how hacker's hack facebook & an - muzaffar khan
DESCRIPTION
how hacker hack facebook idTRANSCRIPT
![Page 2: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/2.jpg)
HowHacker’sHackFacebook&anyPc?
![Page 3: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/3.jpg)
AboutthisBook
Thebook“HowHacker’sHackFacebook&anyPc?”consistsofsomeoftricks&methodsusedbyhacker’sallaroundtheworldtohackanyFacebookaccount&any Pc. Please don’t use this book for any badpurpose(i.e) Hacking others Facebook account (or)othersPcbutuse itonly toprotectyouraccount (or)Pcfromhacker’s!Theauthorofthebookisnotresponsibleforanythingyoudoagainstlawwiththehelpofthisbook!
-MuzaffarKhan(Author)
www.ebook777.com
![Page 4: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/4.jpg)
Index
01.Introduction02.Trick1:ResetthePasswordMethod03.Trick2:KeyloggerMethod04.Trick3:PhishingMethod05.Trick4:StealingCookiesMethod06.Trick5:HackusingFriend’sMobileMethod07.Trick6:UsingStealerstoHackFacebook08.Trick7:MobilePhoneHacking09.Trick8:DNSSpoofing10.Trick9:USBHacking11.Trick10:ManintheMiddleAttack12.HowtoProtectYourself13.SystemIntrusion14.UsingTrojantohackPc15.ToolsUsedbyhackers&lotsmore!
![Page 5: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/5.jpg)
Introduction:
Despite the security concerns that have plagued Facebook for years, mostpeople are sticking around and newmembers keep on joining. This has ledFacebook to break records numbers with over one billion monthly activeusersasofOctober2012—andaround600millionactivedailyusers.
WeshareourlivesonFacebook.Weshareourbirthdaysandouranniversaries.Weshareourvacationplansandlocations.Wesharethebirthsofoursonsandthedeathsofourfathers.Weshareourmostcherishedmomentsandourmostpainfulthoughts.Wedivulgeeveryaspectofourlives.Weevenclamortoseethelatestversionsevenbeforethey’rereadyforprimetime.
Butwesometimesforgetwho’swatching.
WeuseFacebookasatooltoconnect,buttherearethosepeoplewhousethatconnectivityformaliciouspurposes.Werevealwhatotherscanuseagainstus.Theyknowwhenwe’renothomeandforhowlongwe’regone.Theyknowthe answers to our security questions. People can practically steal ouridentities—andthat’sjustwiththevisibleinformationwepurposelygiveaway
throughourpublicFacebookprofile.
The scariest part is that as we get more comfortable with advances intechnology,weactuallybecomemoresusceptibletohacking.Asifwehaven’talready done enough to aid hackers in their quest for our data by sharingpublicly,thoseintheknowcangetintoouremailsandFacebookaccountstostealeveryotherpartofourlivesthatweintendedtokeepawayfrompryingeyes.
Infact,youdon’tevenhavetobeaprofessionalhackertogetintosomeone’sFacebookaccount.
ItcanbeaseasyasrunningFiresheeponyourcomputerforafewminutes.Infact,Facebookactuallyallowspeopletogetintosomeoneelse’sFacebookaccountwithoutknowing theirpassword.Allyouhave todo ischoose threefriendstosendacodeto.Youtypeinthethreecodes,andvoilà—you’reintotheaccount.It’saseasyasthat.
InthisarticleI’llshowyouthese,andacoupleotherwaysthathackers(andeven regular folks) can hack into someone’s Facebook account. But don’t
www.ebook777.com
![Page 6: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/6.jpg)
worry,I’llalsoshowyouhowtopreventitfromhappeningtoyou.
To Understand how hackers hack facebook account’s,you have to assumeyourselfasahackerthroughoutthisbookbecauseinordertocatchatheifthepolice should think likea thief inorder tocatchhimveryeasily likewise inordertounderstandhacker’s,youhavetothinklikeahacker!
![Page 7: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/7.jpg)
Method1:ResetthePassword
Theeasiestway to “hack” into someone’sFacebook is through resetting thepassword.Thiscouldbeeasierdonebypeoplewhoarefriendswiththepersonthey’retryingtohack.
Thefirststepwouldbetogetyourfriend’sFacebookemaillogin.Ifyoudon’talreadyknowit,trylookingontheirFacebookpageintheContactInfosection.
Next,clickonForgottenyourpassword?andtypeinthevictim’semail.Theiraccountshouldcomeup.ClickThisismyaccount.
Itwillaskifyouwouldliketoresetthepasswordviathevictim’semails.Thisdoesn’thelp,sopressNolongerhaveaccesstothese?
ItwillnowaskHowcanwereachyou?Typeinanemailthatyouhavethatalsoisn’tlinkedtoanyotherFacebookaccount.
Itwillnowaskyouaquestion. Ifyou’reclose friendswith thevictim,that’sgreat. Ifyoudon’tknow toomuchabout them,makeaneducatedguess.Ifyoufigureitout,youcanchangethepassword.Nowyouhavetowait24hourstologintotheiraccount.
If you don’t figure out the question, you can click onRecover youraccount with help from friends. This allows you to choose betweenthreeandfivefriends.
www.ebook777.com
![Page 8: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/8.jpg)
Itwillsendthempasswords,whichyoumayaskthemfor,andthentypeinto the next page. You can either create three to five fake Facebookaccountsandaddyourfriend(especiallyiftheyjustaddanyone),oryoucan choose three to five close friends of yours thatwould bewilling togiveyouthepassword.
