Friday, July 31, 2009

Email Hacking!

"Hotmail hacking" is perhaps one of the most searched terms on the internet. It is something that you see everyone talking about, from novices and script kiddies to pros and security analysts. Today we are going to discuss what Hotmail Hacking is all about.

Though it would be kind of technically wrong to use the term 'hacking' here, but to skip the explanatory part about the line distinguishing hacking from cracking for later, I'll go by the term 'hacking'.

Disclaimer: The following information is just for the sake of knowledge and I shall not be held responsible for the misuse of any of this information.


Okay, so let's start with the question: Can you really hack hotmail accounts?


If you think you can, think again. Hacking hotmail accounts is not as cheesy as it sounds. Some of the best security professionals from around the world share the responsibility of making hotmail more secure and safe. So unless you have an extraordinary trick up your sleeve, literally cracking an account is not an option.

What you can do is apply different methods to guess the password which is called brute forcing in more technical terms, or to impersonate hotmail or msn and trick the user into you tell his password. This technique is called Social Engineering.

There are certain other ways which are also discussed below though their effectiveness depends on the expertise of the user more than the sharpness of the method.

Brute Forcing
- Brute forcing in simple terms is using all sorts of possible words in place of a password. Though once useful, this method has low credibility now due to increased user awareness level. But still, sometimes it can come in very handy. Do as follows:

1>>Connect the hotmail server on port 110 using telnet.
2>>Type USER and enter the username of the account you want to crack.
3>>Type PASS and then guess the password.
4>>Keep repeating until you are able to guess the password.

This can be done in a quicker and less hectic manner by the use of 'Brute Forcers'. A good brute forcer is Munga Bunga's HTTP Brute Forcer.

Using a Fake Login Screen
- The victim can be fooled into typing his password into a fake login screen which looks similar to that of a hotmail login screen. Such methods are wisely deceitful if used sensibly. Once the user types in his login details, they are mailed to a specific email address.

1>>Go to http://www.hotmail.com.
2>>Right click and select 'View Source'.
3>>Copy the source code and paste it in the notepad.

You can play with the source code to make a fake login page.

Javascripting and Cookies
- One thing should be very clear in your mind. If you want to learn how to hack, you have to learn basics of atleast a few programming languages which include Java and Javascript. Other mandatory stuff is of course HTML and VBScript. Learning C++ is always a starting point anyways. So the key is the fact that web programmers tend to use relatively easy web based languages at the expense of security sometimes. So if you know how to write wickedly in Javascript, you're on. Stealing somebody else's cookies can reveal their passwords at times. And yes, Google is your best friend. ;-)

Key-loggers and Trojans
- This is an old trick and due to increased amount of Antivirus Sofware in use these days, it's prone to getting caught. But if you're good with programming, you can write your own little keyloggers and Trojans and send them to the victim. They'll record all the keystrokes or the passwords of the victim and send them to you. You can also install a good key logger on your computer and trick the user to use his account using your computer. The key logger will record the password which you can later steal from the logs.

Social Engineering
- Ever got a mail telling you that your security is being compromised and you need to send your password to a 'BOT' to check it for strength? Or ever came across a 'hacking method' which asks you to send your own password along with a given script to 'hotmail server' to crack it? This is all trickery and is a direct consequence of the application of Social Engineering.

Have a look at this.


Hello Hotmail users. There have been many attempts to hack hotmail.com. Unfortunately all of them have failed, EXCEPT this one. I though have found out a revolutionary way to hack hotmail. And might I add it's as easy as ABC. After 8 months of research we have found the broken link. VerificationAutoBot to be exact. VerificationAutoBot@hotmail.com is a bot, an auto bot. You send it a letter and within a week it will send you one back. The ULTIMATE hack for hotmail is as follows:
First send a letter to verificationautobot@hotmail.com, second within the Subject heading place the word "Password" (not in quotes but has to have a capital P) this way the automated bot recognizes what you are after. Then in the text field place the name of the person at hotmail that you want to hack (Do not put @hotmail.com after their name). No capital letters are to be put in this place. Then skip three (3) lines and place your own hotmail account information such as: "My login:My password" (a semicolon makes it easier for the bot to recognize). This way the bot can verify that your account actually exists. And then supplies you with the password for the person's account that you want it for. Here is an example:

--------------------------------------------------------------------------------

To: verificationautobot@hotmail.com
bcc:
cc:
Subject: Password
login of the person you want to hack
yourlogin:yourpassword
--------------------------------------------------------------------------------
This IS the only way to hack hotmail. Use it with care.
Thank You Hackers attackers


This is a trick to get you to reveal your passwords!


Though sounds a little naive, but a lot of people fall for this trick. Remember!
Never ever follow any method which requires your own password to be sent to a third party; let it be a bot or Hotmail Security Server or whatever. But if you turn the tables, this trick can come in pretty handy at times. ;-)

Keep looking for more! Happy Hacking! :D

Related Posts

Want to learn more about Telnet? Click here for a tutorial!

0 comments:

Post a Comment