Thursday, November 24, 2016

// //

How to change wifi password

Hey There, I know why are you on this page and i know what you need. You know why you landed on this page because it is right for you google knows it and it landed you on this page for the term like "how to change wifi password" or "change wifi password".

Why you need to change wi-fi password

In our previous articles as you have seen or not we showed how easy it is to hack a wifi password and any noob can do it by using a tutorial found on internet. This could be happening with you. or it could be like you have told someone your wifi password and now they are using more of your wifi then you and all of your bandwidth is emptied by them every time. There are many of these reason that i cannot mention right now beacause it will change our topic so let's head to the tutorial.
what i recommand is change wifi password once in two to three days for your own security and safety like i do change my wifi password every third to fourth day. So that no one can access my network and data.
I have created this tutorial for internet surfers like you who have problems with their shitty wifi network. This tutorial is going to solve all your problems related to wifi whether you are geek or noob user if you have problem with your wifi this tutorial will be the solution.
First you need to get into admin pannel. For that open your browser and type the local address to you wifi admin pannel. There different address to different devices. If you know the address to your admin pannel then thats great. And if you don't then don't panic and try to find it on your router back its usually there. In my case it is

192.168.1.1 
Yours could be 192.168.8.1 or 192.168.10.1 or anything. If you still don't have it you can search for it on the internet just type your router's company name and router name and for admin pannel address and there you have it. No it will ask you for your admin pannel password.

Its usually admin : admin or admin : password. It could be different because sometimes it is set on the installation of router. Again you can search for default passwords on the internet for your router or try to find it on router's back.
Once you are in you will have access to the everything you need to change your wifi password.

What you can do with wifi admin pannel

You can also change configurable items such as security logins, encryption parameters, WiFi settings, Wifi SSid name, Passwords. There is also some advance settings like opening ports adding application and much more.

How you really gonna change you wifi password

You will need to understand the simple terms in wifi world that might be useful to our tutorial.
  • Your network name can also be known as a Wireless Network Name or SSID.
  • Your WiFi password can also be known as a WPA Pre-Shared Key.
Step 1:
First of all open your browser(software).
Step 2: 
Open admin panel
Step 3: 
Once you are logged into your router, you will need to find the Wireless section of the configuration page.. Go to wifi (wireless) settings. Again it could be different for device to device.

  • If your "Wireless" section has multiple subsections, open the Wireless Security page.

Step 4:
Change the password. Look for the box labeled "Password", "Passphrase" or "Shared Key". You can enter your new password into this box. Some routers will ask that you type the password again to ensure that you entered it correctly.
Note:
  • Make sure your password is secure. Never use passwords such as "password," "12345," easily-found dates or names, etc., and never leave your wireless router with no password at all!
  • Try to create a strong password that would be difficult if not impossible to guess. It should not be related to anything personal, and should include a liberal amount of numbers, random cases, and special characters such as "!", "$" and "#".
  • A strong password is usually at least 8 characters long.
Step 5:
Check out your security type. There are three main types of wireless encryption: WEP, WPA, and WPA2. For the most secure network, you should be using WPA2. You may run into issues connecting older devices, however, in which case you could switch to WPA or WPA/WPA2. Selecting WEP is NOT recommended, as WEP encryption is very easy to break (it can take less than 30 minutes to crack a WEP password).
Step 6:
Change your network name. While you're here, take a moment to change your network name if you have not already. The name should not include any personally identifiable information, as the name will be publicly broadcast. Changing the name will help deter people from trying to break into it. Routers with default names are seen as easier hacking targets.
Step 7:
Save your settings. Once you are done entering in your new password, click the Apply or Save button. The button's location is different for every router, but is typically located at the top or bottom of the page. The router will take a few moments to process the change, at which point any devices currently connected would be disconnected.

  • After your settings are changed, you can connect to your wireless network using your new password.
You can have following questions if you are newbie:
Q: How can i change wifi password if I don't have a computer?
Ans: You can easily do it with your android device or anyother handset. Just Open any web explorer in your handset and do the things like this tutorial show you to do with pc.
Q: How many times can I change my WiFi password in year?
Ans: Well its upto you. You can technically change your WiFi password as many times as you want in a year. How many times you choose to do it depends on how secure you want your network to be. If you want to keep it really secure, you might choose to change your password as much as once a week. However, you should also consider convenience when making your decision. Every time you change your password on your router, you'll also have to enter the new password on all the devices that regularly connect to your network.
Q: How can I find my router's password?
Ans: If it has not been changed, it should be on the manual or on the router itself. If it has been changed, and the original/factory password doesn't work, then you need to reset it. You can do this by pressing the small, red reset button on the router. Note that this will reset ALL settings to their default positions.
Q: What is the password of the login admin?
Ans: Try any of the following: admin, changem, or password. Some routers don't require a password, so you could also try leaving it blank. As a last resort, you could check your router; it will most likely have the default admin password written on the back or on the bottom.
Q: I can't open my router's configuration page. What should I do?
Ans: Go to google and then search for "MY IP". Then google will show you an ip address. Copy it and paste it in your browser's url column and press enter. Then it will ask your for a username and password. By default, both are "admin". Type those and you can log in. (You should be connected to the wifi from that router.) Then go to the settings page and look for PRE SHARED KEY. That is the wifi password. Just change it.
Q: What if I have forgotten the password?
Ans: Push the reset button on the router for 30 to 40 seconds and the router will reset to default, then you can use the default password on your router.
Read More

Friday, November 18, 2016

// //

How to hack gmail account

Hey there, You are here at this page that means you are searching for the words and phrases like "hack gmail" or " how to hack gmail password". And google landed you here that means this page qualify for what you need. Yes this is a tutorials for beginners to hack into anyone's gmail account. This is only for educational purpose and our website cannot be responsible for what you do with the information you get here as we have declared in our disclaimer page.
You can use this to test your own accounts security
If you have forgotten your password you can e get it back by this tutorial.
Gmail is one of the largest free and paid mail service provider by google. Gmail is one of the most secure mails service. But you know what "Nothing is secure." And we are going to prove it today.
We have found and discovered some of the working methods to hack gmail accounts by using some tricks and scripts
Let us not waste our time and get to the tutorial.