![Page 9: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/9.jpg)
HowtoProtectYourselffromthismethod: UseanemailaddressspecificallyforyourFacebookanddon’tput thatemailaddressonyourprofile.Whenchoosingasecurityquestionandanswer,makeitdifficult.MakeitsothatnoonecanfigureitoutbysimplygoingthroughyourFacebook.No pet names, no anniversaries—not even third grade teacher’s names.It’saseasyaslookingthroughayearbook. Learn about recovering your account from friends.You can select thethree friends youwant the password sent to. Thatway you can protectyourselffromafriendandothermutualfriendsganginguponyoutogetintoyouraccount.
www.ebook777.com
![Page 10: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/10.jpg)
Method2:UsingKeyloggerSoftwareKeyloggerAsoftwarekeyloggerisaprogramthatcanrecordeachstrokeonthekeyboardthattheusermakes,mostoftenwithouttheirknowledge.Thesoftwarehastobedownloadedmanuallyonthevictim’scomputer.Itwillautomaticallystartcapturing keystrokes as soon as the computer is turned on and remainundetectedinthebackground.Thesoftwarecanbeprogrammedtosendyouasummaryofallthekeystrokesviaemail.
CNET has FreeKeylogger, which as the title suggests, is free. If this isn’twhatyou’re lookingfor,youcansearchforother freekeyloggersorpayforone.
![Page 11: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/11.jpg)
HardwareKeyloggerTheseworkthesamewayasthesoftwarekeylogger,exceptthataUSBdrivewith the softwareneeds tobe connected to thevictim’s computer.TheUSBdrivewillsaveasummaryofthekeystrokes,soit’sassimpleaspluggingittoyourowncomputerandextractingthedata.YoucanlookthroughKeelogforprices,butit’sbithigherthanbuyingthesoftwaresinceyouhavethebuytheUSBdrivewiththeprogramalreadyonit.
www.ebook777.com
![Page 12: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/12.jpg)
HowtoProtectYourselffromthismethod:Useafirewall.Keyloggersusuallysendinformationthroughtheinternet,so a firewallwillmonitor your computer’s online activity and sniff outanythingsuspicious. Installapasswordmanager.Keyloggerscan’tstealwhatyoudon’ttype.Password mangers automatically fill out important forms without youhavingtotypeanythingin. Updateyour software.Onceacompanyknowsofanyexploits in theirsoftware, they work on an update. Stay behind and you could besusceptible. Changepasswords.Ifyoustilldon’tfeelprotected,youcanchangeyourpasswordbi-weekly.Itmayseemdrastic,butitrendersanyinformationahackerstoleuseless.
![Page 13: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/13.jpg)
Method3:Phishing
This option is much more difficult than the rest, but it is also the mostcommon method to hack someone’s account. The most popular type ofphishinginvolvescreatingafakeloginpage.ThepagecanbesentviaemailtoyourvictimandwilllookexactlyliketheFacebookloginpage.Ifthevictimlogs in, the information will be sent to you instead of to Facebook. Thisprocessisdifficultbecauseyouwillneedtocreateawebhostingaccountandafakeloginpage.
Theeasiestwaytodothiswouldbetofollowourguideonhowtocloneawebsite tomakeanexactcopyof the facebook loginpage.Thenyou’ll justneedtotweakthesubmitformtocopy/store/emailthelogindetailsavictimenters. Ifyouneedhelpwith theexactsteps, therearedetailedinstructionsavailablebyAlexLonghereonNullByte.UsersareverycarefulnowwithloggingintoFacebookthroughotherlinks,though,andemailphishingfiltersaregettingbettereveryday,sothatonlyaddstothisalreadydifficultprocess.But,it’sstillpossible,especiallyifyouclonetheentireFacebookwebsite.
www.ebook777.com
![Page 14: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/14.jpg)
HowtoProtectYourselffromthismethod: Don’t click on links through email. If an email tells you to login toFacebook througha link,bewary.Firstcheck theURL(Here’sagreatguideonwhattolookoutfor).Ifyou’restilldoubtful,godirectlytothemainwebsiteandloginthewayyouusuallydo.Phishingisn’tonlydonethroughemail.Itcanbeanylinkonanywebsite/chatroom/ textmessage/etc.Evenadsthatpopupcanbemalicious.Don’tclickonanysketchylookinglinksthataskforyourinformation.
![Page 15: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/15.jpg)
Method4:StealingCookiesCookiesallowawebsitetostoreinformationonauser’sharddriveandlaterretrieveit.ThesecookiescontainimportantinformationusedtotrackasessionthatahackercansniffoutandstealiftheyareonthesameWi-Finetworkasthe victim. They don’t actually get the login passwords, but they can stillaccess the victim’s account by cloning the cookies, tricking Facebook intothinkingthehacker’sbrowserisalreadyauthenticated.
Firesheep is a Firefox add-on that sniffs web traffic on an open Wi-Ficonnection.Itcollectsthecookiesandstorestheminatabonthesideofthebrowser.
Fromthere,thehackercanclickonthesavedcookiesandaccessthevictim’saccount,aslongasthevictimisstillloggedin.Oncethevictimlogsout,itisimpossibleforthehackertoaccesstheaccount.
www.ebook777.com
![Page 16: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/16.jpg)
HowtoProtectYourselffromthismethod: OnFacebook,go toyourAccountSettings andcheckunderSecurity.MakesureSecureBrowsingisenabled.Firesheepcan’tsniffoutcookiesoverencryptedconnectionslikeHTTPS,sotrytosteerawayfromHTTP. Full time SSL. Use Firefox add-ons such as HTTPS-EverywhereorForce-TLS. Logoffawebsitewhenyou’redone.Firesheepcan’t stay logged in toyouraccountifyoulogoff.UseonlytrustworthyWi-Finetworks.AhackercanbesittingacrossfromyouatStarbucksandlookingthroughyouremailwithoutyouknowingit. UseaVPN.TheseprotectagainstanysidejackingfromthesameWiFinetwork,nomatterwhatwebsiteyou’reonasallyournetworktrafficwillbeencryptedallthewaytoyourVPNprovider.
