Sunday, July 15, 2012

Whaling - Lets catch a bigger phish today - A way to hack the hackers.

Being long away from this blog for about 4 years, I stumbled across my own creation recently. I was thrilled the kind of response the posts written a leap ago was receiving. So, I'll try to continue where I stopped, though I understand the world moved ahead and way ahead. Still, we'll catch up soon though. So, one of the post that got most hits and is listing at top for Google search speaks about the ways of hacking. I've explained various hacking techniques in that post but not a detailed and elaborated mechanism that makes it a possibility.

One of the way that's new and very exciting is Whaling, as the title suggest. Whaling refers to catching a bigger fish (Phish, in our case). The hacker community is little torn on the exact definition. Some like to refer to it as a way to snoop and hack a celebrity account, they referred as a bigger fish in the scenario.

I belong to the second category, who for some reason is very self involved and highly self complacent in the way that we go after the people who are hoarders in hacking community. They are generally newbies, excited and trying to spread there hacks all over the web and are very easy targets. They write some program and let it lose over the web for more people to fall for the trap. They are able to gain a lot of account information, they are like a noob with a machine gun looking for maximum casualty and do not worry about the impact.

So, here whaling is the trap for this people with lot of accounts under them. As I said they are easy to locate, just go to filestube and search "gmail hacker" a very common search that gets a lot of results. I will take the first hit and will go ahead and download the file.



It turns out to be a mediafire link and is downloaded easily.

Next step is to download a hex editor to decipher this file. Any hex editor is fine for the purpose the one I prefer is Bintext, its a free and a very tiny software and does just what is intended.

Lets, fire up Bintext and start the process. You will find something like the image below.



Now, lets check the file we downloaded. Beware before opening that file and use Sandbox for that, if you are uncomfortable.


So, as it turns out this guy is tricking me to give away my Email Id and Password and tattoo "Dumbass" on my forehead. Well, if you're falling for this then that's the next logical step for you, so quit reading further and go ahead get the tattoo done, you earned it.

Since, you are still reading, lets hope you didn't get caught in the net and now lets try and see how many actually got trapped.

Lets drop this file in the Bintext we already fired up before.


You find find some weird string patterns, don't worry about that. Look for the box at the bottom-right and type ".com" in the box and hit find.


So, after the search you will find the string as below


@!1234567890!@whitehatvrer@gmail.com@!1234567890!@mhheaven

This is the gmail account where all the guys who have a "Dumbass" tattoo backup their password. So, go use the password at the last and that's it. 

Now, the password may be on the next line from user id, but it will be very close to the id. So, now its up to you. Wanna have fun with the guy change the password and keep it all for yourself or go ahead and just be a bystander and see how many people are getting netted, since the moment you will change the password, the mailbox will stop receiving mails from the application. 

Anyway, go tryout, have fun and do check out the other posts. 

Tuesday, November 10, 2009

Little fun with scripts..

Like my previous post this won't be the core hacking guide but a window trick, since most readers here need something to pass to there friends and have fun.. so here it comes..

Here i will give you few codes for VB Scripts which you can copy to notepad and then save as ".vbs" and can execute directly or can convert it to exe too.. will give the link to the tool for converting at last..

so here are the things you can do..

1. Play with the Lights..!!!
turn on and off the caps lock of the system.. this will annoy the victim..
Set wshShell =wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "{CAPSLOCK}"
loop

2. This wasn't good enough..?? now, what if the Enter is pressed continuously..?? then use tis code..
Set wshShell = wscript.CreateObject("WScript.Shell")
do
wscript.sleep 100
wshshell.sendkeys "~(enter)"
loop

 3. Had enough with the keys..?? how about if the cd drive keeps poping out.. again and again.. ??
Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count - 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 100
loop

There are many other tricks you can Google them.. my main objective is to inform you and provide you with a tool to convert it to a more suitable format to use i.e. ".exe"

so here is the tool..
Download VBS to EXE Converter..

this is demo for 15 days but your job will be done by then.. or try finding the key for it.. Do comment..

Hack using Batch Files..

So, its long time since my last post.. So to start up again, we won't jump into core stuffs, lets have some fun and learn about things which you can do using your command prompt.. You can access all the functionalities you know about your system and even a lot more using the command prompt..

But the question is, suppose you know what to do in command prompt and annoy someone, but how would you do this in victim's system or someone, you wanna play prank..?? So, the answer is BATCH Files, the are the series of commands which you write in a notepad and save with a ".bat" extension. those commands are the one you write in the cmd of windows.. don't panic.. i will give some commands too at the end of the post.. Now don't you think it will be lot convenient if we could convert it to an ".exe" file..?? huh..?? so fine, i will give link to the software for that purpose too..

So all you have to do is to make a batch file and then just convert it to exe and send it to the victim.. and ya have fun then..

So lets start listing some cool stuffs you can do with batch files..

1. so start with the basics.. lets try shutting down the windows.. what say..???
so here is what you have to write in notepad and save with .bat extension, then convert it to exe
Shutdown -s -t 60 -c "So Sorry.. Bye.."
now you can change "-s" to "-l" for log off or to "-r" for restart.. the number after "-t" is the seconds before the  execution of the task

2. so, that wasn't fun..?? huh..?? how about swapping the mouse buttons..?? here it is..
@echo off
Rundll32 user32,SwapMouseButton
rundll32 keyboard,disable
msg * Enjoy Buddy.. You are Screwed..

now this will change his right mouse to left and vice versa..


There are many more tricks available with batch files but thats not our main objective.. you can Google it.. make your batch file and then convert it to exe using the converter below..


Download Batch to Exe Converter


if you have face any problems regarding creation of files or using the software, do comment..

Thursday, October 22, 2009

Download any video from youtube, Metacafe, blogs or any site you know..

Ya, Everyone enjoy finding their favorite videos over online video sharing site like Youtube, Metacafe, Myspace, etc,etc.. We surf over thousands of videos and we do download few of them using the sites like Keepvid, Clipnabber or some free tools for the purpose, which uses the url of the video...

Now, What if:

-Embedding is disabled by the author of the video in Youtube..??
-You are unable to find the real url of the video from some site..??
-URL is masked by the carring site..??
-Video is in blog, or any minor site not supported by our downloading tool or site..??

So, you end up not able to download the video you liked..?? You think there is no way now to get that video..?? so, sorry to break your belief, so now i will tell you how to get any video, without any effort or using any site or tool.. Ready now...??

Follow the steps:

1. Launch your browser, find the video you need, let it get buffered fully, enjoy it till then, then just close the browser.. Your half job is done... now some easy steps..
2. No, you don't need any tool or software, the video is in your own harddrive you just have to find the right place to look at.. find it and rename it..
3. For that to happen, visit your browser's cache location..(change the username)
Chrome:
C:\Documents and Settings\<User Name>\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache
Opera:
C:\Documents and Settings\<User Name>\Local Settings\Application Data\Opera\Opera\cache
Firefox:
C:\Documents and Settings\<User Name>\Local Settings\Application Data\Mozilla\Firefox\Profiles\<Profile Name>\Cache
IE:
C:\Documents and Settings\sham\Local Settings\Temporary Internet Files

4. Now right click and arrange icon by size or modifing date.. you will find the large size file, rename it to any name and give .flv extension.
5. Now, play the file in VLC or any other player supporting flv..

So, Now, don't surf around searching for video downloading sites or tools, and enjoy any video you like, download it without any effort..

hope you liked the post.. Do Comment
Hack Gmail

Featured Followers