found here.

Anonymous Email Sender Script

 Here is a step-by-step procedure to setup your own Anonymous Email Sender Script

1. Goto X10 Hosting  and register a new account.

2. Download my Anonymous Email Sender Script (sendmail.rar).

3. Login to your FreeWebHostingArea Account and click on File Manager.

4. Upload the sendmail.php, pngimg.php and bg1.PNG files to the server.

5. Set permissions for sendmail.php, pngimg.php and bg1.PNG to 777.

6. Now type the following URL

http://yoursite.x10hosting.com/sendmail.php

NOTE: yoursite must be substituted by the name of the subdomain that you have chosen during the registration process.

7. Use the script to send Anonymous Emails. Enjoy!!!

Tell me whether it worked or not. Please pass your comments…

WARNING: ALL THE INFORMATION PROVIDED IN THIS POST ARE FOR EDUCATIONAL PURPOSE ONLY. I AM NOT RESPONSIBLE FOR ANY MISUSE.

Read More