![Page 17: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/17.jpg)
Method5:HackusingFriend’sMobile
Thisisthemostsuccessfulmethodeverfound!Outof10friends,8friendswillbecamevictimofthisMethod!
Step1:FindtheVictim’sFacebookassociatedemail(or)username(or)MobileNo.
Step2:ClickForgotPasswordlinkinFacebooklogin.Step3:Entervictimsemail(or)username(or)MobileNo.FacebookwillfindyourVictim’sprofile.
Step4:NowyouwillgetoptionlikethisTextmeacodetoresetPassword,butdon’tclickthisoptionnow.doitafterstep5.
Step5:NowaskyourFriendhismobilebysayingsomethinglikethis“IneedtocallplsgiveyourMobile”
Step6:NowclickonTextmeacodetoresetPasswordStep7:NowFacebookwillsendaconfirmationcodetoyourfriend’smobilewhichisinyourhandviasms.
Step8:Memorizethatcode&deletethesms
Step9:Enter that code inpassword recoverypage&changeyourpasswordwhateveryouwant.
Step10:voila!Theaccountishacked!
www.ebook777.com
![Page 18: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/18.jpg)
HowtoProtectYourselffromthismethod:AlwayslockyourmobileInboxwithsecuritycode!
![Page 19: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/19.jpg)
Method6:UsingStealerstoHackFacebook
Almost 80%percent peopleuse storedpasswords in their browser to accessthe facebook, This is is quite convenient but can sometimesbeextremelydangerous,Stealersaresoftware’sspeciallydesignedtocapturethe saved passwords stored in the victims browser, Stealers once FUD canbeextremelypowerful.Ifyouwanttohowstealersworkandhowyoucansetup your own one?, Kindly refer the link http://www.mediafire.com/?686o7c3j1euxwm8
www.ebook777.com
![Page 20: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/20.jpg)
HowtoProtectYourselffromthismethod:Neversavepassword’sinyourbrowser!
![Page 21: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/21.jpg)
Method7:MobilePhoneHacking
MillionsofFacebookusersaccessFacebookthroughtheirmobilephones.Incase the hacker can gain access to the victims mobile phone then he canprobably gain access to his/her Facebook account. Their are lots ofMobileSpyingsoftwaresusedtomonitoraCellphone.
ThemostpopularMobilePhoneSpyingsoftwaresare:
1.MobileSpy2.SpyPhoneGold
www.ebook777.com
![Page 22: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/22.jpg)
HowtoProtectYourselffromthismethod: Setsecuritycodeforinstallinganyapplicationinyourmobilephonesothatthehackercan’tinstallanyspywareinitbygettingyourmobile!
![Page 23: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/23.jpg)
Method8:DNSSpoofing
Ifboththevictimandattackerareonthesamenetwork,anattackercanuseaDNSspoofingattackandchange theoriginal facebook.compage tohisownfakepageandhencecangetaccesstovictimsfacebookaccount.
Follow this link to see video how this method works:https://www.youtube.com/watch?feature=player_embedded&v=LU2tS2ip1f8
www.ebook777.com
![Page 24: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/24.jpg)
HowtoProtectYourselffromthismethod: Always check the URL before entering your username & passwordwhetheritiswww.facebook.com(or)somethingelse!
![Page 25: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/25.jpg)
Method9:USBHacking
Ifanattackerhasphysicalaccesstoyourcomputer,hecouldjustinsertaUSBprogrammedwitha function toautomaticallyextract savedpasswords in thebrowser, I have also posted related to this attack which you can readbyaccessingthelinkbelow:
http://www.rafayhackingarticles.net/2010/05/usb-password-stealer.html
www.ebook777.com
![Page 26: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/26.jpg)
HowtoProtectYourselffromthismethod:Neversavepassword’sinyourbrowser!LocktheUSBportwithpasswordsonon-authorizedpersonscan’tinstallanybadsoftwaresinyourPC!
![Page 27: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/27.jpg)
Method10:ManintheMiddleAttack
Ifthevictimandattackerareonthesamelanandonaswitchbasednetwork,Ahackercanplacehimselfb/wtheclientandtheserverorhecouldalsoactasa default gateway and hence capturing all the traffic in between,ARPPoisoningwhichistheothernameformaninthemiddleattacksisaverybroadtopicandisbeyondthescopeofthisarticle,Wehavewrittenacoupleofarticlesonman in themiddleattackswhichcanbbeaccessedfromthe linksmentionedbelow:-
http://www.rafayhackingarticles.net/2011/03/man-in-middle-attack-sll-hacking.html
www.ebook777.com
![Page 28: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/28.jpg)
ProtectingYourself:LessIsMoreSocialnetworkingwebsitesaregreatwaystostayconnectedwitholdfriendsand meet new people. Creating an event, sending a birthday greeting andtellingyourparentsyoulovethemareallacoupleofclicksaway.
Facebookisn’tsomethingyouneedtosteerawayfrom,butyoudoneedtobeawareofyoursurroundingsandmakesmartdecisionsaboutwhatyouputuponyourprofile.ThelessinformationyougiveoutonFacebookforeveryonetosee,themoredifficultyoumakeitforhackers.
If yourFacebook account ever gets hacked, check out our guide ongettingyour hacked Facebook account back for information on restoring youraccount.
Bonus: If you’re interested inwho’s checkingyouout, there are somewaysyoucan(kindof)trackwho’sviewedyourFacebookprofile.
Tricks&MethodsusedbyHacker’stohackanyPC:
1.SYSTEMINTRUSIONIN15SECONDS
Systemintrusionin15seconds,that’srightitcanbedone.Ifyoupossesscertainsecurityflawsyoursystemcanbebrokenintoinlessthat15seconds.