Hack gmail password

The only way you'll be able to "hack" into someone's account is by stealing their password. If your target has two-factor authentication, you'll need their mobile device as well. There is no other way around two-factor authentication.

Outline of the methods that can be used to hack gmail password

  • Hacking a gmail using wireshark and man in the middle attack
  • Hack someone's gmail account using keylogger
  • Hack a gmail password using browser password manager
  • Hack gmail by creating a Phishing site
First of all we go with the tutorial of using wireshark

Wireshark and MITM attack to hack anyone's gmail account

Wireshark is a network utility used by sysadmins and network manager to analyse the network traffic passing by. Wireshark is mos powerful network analyser tool used for big data networks and more. And this tool is going to help us get into someone's Gmail account. Luckily this is free tool and you can install it on windows mac and as well as in linux which is great for windows and mac users but we are going to use it on linux and most famous hacking os Kali Linux. And for MITM attack we are going to use a tool called ettercap which may be you are already familier with, is an important tool for network security
Step 1:
Fire up Kali Linux.
Step 2:
Open Wireshark You can do that either with terminal or direct open it from the menu(its upto you)
and put it to listening mode on wi-fi or ether-net either of which interface you are on.
Step 3:

Third step includes ettercap. 
open ettercap
Choose your interface.

Step 4:
We are going to use Man in the middle attack

It could be done by spoofing your Ip-address with gateway address.
You can do it by clicking on Mitm section and then spoofing Ip addressses.
Now your Ip-address is the gateway and all the traffic is going through your ip.
you can scan all the traffic with the wireshark.
Now when the user opens gmail site and entered his email and password you will have access to that data.
Step 5:
There is one other thing. Gmail has SSL encryption and you will have to use another script like sslstrip or sslsniff to bypass ssl encryption. There is a module in ettercap for that purpose but it doesnot works sometimes. You have to download and install sslstrip and use it. And you can have the passwords all by your self.

Gmail Hacking using keylogger


A keylogger is a program that logs the keystrokes on the computer it is installed on. There are a variety of keylogger programs available for free or for purchase online, with varying degrees of stealthiness. Be sure to research all of your options carefully. Popular programs include:
  • Actual Keylogger
  • Spyrix Free Keylogger
  • BlackBox Express
  • KidLogger
  • NetBull
  • Lola
Step 1:
Install the keylogger on the target's computer. You also can remotely install a keylogger on someone's computer using metasploit or anyother hack but that method will be for some other day. Today its just you have to install a keylogger by your own power and technique.
Step 2:
Run the program on the computer and it will do the rest for you. You may also need to configure the keylogger if it has multiple functionalities in it.
Step 3:
Let the software run while the victom uses the system. Whatever he types on the system it will be logged into it. and you can have it by doing step 4.
Step 4:
Collect the logs. Some keylogger has the function of sending the logs to the users by email or some other interface but in some cases you have to go get the logs from computer via usb.
Step 5: 
Enjoy the email access to victom's account.

Using browser password manager

Step 1: 
Open the web browser that your target uses on their computer. You must have access to that person's computer. Try this when they're out of the room or you know that you have a few minutes alone.
  • Open a link from an email or a Help menu to launch the default browser.
Step 2:
Open the password manager. The process for accessing the password manager is different depending on the browser you are using.
  • Internet Explorer - Click the Gear button or the Tools menu and select "Internet Options." Click the "Content" tab and then click the "Settings" button in the AutoComplete section. Select "Manage Passwords" from the new window.
  • Chrome - Click the Chrome Menu button (☰) and select "Settings." Click the "Show advanced settings" link and then scroll to the "Passwords and forms" section. Click "Manage passwords."
  • Firefox - Click the Firefox Menu button (☰) and select "Options." Click the "Security" tab and then click "Saved Passwords."
  • Safari - Click the Safari menu and select "Preferences." Click the "Passwords" tab.
Step 3:

Find the password for your target's Google account. Use the search bar in the password manager to search for "google". This is the quickest way to narrow down the list of passwords. Look for the "accounts.google.com" entry for the target's Gmail address.
Step 4: 
Try the password. Again if the target has not enabled two-factor authentication, then you should be able to access the account. The target will likely be notified that a login has occurred from an unknown browser.
  • If the target has two-factor authentication activated, then you will need the code that is sent to their mobile device. There is no way around this if it is activated.

Hack gmail by creating a Phishing site

  1. Phishing is a way to capture sensitive information such as usernames, passwords and credit card details.
  2. It usually involves the use of a spoofed Gmail page (or a fake Gmail website) whose look and feel is almost identical to that of the legitimate websites Gmail website.
  3. When the users try to login from this fake Gmail page and enter their password there, the login details are stolen away by the hacker.
  4. However, creating a fake login page for Gmail and taking it online to successfully steal the password is not an easy job.
  5. It demands an in depth technical knowledge of HTML and scripting languages like PHP, JSP etc. In addition to that, carrying out a phishing attack is a serious criminal offence. So, unless you’re a pro hacker I only recommend using the keyloggers to hack Gmail password.

Some Questions and Answers

How do I recover my Gmail password?
Go to the 'I've Lost my Password' option and follow the process outlined there to recover it.
My email has been hacked. How can i get it back if they changed the phone number and recovery email?
You can recover back your account. Go to the m.gmail.com or account.Google.com >> need a help ?>> I don't know my password >> enter your your gmail address >> fill type box message >> last you remember password >> enter you have been hacked before your password. Sometimes the Google sever will accept your old password but if the hacker set off the 2 step verification security process, you need your personal information and your account data to reset it all.
Can someone hack my email just by knowing my email address?
No, sharing emails is just like sharing a telephone number. The worst they can do is annoy you with spam messages.
I've forgotten my password for my main email and my recovery email. What can I do?
You can try using this account recovery form, but if you don't have other recovery methods set up, it's unlikely to work.
I don't know my Gmail password. How do I hack into it?
If you are simply looking to get back into your own Gmail account, click on "Forgot my password" and answer the security questions. This is easier than hacking into the account.
My gmail account has been hacked, how do I get it back?
Visit your security settings if you can still log in. If you can't, visit the account recovery page.
How do I get my Gmail account back if it has been hacked?
You should contact Google and explain the situation. They may be able to help you recover your account.
How can I get my Gmail account back if someone hacked into it and changed all of the information?
Just click on the forgot password option and enter your personal mobile number for verification. Enter the otp and get access into your account.
How can I hack into the school bully's email account without downloading anything?
You shouldn't. Hacking is illegal when done on public networks. If someone is bullying you, tell your teacher, or someone else who can do something about it.

At The End

If you have further questions ask us in the comments section we will add them in the article with answers.
Read More

Wednesday, November 16, 2016

// //

How to hack instagram account

Instagram Facebook Twitter Pinterest overall are actually pretty safe however as long as we have passwords there are people out there who try to guess them or use programs to gain access to your account. If they get the password able to get into your account. Take the right measures. Easily hack instagram accounts of anyone without the use of any suspicious software. Everyday thousands of accounts are being hacked this includes Instagram – one of the biggest social media websites worldwide with over 100+ million registered users and gaining millions of page views everyday!
This tutorial is only for education purpose and any of us would not be responsible for anything that is done illegal due to this article

Why would you want to hack instagram?

Do you suspect your spouse of cheating, are you being overly paranoid or seeing signs of infidelity…Then he sure is cheating. It really can be very useful for so many different types of people. Whilst you might associate this type of service with hackers and people that are up to no good that isn’t always the case. In fact, after carrying out extensive research during the stage where we were providing this information to users on request we found that around 75% of contact requests came from users who had either been locked out of their own Instagram accounts by accident or from those who hack already had their Instagram accounts hacked by other people and were simply trying to get them back.
Other reasons why you might want an Instagram password hack include:
  • To gain your own account back after becoming locked out
  • To retrieve an account belonging to you that has been previously hacked in to
  • To play a prank on one of your friends
  • To steal an Instagram account from a competitor
  • To take control of a dormant Instagram account that a significance to you

By hacking into their facebook account

Yeah! you have read it right. You know many of instagram accounts are linked to the facebook accounts and people use facebook to get access to their instagram account. Moreover many of the instagram accounts are created based on facebook api. So it could be the way to get access too instagram account. Now you can ask me that how you will be able to hack into facebook account. That's simple follow our tutorial of facebook hacking and get your hands on to the instagram account.
Really this could be it for you if you just want access to someone's instagram profile or wanna see some private photos of them. But if you want the password of their account or do any kind of prank on your friend by changing their password then thats not your way to go. Their are other methods to for instagram password hacking which you will read later in this tutorial.
How you will get access to instagram via facebook?
That's easy just hack facebook account and then login via facebook.

Almighty Phishing

Phishing is a type of social engineering and as most of the social engineering techinques. Phishing is a very deceptive way to get around critical infromation. Information could be any govermental document or it could be anyone's facebook password. As quoted
Social engineering has become about 75% of an average hacker's toolkit, and for the most successful hackers, it reaches 90% or more.
Humans are really the weekest link to the security networks. We do think we know everything and we cannot be decepted by anyone. and yet we make mistakes. You know every big hacking attack in the history of hacking and technology was due to human errors and mistakes and not by any security system.
As we have learned about phishing on facebook password hacking tutorial. Phishing is the way to get a clone of orignal website and redirect the user their. One can access to the instagram password that easily.
With the Email ID known, a Hacker can create a Phishing Site and send the victim that makes the victim accidentally give away his / her account info such as Username and Password even with the latest 2-Step verification enabled.

Keylogger can really hack

Another known method is to insert a keylogger that captures everything you type (including backspaces) and sends them to the attacker. You have learned about keyloggers in our previoud tutorials. You can use that knowledge to get around keyloggers.
Its really that easy keyloggers works like charm and maybe the most easiest way to get access to any kind of passwords and usernames. You can use keyloggers for gmail password hacking, facebook hacking or anyother social media service you want it will get you results. Their are many good keyloggers (free and paid) softwares. But if you are buying a keylogger first do the full research.

Session hijacking is the way to go

Another method is to hijack your session using cookies (also known as Session Hijacking) if the attacker is connected to your Network. If the victom/target is within your network then you can easily hijack his session. you can do that by sniffing through his/her traffic and filtering out the results for instagram. Really that works.
Install wireshark. then install cookie cadger. and then perform a Mitm attack or decept his/her traffic. By following the exact same steps you can easily get access to the cookies. You can use this cookies to login into his/her account. The step by step process is described in our previous posts for session hijacking.

Password managers can be tricky sometimes

As we have used password manager in the facebook hacking article. You can follow the exact same steps to hack an instagram account.
Open the password manager. In most cases, this will be password-protected. If you know the password, you can easily view and apply any saved passwords to their appropriate services.
  • If you don't know the password, you'll have to rely on autofill data for the website or program you're attempting to log into.
Try entering an account's username. If the account you're trying to access has a saved password associated with it in your selected browser (or program), it may automatically enter the password for you once the username is entered.
  • Google Chrome and Mozilla Firefox both do this if the user has the cookies and autofill features enabled.
  • If the account holder's computer is a Mac and you have their Keychain password, you may be able to use Keychain to access their stored passwords by navigating to Keychain Access (it should be in the Mac's Utilities folder), opening the "Passwords" tab on the left side of the screen, and selecting the pertinent password. After entering your Keychain password, you'll have the option to display the password in plain text.

Hacking Thier Machine

This could be your last resort for instagram password hacking. Now a days computers and mobiles are not that secure.
You can say that as they were ever secured. I know they were also not secure before but no one knows how to exploit them and now a days litterly every tech website is teaching the ways to hack a computer or mobile. Even youtube is full of that stuff. Now if you have access to their pc or mobile you could easily access to password managers and stuff.