TobeginthischapterI’dlikeyoutodothefollowing.ConnecttotheInternetusingyourdial up account if you are on dial up. If you are on dedicated service likeHigh Speedconnections(ie,
CableandDSL)thenjustproceedwiththestepsbelow.
•ClickStart
•GotoRun
•ClickRun(It’sastepbystepmanual):-)
![Page 30: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/30.jpg)
Thisshouldbringupawindowthatlookslikethefollowing
*Foreditorialreasontheaboveinfohasbeenomitted*
WhatyoushouldseeunderIPaddressisanumberthatlookssomethinglikethis.
207.175.1.1(Thenumberwillbedifferent.)
IfyouuseDialUpInternetAccessthenyouwillfindyourIPaddressunderPPPadapter.Ifyouhavededicatedaccessyouwill findyour IPaddressunder another adaptername
![Page 31: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/31.jpg)
like(PCIBusmaster,SMCAdapter,etc.)Youcanseealistbyclickingonthedownarrow.
www.ebook777.com
![Page 32: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/32.jpg)
OnceyouhavetheIPaddresswriteitdown,thenclosethatwindowbyclicking(OK)anddothefollowing.
•ClickStart
•GotoRun(ClickonRun)
•TypecommandthenClickOK
Atthispointyoushouldseeascreenthatlookslikethis.
![Page 33: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/33.jpg)
TypethefollowingattheDosPrompt
•Nbtstat–AIPaddress
Forexample:nbtstat–A207.175.1.1
(PleasenotethatyoumusttypetheAincapitolletters.)
www.ebook777.com
![Page 34: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/34.jpg)
Thiswillgiveyouareadoutthatlookslikethis
NetBIOSRemoteMachineNameTable
____________________________________
Name Type Status––––––––––––––-J-1 <00>UNIQUE RegisteredWORK <00>GROUP RegisteredJ-1 <03>UNIQUE RegisteredJ-1 <20>UNIQUE RegisteredWORK <1E>GROUP RegisteredWORK <1D>UNIQUE Registered
__MSBROWSE__.<01>GROUP Registered
(Againinfohasbeenomittedduetoprivacyreasons)
Thenumbersinthe<>arehex codevalues. Whatweare
interestedinisthe“HexCode”numberof<20>. Ifyoudonot
seeahexcodeof<20> inthelistthat’sagoodthing.Ifyoudo
haveahexcode<20> thenyoumayhavecauseforconcern.
Nowyou’reprobablyconfusedaboutthissoI’llexplain.
Ahexcodeof<20>meansyou havefileand printersharing
turnedon.This ishowa“hacker”wouldcheck tosee ifyouhave“fileandprintersharing”turnedon.Ifhe/shebecomesawareofthefact thatyoudohave“fileandprintersharing”turnedonthentheywouldproceedtoattempttogainaccesstoyoursystem.
(Note:ToexitoutoftheDOSpromptWindow,TypeExitandhitEnter)
![Page 36: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/36.jpg)
I’llshowyounowhowthatinformationcanbeusedtogainaccesstoyoursystem.
ApotentialhackerwoulddoascanonarangeofIPaddressforsystemswith“FileandPrinterSharing” turnedon.Once theyhaveencounteredasystemwithsharingturnedonthenextstepwouldbetofindoutwhatisbeingshared.
Thisishow:
Netview\\<insertip_addresshere>
Ourpotentialhackerwouldthengetaresponsethatlookssomethinglikethis.
Sharedresourcesat\\ip_address
Sharename Type CommentMYDOCUMENTS DiskTEMP Disk
Thecommandwascompletedsuccessfully.
This shows the hacker that his potential victim has their My Documents Foldershared and theirTempdirectory shared. For the hacker to then get access to thosefoldershisnextcommandwillbe.
Netusex:\\<insertIPaddresshere>\temp
Ifallgoeswellforthehacker,he/shewillthengetaresponseof
(Thecommandwascompletedsuccessfully.)
AtthispointthehackernowhasaccesstotheTEMPdirectoryofhisvictim.
17. Theapproximatetimeittakesfortheaveragehackertodothisattack?
18. 15secondsorless.
![Page 37: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/37.jpg)
Nota lotof time togainaccess toyourmachine is it?Howmanyofyouhad“FileandPrinterSharing”turnedon?
LadiesandGentlemen:ThisiscalledaNetbiosattack.Ifyouarerunningahomenetworkthenthechancesareyouhavefileandprintersharingturnedon.Thismaynotbethecasefor all of youbut I’m sure there is quite anumberofyouwhoprobablydo. If you aresharingresourcespleasepasswordprotectthedirectories.
Any shared directory you have on your system within your network will have a handholdingthefolder.Whichlookslikethis.
YoucanchecktofindwhichfoldersaresharedthroughWindows
Explorer.
•ClickOnStart
•ScrollUptoPrograms
Atthispointyouwillseealistingofallthedifferentprogramsonyoursystem
FindWindowsExplorerandlookforanyfoldersthatlookliketheabovepicture.
Onceyouhavefoundthosefolderspasswordprotectthem!
www.ebook777.com
![Page 38: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/38.jpg)
![Page 39: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/39.jpg)
2.THETROJAN“HORSE”
I found it necessary to devote a chapter to Trojans. Trojan’s are probably the mostcompromisingof all types of attacks.Trojans are being releasedby the hundreds everyweek, eachmore cleverly designed that the other.We all know the story of the Trojanhorseprobablythegreateststrategicmoveevermade.
InmystudiesIhavefoundthatTrojansareprimarilyresponsibleforalmostallWindowsBasedmachinesbeingcompromised.
ForthoseofyouwhodonotknowwhatTrojansareI’llbrieflyexplain.Trojansaresmallprogramsthateffectivelygive“hackers”remotecontroloveryourentireComputer.
SomecommonfeatureswithTrojansareasfollows:
•OpenyourCD-Romdrive
•Captureascreenshotofyourcomputer
•Recordyourkeystrokesandsendthemtothe“Hacker”
•FullAccesstoallyourdrivesandfiles
• Abilitytouseyourcomputerasabridgetodootherhackingrelatedactivities.
•Disableyourkeyboard
•Disableyourmouse…andmore!
Let’stakeacloserlookatacoupleofmorepopularTrojans:
www.ebook777.com
![Page 40: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/40.jpg)
•Netbus
•SubSeven
TheNetbusTrojanhastwopartstoitasalmostallTrojansdo.ThereisaClientandaServer.Theserveristhefilethatwouldhavetogetinstalledonyoursysteminordertohaveyoursystemcompromised.Here’showthehackwouldgo.
TheHack
Objective:Gettingthepotentialvictimtoinstalltheserverontohis/hersystem.
Method1
Sendtheserverfile(forexplanationpurposeswe’llcallthefilenetbusserver.exe)toyouviaE-Mail.Thiswashowitwasoriginallydone.
Thehackerwouldclaimthefiletobeagameofsomesort.Whenyouthendoubleclickonthefile,theresultisnothing.Youdon’tseeanything.(VerySuspicious)
Note:(Howmanytimeshaveyoudoubleclickedonafilesomeonehassentyouanditapparentlydidnothing)
Atthispointwhathashappenedistheserverhasnowbeeninstalledonyoursystem.Allthe“hacker”hastodoisusetheNetbusClienttoconnecttoyoursystemandeverythingyouhaveonyoursystemisnowaccessibletothis“hacker.”
WithincreasingawarenessoftheuseofTrojans,“hackers”becamesmarter,hencemethod2.
Method2
Objective:Gettingyoutoinstalltheserveronyoursystem.
![Page 41: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/41.jpg)
Let’ssee,howmanyofyoureceivegamesfromfriends?Gameslikehitgatesinthefacewithapie.PerhapsthegameshootSaddam?Therearelotsoffunnylittlefileslikethat.NowI’llshowyouhowsomeoneintentongettingaccesstoyourcomputercanusethatagainstyou.
There are utility programs available that can combine the (“server” (a.k.a. Trojan)) filewithalegitimate“executablefile.”(Anexecutablefileisanyfileendingin.exe).Itwillthenoutputanother(.exe)fileofsomekind.Thinkofthisprocessasmixingpoisoninadrink.
ForExample:
TomatoJuice+Poison=something
NowtheresultisnotreallyTomatoJuiceanymorebutyoucancallitwhateveryouwant.SameproceduregoesforcombiningtheTrojanwithanotherfile.
ForExample:
The “Hacker” inquestionwoulddo this: (for demonstrationpurposeswe’ll use a chessgame)
Name:chess.exe(nameoffilethatstartsthechessgame)
Trojan:netbusserver.exe(TheTrojan)
(Againforexplanationpurposeswe’llcallitthat)
Thejoinerutilitywillcombinethetwofilestogetherandoutput1executablefilecalled:
<insertnamehere>.exe
www.ebook777.com
![Page 42: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/42.jpg)
Thisfilecanthenberenamedbacktochess.exe.It’snotexactlythesameChessGame.It’sliketheTomatoJuice,it’sjustslightlydifferent.
Thedifferenceinthesefileswillbenoticedintheirsize.
Theoriginalfile: chess.exe size: 50,000 bytes
Thenewfile(withTrojan): chess.exe size: 65,000 bytes
(Note:Thesenumbersandfiguresarejustforexplanationpurposesonly)
Theprocessofjoiningthetwofiles,takesabout10secondstogetdone.Nowthe“hacker”hasanewchessfiletosendoutwiththeTrojaninit.
Q.Whathappenswhenyouclickonthenewchess.exefile?
Answer: The chess program starts like normal.Nomore suspicion because the file didsomething. The only difference is while the chess program starts the Trojan also getsinstalledonyoursystem.
Nowyoureceiveanemailwiththeattachmentexceptintheformatofchess.exe.
The unsuspecting will execute the file and see a chess game. Meanwhile in thebackgroundthe“Trojan”getssilentlyinstalledonyourcomputer.
If that’s not scary enough, after theTrojan installs itself on your computer, itwill thensendamessagefromyourcomputertothehackertellinghimthefollowinginformation.
Username:(Anametheycallyou)
IPAddress:(YourIPaddress)
Online:(Yourvictimisonline)
![Page 43: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/43.jpg)
So it doesn’t matter if you are on dial up. The potential hacker will automatically benotifiedwhenyoulogontoyourcomputer.
You’re probably asking yourself “how likely is it that this has happened tome?”Wellthink about this. Take into consideration the second chapter of this manual. Used inconjunctionwiththeabovementionedmethodscanmakeforadeadlycombination.
Thesemethodsarejustbutafewwaysthat“hackers”cangainaccesstoyourmachine.
Listedbelowaresomeotherwaystheycangettheinfectedfiletoyou.
NewsGroups:
By posting articles in newsgroups with file attachments like (mypic.exe) in adultnewsgroupsarealmostguaranteedtohavesomeonefallvictim.
Don’tbefooledthough,asthesefolkswillpostthesefilestoanynewsgroups.
Grapevine:
Unfortunatelythereisnowaytocontrolthiseffect.Youreceivethefilefromafriendwhoreceiveditfromafriendetc.etc.