At the End

This will be the end to the article. We will try to update the article to new information. Let me know what you think about this in the comment section below.
Read More

Thursday, November 3, 2016

// //

How to hack whatsapp account


Nothing in this world is unhackable, encryption are just mathematical equation that is hard but not impossible to solve without knowing a factor. If you really want to hack or spy on anyone's WhatsApp this tutorial is for you.

Possibilities of Whatsapp hacking

Since WhatsApp has become one of the popular app to share messages and media instantly, it has also become a favorite place for many to engage in illicit activities. Therefore, in order to investigate the truth people are left with no choice other than to hack WhatsApp account. Most of the smartphone users such as for iPhone, BlackBerry, Android, Windows Phone, and Nokia are fascinated towards WhatsApp messenger as it provides innovative and amazing features.
People have many queries for "how to hack whatsapp account", "is it possible to hack whatsapp", "how to hack whatsapp chat". Well today is your lucky day and you have found the tutorial. This will surely help find your goal and you will be able to hack whatsapp massages.

Mac Spoofing to hack into someone's whatsapp account

There is a method to hack WhatsApp known as Mac address spoofing which involves spoofing the Mac address of the target phone on your own phone.
To spoof the Mac of the target phone, follow the below-mentioned steps:
  1. Find out the Mac address of the target phone on which you need to hack WhatsApp account:
  • Android – Settings —> About Device —> Status—> Wi-Fi MAC address
  • iPhone – Settings—> General —> About —> Wi-Fi address
  • Windows Phone : Settings >> About >> More info >> MAC Address.
  • BlackBerry : Options >> Device >> Device and Status Info >> WLAN MAC
  1. Once you have the Mac address of the target Whatsapp phone, you have completed the half way.
  2. Next, install WhatsApp on your phone and enter target phone number and verify it
  3. Now, you have an exact replica of the target WhatsApp account and you should receive all the conversation and updates on your phone as well.
This method of WhatsApp hacking is quite time-consuming and is known to have less success rate.Let’s get into the details of the mac spoofing method to hack Whatsapp.

What is a MAC address

A MAC address is a 12-character unique identifier assigned to the network adapter of your WiFi device. A MAC address can be used to uniquely identify the smartphone on the Internet or the local network.
If you want your target to be hacked, you need to find the MAC address of their account.
Follow below steps to get WhatsApp hack.
Step 1: Uninstall Whatsapp from your device
Get the mobile phone of the victim that you desire to access. Though it is the little bit rugged, try to acquire the mobile phone of the victim.The victim’s mobile phone will be essential at two variant steps throughout the hacking process.Initially, you must uninstall Whatsapp from your device.
Step 2: Acquire the smartphone of the target (victim) that you wish to Hack
Step 3: Locate the MAC  Address from the Target’s Phone
A MAC address varies from one device to other. So, find the platform of the smartphone that is used by the victim.A MAC address consists of six pairs of digits that are separated by colons. For Example, it looks like (01:53:35:47:78: CB).
You can check the mac address of the different type of devices at the locations specified above in the mac spoofing overview.
Step 4:
Alter your MAC address similar to the victim’s MAC address
Spoofing the MAC address allows your mobile device look similar as victim’s device.By spoofing, there is an advantage of letting you persuade Whatsapp that you are logging into our own account.But, truly you are trying to log in into the victim’s Whatsapp account.

Mac spoofing apps that can change the mac address

  1. iPhone users can use MacDaddy X or WifiSpoof app to change their MAC address.
  2. Android users must have busy box installed in their system to spoof the mac address.
Busybox is the necessary component for the spoofing of mac address.if you have busy box installed then you need certain apps that can be used to spoof the mac address of your device some apps works only with certain architectures so don’t get upset if some apps did not work for your device try other apps found on google play store.I am going to list down some of the apps that worked for me and may work for you.
The first app is terminal emulator install it from play store and go with the below process
  • In the terminal, type “IP link show” and you can view a list of interfaces.
  • Identify the one that has your MAC address.
Assume we’ll use the eth0 interface. In the terminal emulator, enter
IP link set eth0 address XX:XX:XX:XX:XX:XX
and
IP link set eth0 broadcast XX:XX:XX:XX:XX:XX
where eth0 is the interface you identified and XX:XX:XX:XX:XX:XX is your target’s MAC address. In order to verify that you’ve changed your MAC address successfully, enter
ip link show eth0
Other Apps that can help to spoof mac address are given in the list below
Step 5: 

Now configure WhatsApp with target phone number
After installing and configuring Whatsapp account on your device, you access the victim’s WhatsApp account.Enter the victim’s phone number so as to set up WhatsApp rather than your own.This allows you to receive and send messages from the victim’s account.
Step 6:
Attain Confirmation Code from the victim’s mobile phone
During the WhatsApp configuration process, a confirmation code will be sent to the victim’s phone number.Access the victim’s phone for the last time to acquire that verification code.Enter it into WhatsApp that is on your phone.
Finally, you have successfully hacked the Whatsapp account of your target with mac spoofing method.If you don’t wish the victim to detect about your spoofing, make sure to delete the confirmation code from their device.

Install a Spying app on victims mobile

The easiest way of spying WhatsApp messages is to use a spy software program. In the current marketing trend, there are bounteous companies that are promoting WhatsApp spy programs. In spite of many companies, we must choose genuine spy apps that are trustworthy. One of the best software to spy on WhatsApp is mySpy which is well-known for its quality and it is one of the top-notch features. You will have to download and install the mySpy app onto the victim’s phone on which you want to access and monitor the WhatsApp messages. Make sure that you can keep the victim’s phone with you for few minutes.
Step 1: Get permission to monitor victim’s phone

The spy apps that you use are very much essential and intended for the employees, parents, government officials in order to access or monitor the activities of subordinates, children and other . Before proceeding, make sure that the victim gives permission to access and monitor their mobile.
step 2: Select apt SPY program or app

Various spy apps or programs are offered by various app providers. Study and analyze in order to find the best spy program that best suits your mobile device. You need to consider the following factors to select a genuine app.
  • Purpose of the app
  • Efficiency of the app
  • Whether it hides spy activity undetected from the victim
mySpy and Spymaster Pro are very good apps or programs that can be used to access other’s WhatsApp account.
Step 3: Purchase and install best spy program
  • Buy a genuine app and install the app by following the on-screen instructions.
  • This app must be installed on your phone as well as the victim’s phone.
Step 4: Configure the app and initiate tracking

  • Follow the instructions so as to install the app and make sure that you complete all the settings properly so as to start the hacking process.
  • Now, you can receive all the conversation on the victim’s account. Successfully, you’ve accessed the WhatsApp account of your friend or beloved ones.