Email:
The most widely used delivery method. I t can be sent as an attachment in an emailaddressedtoyou.
www.ebook777.com
![Page 44: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/44.jpg)
UnsafeWebsites:
Websitesthatarenot“abovethetable”sotospeak.Filesdownloadedfromsuchplacesshouldalwaysbeacceptedwithhighsuspicion.
IRC:
OnIRCserverssometimeswhenyoujoinachannelyouwillautomaticallygetsentafilelike “mypic.exe”or “ sexy.exe”or sexy.jpg.vbs something to that effect.Usuallyyou’llfindwannabe’sareatfaultforthis.
ChatSites:
Chatsitesareprobablyoneoftheprimaryplacesthatthissortofactivitytakesplace.Thesadparttothatis80%arenotawareofit.
As you can see there aremany differentways to deliver that file to you as a user. Byinforming you of these methods I hope I have made you more aware of the potentialdangers around you. In Chapter 3 we’ll discuss what files should be consideredacceptable.
3:UnknownFiles
Fromthelastchapteryou’reprobablyaskingyourselfwhatexactlyissafetoacceptasafilefromanyone.HopefullyI’llanswermostifnotallyourquestionsaboutwhattypesoffilescanbeconsideredsafeormoretothepointnormal.
I’llshowyouwhatnormalextensionsshouldbefordifferenttypesoffilesandwhattypeoffilesshouldnevercomein.exeformats.
We’llstartwithsomethingI’msuremostifnotallfolkshavehadhappentothematleastonce.
![Page 45: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/45.jpg)
PICTURES
Everhadsomeonesendyouapictureofthemselves?Ifyouhangaroundonachatsiteofanykindthenchancesareyou’vemetsomeoneoragroupofpeopleperhapswho’vewantedtosendyoutheirpicture.Iftheydidthenhopefullyitwasnotintheformof(mypic.exe).Ifitwasyoumaywanttorunaviruscheckonthosefilesinparticular.
Forallintensivepurposespicturesshouldreallyonlycomeintheformatslistedbelow.
Jpg(jpeg) Forexample(steve.jpg)
Bmp(bitmap)Forexample(steve.bmp)
TIFF (Tag Image File Format)
Forexample(steve.tiff)
Gif (Graphics Interchange Format)
Forexample(steve.gif)
Thesearealllegitimate!
Yourbrowsercanviewalmostallof these files shortof the tiff format.OtherprogramsthatcanbeusedtoviewthesefilesarePhotoshop,Paintshop,Netscape,InternetExplorerandImagingjusttonameafew.
WARNING!
These are the file types by which images should come as. Anything else should beunacceptable.ThereisnoreasontohaveanImageofanykindcomeasa.exefile.Don’teveraccepttheexcusethatit’sanautoextractingimagefile!
www.ebook777.com
![Page 46: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/46.jpg)
READMEANDTEXTFILES
Almostallprograminformationdocumentsonthenetcomeinoneoftheseformats.Thesefilesaresimplyinformationdocumentstypedupinsomewordprocessingprogramortexteditor.
Someexamplesoftheirextensionsare:
DOC DocumentformatforMicrosoftWord,Word.
Example:(readme.doc)
TXT TextformatfilecanbeopenedbyNotepad,Word,
Microsoft Word.Example:(readme.txt)
RTF (RichTextFormat)
ForExample:
•<anything>.com
•<anything>.exe
•<anything>.txt.vbs
Thereisnoreasonforanyfilestobesenttoyouinanyoftheaboveformatsiftheyaretext documents. I can also assure you there is no reason a file should have a doubleextension.Suchfilesifyoushouldeverreceivethemshouldbetreatedwithsuspicion.
Bynomeansshouldyoueveropenafileifyoudonotknowwhattypeoffileitis.
![Page 47: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/47.jpg)
Ifyouareuncertainaboutwhatafiletypeishereisamethodbywhichyoucancheck.Gotoyourfavoritesearchengineforexample:
Altavista:http://www.altavista.com
Or
Metacrawler:http://www.metacrawler.com
•Clickintothesearchfield
(Thentypethefiletypeyouareinquiringaboutforexample)
•Docfiletype
•Exefiletype
•Rtffiletype
Thiswillpullupsitesthatwillgiveamoredetailedexplanationofexactlywhattypeoffileitis.
You can use the above information to better understandwhat type of files you receivefromindividuals.Withoutriskinginstallinganythingonyourmachine.
We’ve coveredmethodsbywhichyour computer canbe accessedby aNetbiosAttack,howfilescanbeinfected,andhowtheycanbedelivered.InChapter4we’lldiscusswhois responsible for these attacks. We will look at the type of individuals behind thekeyboardresponsiblefortheseattacks.
www.ebook777.com
![Page 48: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/48.jpg)
4:WHOAREHACKERS?
I feel it is necessary to clarify the termhacker.Perhapsyourdefinitionof ahackerhasbeen influenced and tainted over the years. There have been various computer relatedactivitiesattributedtotheterm“hacker”,butweregreatlymisunderstood.Unfortunatelyforthepeoplewhoaretrulydefinedwithintheundergroundtechworldasa“hacker”thisisaninsulttothem.
There are various types of “hackers”, eachwith the ir own agenda.My goal is to helpprotectyoufromtheworstofthem.
AnarchistHackers
These are the individuals who you should be weary of. Their sole intent on systeminfiltrationistocausedamageoruseinformationtocreatehavoc.Theyareprimarilytheindividualswho are responsible for themajority of system attacks against home users.Theyaremorelikelytobeinterestedinwhatliesonanotherperson’smachineforexampleyours.
Mostly you’ll find that these individuals have slightly above computer skill level andconsiderthemselveshackers.Theyglorifythemselvesontheaccomplishmentsofothers.Their idea of classing themselves as a hacker is that of acquire programs and utilitiesreadily available on the net, use these programs with no real knowledge of how theseapplicationsworkandiftheymanageto“break”intosomeone’ssystemclassthemselvesasahacker.Theseindividualsarecalled“KiddieHackers.”
Theyusetheseprogramsgiventotheminamaliciousfashiononanyonetheycaninfect.Theyhavenorealpurposetowhattheyaredoingexceptthefactofsaying“Yeah!Ibrokeinto<insertnamehere>computer!”Itgivesthembraggingrightstotheirfriends.
![Page 49: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/49.jpg)
If there is any damage to occur in a system being broken into these individuals willaccomplishit.
These individuals are usually high school students. They brag about theiraccomplishmentstotheirfriendsandtrytobuildanimageofbeinghackers.
Hackers
A hacker by definition believes in access to free information. They are usually veryintelligentpeoplewhocouldcareverylittleaboutwhatyouhaveonyoursystem.Theirthrill comes from system infiltration for information reasons. Hackers unlike “crackersandanarchist”knowbeingabletobreaksystemsecuritydoesn’tmakeyouahackeranymorethanadding2+2makesyouamathematician.Unfortunately,manyjournalistsandwritershavebeenfooledintousingtheword‘hacker.”Theyhaveattributedanycomputerrelatedillegalactivitiestotheterm“hacker.”
Real hackers target mainly government institution. They believe important informationcanbefoundwithingovernmentinstitutions.Tothemtheriskisworthit.Thehigherthesecuritythebetterthechallenge.Thebetterthechallengethebettertheyneedtobe.Who’sthebestkeyboardcowboy?Sotospeak!
Theseindividualscomeinavarietyofageclasses.TheyrangefromHighSchoolstudentstoUniversityGrads.Theyarequiteadeptatprogrammingandaresmartenough tostayoutofthespotlight.
They don’t particularly care about bragging about their accomplishments as it exposesthem to suspicion. They prefer to work from behind the scenes and preserve theiranonymity.
Notallhackersareloners,oftenyou’llfindtheyhaveaverytightcircleofassociates,butstillthereisalevelofanonymitybetweenthem.Anassociateofmineoncesaidtome“iftheysaytheyareahacker,thenthey’renot!”
Crackers
www.ebook777.com
![Page 50: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/50.jpg)
For definition purposes I have included this term . This is primarily the term given toindividualswhoareskilledattheartofbypassingsoftwarecopyrightprotection.Theyareusuallyhighlyskilledinprogramminglanguages.
TheyareoftenconfusedwithHackers.Asyoucansee theyare similar in theiragenda.Theybothfightsecurityofsomekind,buttheyarecompletelydifferent“animals.”
Being able to attribute your attacks to the right type of attacker is very important. Byidentifyingyourattackertobeeitheran
AnarchistHackeroraHackeryougetabetterideaofwhatyou’reupagainst.
“Knowyourenemyandknowyourselfandyouwillalwaysbevictorious…”
5:ToolsusedbyHackers
What is a carpenterwithout a hammer? “Hackers” re quire tools in order to attempt tocompromise a systems security. Some tools are readily available and some are actuallywrittenbyotherhackers,with thesole intentofbeingusedforsystembreak- ins.Some“hackers’ use a little ingenuity with their attacks and don’t necessarily rely on anyparticular tool. In the end however it boils down to they need to infect your system inordertocompromiseit.
Tobetterunderstandthemeansbywhich“hackers”compromisesystemsecurityIfeelitimportanttounderstandwhattoolstheyuse.Thiswillgiveyouasauserinsightastowhatexactlytheylookforandhowtheyobtainthisinformation.Inthissection,Ialsoexplainhowthesetoolsareusedinconjunctionwitheachother.
PortScanners
![Page 51: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/51.jpg)
Whatisaportscanner?
Aportscannerisahandytoolthat scansacomputerlooking
foractiveports.Withthisutility, apotential“hacker”can
figureoutwhatservicesareavailableonatargetedcomputerfromtheresponsestheportscannerreceives.Takealookatthelistbelowforreference.
StartingScan.
TargetHost:www.yourcompany.com
TCP Port :7 (echo)
TCP Port :9 (discard)
TCP Port :13 (daytime)
TCP Port :19 (chargen)
TCP Port :21 (ftp)
TCP Port :23 (telnet)
TCP Port :25 (smtp)
TCP Port :37 (time)
TCP Port :53 (domain)
TCP Port :79 (finger)
TCP Port :80 (www)
TCP Port :110 (pop)
TCP Port :111 (sunrpc)
www.ebook777.com
![Page 52: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/52.jpg)
Finished.
Scanningforopenportsisdoneintwoways.ThefirstistoscanasingleIPaddressforopenports.ThesecondistoscanarangeofIPaddresstofindopenports.
Try tothinkabout thislikecallinga singlephone-number of
say 555-4321and askingforevery extensionavailable. In
relationtoscanning,thephone-numberisequivalenttotheIPaddressandtheextensionstoopenports.
ScanningarangeofIPaddressislikecallingeverynumberbetween555-0000to555-9999andaskingforeveryextensionavailableateverynumber.
Trojans
Trojansaredefinitelyone of thetools that “hackers”use.
TherearehundredsofTrojans. Tolist them allwouldmake
thismanualextremelylong. Fordefinitionpurposeswe’llfocus
onacouple.
![Page 53: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/53.jpg)
SubSeven
TheSubSevenTrojanhasmanyfeaturesandcapabilities.ItisinmyopinionbyfarthemostadvanceTrojanIhaveseen.TakealookatsomeofthefeaturesofSubSeven.