At the End

Here it ends. You can Hack anyone's whatsapp account with this tutorial. Let me know if it's helpful or not in the comment section below
Read More
// //

How to hack facebook account

Yes facebook account can be hacked. But not the way your are thinking it could. For hacking a facebook account an attackers does not target facebook.  It is illegal to perform hacking activities without their permissions unless you are part of the bug bounty program.
Instead of trying to hack a company which spend millions on its security and infrastructure, compromising a victim's computer system is a low hanging fruit. Once the attacker setup keylogger and backdoor on victim's system, all user activities and accounts including email, social networks, banking, etc can be stolen.
All the hacking groups who hacked twitter and facebook accounts of major companies didn't hack into Twitter or Facebook networks. They targeted the employees of those companies and got lucky in compromising the right user who had passwords for those social networks stored in their system.
Attacker goes for users as humans are weekest link to security they can be easily compromised unless they know the hacking tactics themselves.
You won’t be vulnerable to hacking if you understand how hacking works

Why You should learn to hack facebook

There are tons of reasons that why you should learn to hack. As above  quote stated you will not be vulnerable to facebook hacking tactics used by hackers if you know those tactics too.. If you know how a predator prey on his victims then you would probably save yourself.
These are some of the scenarios you could face in the real world

Facts not worth worrying about

  1. You forget to log out of Facebook from a public computer, or you forget to lock the computer screen at work or at home, and someone else besides you, go to that computer and write on your Facebook wall that you've been "hacked". This has nothing to do with hacking at all (it is related to "red teaming" though, except during this type of exercise, getting access to Facebook accounts is not the target and never will be), but it is probably the most commonly seen "hack". This poses no threat to you, except embarrassment in some cases.
  2. A friend who knows your password, logs into your account and writes on your Facebook wall that you've been "hacked". The password was obtained by asking you for it (beginner level of social engineering, except that this case is not really social engineering if you give up the password when asked for it directly), seeing you type it in (shoulder-surfing), or simply guessing what it is (online brute-forcing). This has very little to do with hacking and poses no threat to you, except embarrassment in some cases. In case this happens, reset/recover your password. This is the most common scenario where Facebook accounts are "compromised", but not really compromised.

How your facebook account can be compromised

  1. You receive an email from a non-targeted mass-phishing campaign that prompts you to log into Facebook, or reset your password. This attack is likely to occur, but can be prevented by not falling for phishing tricks;
  2. You use an app on Facebook that compromises your computer. Similar to malvertising. There is close to no protection against this attack, except not using phony looking apps on Facebook. However, your computer could also be compromised through other websites you browse. In cases of malvertising, the attackers are rarely interested in your Facebook account. They would much rather have access to: passport photos (identity theft), bank accounts, processing power (bitcoins), and network resources (other computers to compromise, or to perform DDoS attacks);
  3. You live in a country that performs heavy monitoring on its citizens. In this case, the mobile phone you buy has likely pre-installed government malware on it. The Internet connections are likely monitored as well. There's nothing you can do without educating yourself about computers.
  4. You "root" your mobile phone. This disables almost all safety/security controls making it easier for your mobile phone to get compromised.
  5. An attacker looks at your profile and looks at all the public data that is exposed to anyone on the Internet. Based on this data, the attacker attempts to recover/reset your password, or even guess it. People tend to use very simple passwords. It's unlikely someone will attempt to hack you this way, unless you control a very popular Facebook page or group with at least 10,000, 100,000 or 1,000,000 subscribers/fans;
  6. An attacker befriends you on Facebook, for heterosexual males this could be a "hot" female, and vice versa. The attacker is able to obtain more information as your friend, in case your privacy settings are more strict for "non-friends".

Why Would hacker not want to hack your account

Attackers will generally not be interested in hacking your Facebook account at all (seriously, hackers don't see any value whatsoever in your Facebook account) unless:
  1. You're a well-known celebrity;
  2. You control a Facebook page or group with +100,000 fans/members, preferably 1  to 10 million;
  3. You have an important role in a large company, where you have access to financial transaction data. In case you do have such a role, don't worry as common sense, will likely never get you hacked by the common tricks they use. In case they do compromise your identity including your Facebook account, you will likely not notice.
There are probably a lot more scenarios, but unfortunately I don't have the time to come up with all of them. If you're going to relay this information elsewhere, keep in mind that you need to relay the exact wording or it will otherwise not make sense.

Yes your facebook account can be compromised

May or may not an attacker target your facebook account but your account can be compromised in many ways (i.e. by multiple methods) and it does not take a master hacker to hack it any noob can do. but there's no reason to worry as the adversaries (i.e. unethical hackers) are likely more interested in everything else besides your Facebook account. Let's get to the tutorial.

Reality of online facebook hacker

To the best of my knowledge there is no such tool, you won’t find it anywhere and yeah if you google it, you would find many websites claim that they are providing free hack tool either online or offline but you cannot download it without completing a survey. Even after completing a survey you won’t get anything in the end. These things are posted only in the intention of making money. Don’t waste your precious time in searching such hack tool. If you want to know how hackers could hack someone’s Facebook account, please go ahead and read the techniques listed below.

Phishing a facebook account is like real world fishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

How phishing works?

In simple words, Phishing is a process of creating a duplicate copy of a reputed website’s page in the intention of stealing user’s password or other sensitive information like credit card details. In our topic, Creating a page which perfectly looks like Facebook login page but in a different URL like fakebook.com or faecbook.com or any URL which pretends to be legit. When a user lands on such a page, he/she might think that is real Facebook login page and asking them to provide their username and password. So the people who do not find phishing page suspicious might enter their username, password and the password information would be sent to the Facebook hacker who created the phishing page, simultaneously the victim would get redirected to original FB page.

Keyloggers are really dangerous malware

The second, and probably most common, is via a keylogger. This is malware placed on the victims computer that records keystrokes and then ideally, sends it back to you. If you have access to the target computer you can manually do it, if not, you will have to find a way to get them to (unknowingly of course) open the keylogger.

Malicious Browser Extensions

This method doesn’t let the hacker / attacker give complete access to your Facebook account but gives some power to control your account indirectly. I’ve seen multiple Google Chrome and Firefox add-ons which hiddenly perform actions like following a person, liking a page on behalf of your Facebook profile.
When you visit some malicious websites or web pages, you will be prompted to install a browser add-on. Once you install the addon, it would perform all the tasks described by hacker or attacker who created it. Most actions are posting status updates on your wall, liking a Facebook page, following a person, adding you to some Facebook groups, inviting your friends to like a page or join a Facebook group etc. You may not know these things happening in your Facebook account except when you check your Facebook activity log periodically.
You can monitor your activities using a Facebook feature called Activity Log. You should not trust any third party websites prompting you to add a browser extension. Install add-ons only if you trust the publisher. Why should you take a risk if you don’t know the publisher or intention of the addon? Stay from those malicious browser extensions.

Malicious facebook apps

All the apps you use in Facebook are owned by the third party and not by Facebook. Of course, there are few exceptions like Instagram. A malicious application which is requesting your permission could do almost all kind of stuff on your Facebook profile.
Whenever you find Login using a Facebook option on any website, you should come to know that it is a third party Facebook application not owned by Facebook. When you click Login using Facebook, you will be shown a permission dialog box with the requested permission details. Once you click okay button, the requested details can be accessed from Facebook or the requested actions can be performed in your Facebook account.

Permissions asked by facebook apps can lead to total hack

They can ask these permissions which is in other words a total control of facebook account
  • Post photos and status update
  • Share link to your timeline or to any group you belong
  • Manage your page
  • Post on behalf of you on the Facebook pages you own
  • Access your personal information
  • Access your photos including “Only me” privacy photos, sometimes they can access your mobile photos using a Facebook vulnerability
These are just examples of what could be done. What if the application you are using is malicious? It could spam your Facebook account with the bunch of worthless content.
You should always be aware of what permissions you give to a Facebook application even though Facebook is reviewing application’s permission requests. Don’t give permission to an application if you don’t trust the website or application.
You can edit the information you give to an application in the permission dialog box (snapshot given above). Also, you can review the applications that have access to your Facebook account here.

SS7 is the most dangerous hacking attack ever

Researchers have proven just that by taking control of a Facebook account with only a phone number and some hacking skills to exploit the SS7 network, a core piece of telecoms infrastructure shown to be vulnerable repeatedly over the last half decade.
The hackers exploit a flaw in the SS7 protocol for hacking Facebook accounts just by knowing a victim’s phone number. The technique allows bypassing any security measure implemented by the giant of the social networks.
SS7 is a set of protocols used in telecommunications ever since the late 1970s, enabling smooth transportation of data without any breaches.The attack method devised by the experts from Positive Technologies works against any service that relies on SMS to verify the user accounts, including Gmail and Twitter,telegram and WhatsApp.

In the case of facebook

The attacker first needs to follow the “Forgot account?” procedure by clicking on a link present in the Facebook homepage. At this point, when asked for a phone number or email address belonging to the target account, the hacker needs to provide the legitimate phone number.
At this point, the attacker can exploit the flaw in the SS7 to hijack the SMS containing a one-time passcode (OTP) that is used to log in the target’s Facebook account.
Hacking a Facebook account ais possible only if users have registered a phone number and have authorized Facebook Texts.

At the End

We will try to keep the article updated. Please provide the response towards the article in the comment section below
Read More
// //

How to hack wifi password (Updated)

Hey there visitor, You reached at the right destination if you are searching for the phrases like " how to hack wifi"or "hack wifi password". Because this article is all about hacking wifi and breaching all type of securities related to wifi. You may not become an ethical hacker after reading through the whole article but you will surely be able to hack into wifi networks. I am Anox prop and i will be helping you with your problem.
But you know what if you practice anything you learn from us or any other website on the internet about hacking wifi or hacking into something bigger without the permissions of the owner then you might get in trouble. This tutorial is only for educational purpose
[off topic]if you have watched tv series like "Mr robot " and your inner hacker is rising from sleep then you should stick around and follow our hacking series. We have started hacking series of articles in which we are spreading knowledge towards the geeks about beginners and technical hacking.

An Outline about whats ahead

  • Requirements for tutorials
  • Wifi Securities overview and analysis
  • Hacking Tools for wifi (Introduction)
  • How to hack wifi (two methods)

Null and bolts needed to hack wifi password

You will need certain environment to hack into wifi. You can't hack a wifi network using a windows machine so here are the things you need to hack wifi password
  • Any linux distro will do the magic. I prefer kali linux.
  • Wifi Hacking tools(already configured in kali linux)
  • A laptop/pc

Overview of wifi securites

There are many wifi securities and they are used on wifi networks to make them secure.
You know that quote right?
Nothing is secure
Yeah, that's true nothing that is related to computers is secure and we  are going to prove it today for the so called secure wifi networks.
Since the late 1990s, Wi-Fi security algorithms have undergone multiple  upgrades with outright depreciation of older algorithms and significant revision to newer algorithms. A stroll through the history of Wi-Fi security serves to highlight both what’s out there right now and why you should avoid older standards.

List of wifi encryption

There are three types of wifi encryption
  1. WEP(Wired Equivalent Privacy)
  2. WPA(Wi-Fi Protected Access)
  3. WPA2(Wi-Fi Protected Access 2)
These wifi encryption technologies most commonly used in real world and are insecure as hell.
First is WEP and can be cracked easily when configured appropriately. This method of encryption can be cracked within few minutes or hours. Yes you heard it right.

Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP) is the most widely used Wi-Fi security algorithm in the world. This is a function of age, backwards compatibility, and the fact that it appears first in the encryption type selection menus in many router control panels.
WEP was ratified as a Wi-Fi security standard in September of 1999. The first versions of WEP weren’t particularly strong, even for the time they were released, because U.S. restrictions on the export of various cryptographic technology led to manufacturers restricting their devices to only 64-bit encryption. When the restrictions were lifted, it was increased to 128-bit. Despite the introduction of 256-bit WEP encryption, 128-bit remains one of the most common implementations.
Despite revisions to the algorithm and an increased key size, over time numerous security flaws were discovered in the WEP standard and, as computing power increased, it became easier and easier to exploit them. As early as 2001 proof-of-concept exploits were floating around and by 2005 the FBI gave a public demonstration (in an effort to increase awareness of WEP’s weaknesses) where they cracked WEP passwords in minutes using freely available software.
Despite various improvements, work-arounds, and other attempts to shore up the WEP system, it remains highly vulnerable and systems that rely on WEP should be upgraded or, if security upgrades are not an option, replaced. The Wi-Fi Alliance officially retired WEP in 2004.

Wi-Fi Protected Access (WPA)

Wi-Fi Protected Access was the Wi-Fi Alliance’s direct response and replacement to the increasingly apparent vulnerabilities of the WEP standard. It was formally adopted in 2003, a year before WEP was officially retired. The most common WPA configuration is WPA-PSK (Pre-Shared Key). The keys used by WPA are 256-bit, a significant increase over the 64-bit and 128-bit keys used in the WEP system.
Some of the significant changes implemented with WPA included message integrity checks (to determine if an attacker had captured or altered packets passed between the access point and client) and the Temporal Key Integrity Protocol (TKIP). TKIP employs a per-packet key system that was radically more secure than fixed key used in the WEP system. TKIP was later superseded by Advanced Encryption Standard (AES).
Despite what a significant improvement WPA was over WEP, the ghost of WEP haunted WPA. TKIP, a core component of WPA,  was designed to be easily rolled out via firmware upgrades onto existing WEP-enabled devices. As such it had to recycle certain elements used in the WEP system which, ultimately, were also exploited.
WPA, like its predecessor WEP, has been shown via both proof-of-concept and applied public demonstrations to be vulnerable to intrusion. Interestingly the process by which WPA is usually breached is not a direct attack on the WPA algorithm (although such attacks have been successfully demonstrated) but by attacks on a supplementary system that was rolled out with WPA, Wi-Fi Protected Setup (WPS), designed to make it easy to link devices to modern access points.

Wi-Fi Protected Access II (WPA2)

WPA has, as of 2006, been officially superseded by WPA2. One of the most significant changes between WPA and WPA2 was the mandatory use of AES algorithms and the introduction of CCMP (Counter Cipher Mode with Block Chaining Message Authentication Code Protocol) as a replacement for TKIP (still preserved in WPA2 as a fallback system and for interoperability with WPA).
Currently, the primary security vulnerability to the actual WPA2 system is an obscure one (and requires the attacker to already have access to the secured Wi-Fi network in order to gain access to certain keys and then perpetuate an attack against other devices on the network). As such, the security implications of the known WPA2 vulnerabilities are limited almost entirely to enterprise level networks and deserve little to no practical consideration in regard to home network security.
Unfortunately, the same vulnerability that is the biggest hole in the WPA armor, the attack vector through the Wi-Fi Protected Setup (WPS), remains in modern WPA2-capable access points. Although breaking into a WPA/WPA2 secured network using this vulnerability requires anywhere from 2-14 hours of sustained effort with a modern computer, it is still a legitimate security concern and WPS should be disabled (and, if possible, the firmware of the access point should be flashed to a distribution that doesn’t even support WPS so the attack vector is entirely removed).

Metthods and Tools required to hack wifi

Now in 2017 there tons to tools and standalone scripts made by security firms and independent hackers to hack
into wifi. Here are few of them that we are going to use in our today's tutorial
  • Aircrack-ng suite (to hack WPA/WPA2 )
  • Reaver (to hack WEP)
  • Fern Wifi cracker (WPA2 and WEP Both)
Remember that above are three different tools and methods used to hack wifi password

Hacking wifi using Aircrack-ng suite

Boot into Kali Linux

You can boot into kali Linux as a live boot or if you have installed kali Linux on your system then you direct fire up the kali Linux

Gather Information

Before launching the attack you need to know about your wireless network interface name, make your wireless card is in monitor mode. Then get the BSSID ( it is the series of unique letters and number of a particular router) of the access point. So let us do all these things.

Find your wireless card

Inside terminal or console, type:
airmon-ng
There you should see a list of interface names of different devices. There should be a wireless device in that list you have connected it to Kali Linux.You will get your wifi card as Wlan0 if you have not created a monitor interface yet.

Kill the process that can stop us from monitor mode this can be done by following command
airmon-ng check kill

Enable monitor mode

Supposing your wireless card interface name as wlan0, type this command in that same console.
airmonng start wlan0
This code will create a new monitor mode interface wlan0mon like in the screenshot below which you want to keep note of.
Now Type the following command to get a view on the air around and check who is connected to the wifi routers around you
airodump-ng wlan0mon

Search the BSSID and channel of the Access Point

Now let’s find the information. Type the following Command in terminal
airodumpng wlan0mon c 6
Then you will see a list of Wireless Networks available around you and please keep note of the BSSID and channel of the ESSID (wireless network) you want to crack. Please note that the less the number is in the PWR column the close you are to the router; example mine is (-42) which means I am quite near to the router. When you find it hit CTrl+C to stop it scanning and enter the following:
airodumpng bssid (AP BSSID address) c (chaneel no) w (file name you want to save with) (monitorinterface
airodumpng bssid 54:E6:FC:E0:AC:FC c 1 w thzone wlan0mon

Capture the handshake to hack wifi

Now, its time to capture a handshake so that we can use it to get the plain password of the network. Here is a little tricky part, if there is a client connected to the network then there will a mac address listed in the “station column” like in the screenshot below and if not then you will have to wait for someone to connect it to get the 4-way handshake.You will get the handshake if anyone tries to connect to that network.
But, if there is someone connected to the network then you can de-authenticate him so that he will try to reconnect and you will be able to get the handshake. To de-authenticate him enter the following code in a new console. But, before taking note of the Mac Address of the station.
aireplayng a (BSSID of the network) c (MAC address of the client) 0 20 (for deauntheticate “20” forno of packets to send) (monitor interface)
You can send any no of packets but few packets would be enough. In the image, I have sent 20 packets it is better you send few packets and only and if you don’t get the handshake you can hit Ctrl+C to stop the process and redo it again.
aireplayng a 54:E6:FC:E0:AC:FC c 9C:4E:36:4E:F5:F0 0 20 wlan0mon
Now it will send deauthentication packet and if you are close to the network and if everything goes right then he will get disconnected and will try to connect again and we will get the 4-way handshake file in the top right corner of the airodump screen as shown below. But, the client should also be physically close to your wireless adapter network range so that it can de-authenticate them.

cracking handshake hash file

Now it’s time to crack the 4-way handshake which is little difficult to do. There are lots of ways to do it but I will show you the simple one.
First, let us see where is our saved .cap(4-way handshake) file so please enter the following: ls
It will show you the list of files in your Desktop in the terminal. The screen would look like this.or you can check directly by browser like in screenshot



Now, lets brute force the thzone.01.cap file using aircrack-ng. You will need a Dictionary or word list file to get it work. There are few of them already in the Kali Linux but you can download more. Aircrack simply tries to match the word from the dictionary to the .cap file and if matched then it will show the password but if the word is not in the dictionary then it will fail. We are using the thzone_wordlist.txt password list which can be found in ‘/root/thzone_wordlist.txt” of Kali Linux you can create your own wordlist by using the following tutorial on wordlist creation in kali Linux. Enter the following command
aircrackng w ‘/root/thzone_wordlist.txt’ thzone.01.cap
Depending upon the speed of your CPU and the size of the password file it could take a lot of time. The -01 is automatically added by the Kali Linux and everything is case sensitive. After executing this command the screen will look like this.
If the key is found then it will say, “KEY FOUND!” and if not it will say, The pass-phrase is not in the Dictionary or something like this. So, if it is not found then you can try to bruteforce it by trying every combination of word which will take lots of time.

Hacking wifi using reaver

As reaver is already installed in kali Linux We should get to the process of wifi password hacking.If you have root access to kali Linux then you can use commands without sudo and if you are a simple user then you should use these commands
sudo iwlist scan wlan
Set your device into monitor mode.
sudo airmon-ng start wlan0
Run the tool against an access point.
reaver -i wlan0mon -b <MA:CA:DD:RE:SS:XX> -vv
after running this command this tool will automatically hack wifi which have WEP security configured

Hack WPA2 password using Fern wifi cracker


Fern Wi-fi Cracker can crack WEP, WPA, and WPA2 secured wireless networks. Fern basically takes the command line utilities to crack these networks and puts them in a GUI. Very simple to use… scary easy! Fern also provides some extra functionality for hijacking sessions and locating a computers geolocation via its Mac address.
Plug in the USB wireless adapter (I’m using the Alfa AWUS036H 802.11b/g USB wireless adapter) and open the Terminal and run iwconfig to verify the USB adapter interface.
Select the Interface and Fern enables monitor mode. If your wireless interface does not show in the list hit the Refresh button and try again.

Before starting the scan double-click on any blank area of the Fern home screen to bring up the Access Point Scan Preferences screen. You can set the channel option to scan a single channel or leave it at the default All Channels. One nice feature is to check the Enable XTerms option which will have Fern open up the Terminal windows during its usage to see what the program is doing in the background.
Back on the Fern home screen click the Scan for Access points button.
Two Terminal windows will open; one showing the WEP enabled networks

And another showing the WPA enabled networks. The top part of the WPA Scan Terminal window shows the networks being found, and the lower part shows any connected client devices. For a WPA attack to work, it requires a connected client. The most important part of the attack will kick the client off the wireless network and capture the 4-way handshake when the client device re-authenticates to the network.
On Ferns home screen the networks being detected will start populating next to the WiFi WEP or WiFi WPA buttons.
Clicking on the WiFi WEP or WiFi WPA button will bring up the Attack screen and the top pane will list the networks found. Select the AP to crack, but before clicking the Attack button to the right let’s go over a couple of settings.
I will use the Regular Attack option, but there is a WPS Attack option and I believe Fern uses the Reaver utility to launch the WPS attack as we have done above with reaver this tool will do it in gui and automate the process.
Common.txt is the wordlist that comes with the Fern program, but any wordlist you download or have created on your own can be used by hitting the Browse button and pointing Fern to the alternative wordlist file.
With the Regular Attack and the wordlist selected hit the Attack button.
Fern will start the attack and on the left side of the screen, the attack steps will turn yellow as Fern works through the various steps. The most important step is capturing the 4-way handshake and Fern will open an aireplay-ng Terminal window showing the progress of deauthentication of the connected client.
It may take several attempts to deauth a client and capture the 4-way handshake.
Once Fern has captured the handshake it will start the brute force attack. Viola! If the WPA key is in the wordlist being used it will display the found key in Red.
As I mentioned I setup a passphrase I knew would be found quickly, and from the start, to finish this attack took under 4 minutes!
Back on the Fern main screen is a Key Database button and it now shows one entry.
Clicking the Key Database button will display the found keys.

At the End

So here it is congratulation you became a wifi hacker. You can proudly say that you are an wifi ethical hacker.
Just practice this on an authorized wifi  network to remember the commands and you are good to go.
How was it do you feel already like an hacker. Let me know how you do it in the comment section below.
Read More