•addressbook
•WWPPagerRetriever
•UIN2IP
•remoteIPscanner
•hostlookup
•getWindowsCD-KEY
•updatevictimfromURL
•ICQtakeover
•FTProotfolder
•retrievedial-uppasswordsalongwithphonenumbersandusernames•portredirect
IRCbot.foralistofcommands
•FileManagerbookmarksmakefolder,deletefolder[emptyorfull]
•processmanager
•text2speech
•RestartserverAolInstantMessengerSpy
•YahooMessengerSpy
•MicrosoftMessengerSpyRetrievelist ofICQuinsandpasswords
www.ebook777.com
![Page 54: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/54.jpg)
Retrievelist ofAIMusersandpasswords•AppRedirect
•EditfilePerformclicksonvictim‘sdesktopSet/ChangeScreenSaversettings[ScrollingMarquee]RestartWindows[seebelow]
•PingserverCompress/Decompressfilesbeforeandaftertransfers
•TheMatrix
•UltraFastIPscanner•IPTool[ResolveHostnames/PingIPaddresses]
Continued…
![Page 55: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/55.jpg)
Getvictim‘shomeinfo[notpossibleonallservers]:
-Address
-Bussinessname
-City
-Company
-Country
-Customertype
-Realname
-State
-Citycode
-Countrycode
-LocalPhone
-Zipcode
Andmore…
IthinkyougetthepictureofjustexactlywhatthatTrojaniscapableof.HereisapictureofwhatSubSevenlookslike.
www.ebook777.com
![Page 56: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/56.jpg)
![Page 58: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/58.jpg)
Netbus:
NetBus isanolderTrojanhowevernonetheless isstillused. I tconsistsofaserverandaclient-part.Theserver-
partistheprogramwhichmustberunningonyour
computer.ThisshouldgiveyouanideaofwhatNetbusiscapableof.
NetbusFeatures:
•Open/closetheCD-ROMonceorinintervals(specifiedinseconds).
Showoptionalimage.Ifnofullpathoftheimageisgivenit
willlookforitinthePatch-directory.Thesupportedimage-
formatsisBMPandJPG.
Swapmousebuttons–therightmousebuttongetstheleft
mousebutton’sfunctionsandviceversa.
•Startoptionalapplication.
•Playoptionalsound-file.Ifnofullpathofthesound-fileis
givenitwilllookforitinthePatch-directory.Thesupportedsound-formatisWAV.Pointthemousetooptionalcoordinates.Youcanevennavigatethemouseonthetargetcomputerwithyourown.
•Showamessagedialogonthescreen.Theanswerisalwayssentbacktoyou.
•Shutdownthesystem,logofftheuseretc.
•GotoanoptionalURLwithinthedefaultweb-browser.
•Sendkeystrokestotheactiveapplicationonthetargetcomputer.Thetextinthefield ”Message/ text” will be inserted in the application that has focus. (” | ” re
![Page 59: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/59.jpg)
presentsenter).
•Listenforkeystrokesandsendthembacktoyou.
•Getascreendump(shouldnotbeusedoverslowconnections).
Returninformationaboutthetargetcomputer.
• Uploadanyfilefromyoutothetargetcomputer.WiththisfeatureitwillbepossibletoremotelyupdatePatchwithanewversion.
www.ebook777.com
![Page 60: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/60.jpg)
Increaseanddecreasethesound-volume.
•Recordsoundsthatthemicrophonecatch.Thesoundissentbacktoyou.
Makeclicksoundseverytimeakeyispressed.
• Downloadanddeletionofanyfilefromthetarget.Youchoosewhichfileyouwishtodownload/deleteinaviewthatrepresentstheharddisksonthetarget.
•Keys(letters)onthekeyboardcanbedisabled.
•Password-protectionmanagement.
•Show,killandfocuswindowsonthesystem.
•RedirectdataonaspecifiedTCP-porttoanotherhostandport.
•RedirectconsoleapplicationsI/OtoaspecifiedTCP-port(telnetthehostatthespecifiedporttointeractwiththeapplication).
•Configuretheserver-exewithoptionslikeTCP-portandmailnotification.
![Page 62: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/62.jpg)
Joiners
Earlieryousawmemakereferencestoutilitiesthat
combinetwoexecutablefilesintoone.That’swhattheseprogramsare.TheseprogramsmakeitpossibletohidetheTrojansinlegitimatefiles.
ICQ
ThoughasitselfisnotautilityforhackingthereareprogramfileswrittenbyUn-namedprogrammersforit.ThemoreadvanceTrojanshavetheabilitytonotifythe
“hacker”viaICQofwhetherornotyouareonline.GiventhatyouareinfectedwithaTrojan.
I fyouarenot infected then ICQcanserveasaUtility togiveawayyour IPaddress.Currentlythereare
files/programsavailableonthenetthatallowsyouto
“patch”ICQsoitrevealstheIPnumbersofanyoneonthe“hackers”list.TherearealsofilesthatallowyouaddusersinICQwithouttheirauthorizationornotification.
Fordemonstrationpurposeslet’sseehowahackwouldgoifahackerwiththeabovementionedutilitiesweretoattempttohackintoausersmachine.
Hack1:
Objective:Obtainentrytotheusersmachine.
Step1:Obtainuser’sICQ#
![Page 63: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/63.jpg)
Step2:AddUsertoICQlist
Step3:UseGetInfoonuser
Step4:RecordUser’sIPaddress
Step5:Startadosprompt
Step6:nbtstat–A<ipaddress>
Step7:Lookforhexcode<20>
Step8:(Assumingahexof<20>isthere)netview
\\ip_address.
Step9:Seewhatsharesareavailablewe’llsay“C”isbeing
shared.
Step10:netusex:\\ip_address\c
Accesstotheuser’smachinehasbeenachieved.
Intheabovescenarioour“potentialhacker”usedthepatchprogramsavailableforICQtogaintheIPaddressofthe
“victim”andthenlaunchhisassault.
Withtherealizationofhowan“individual”cangainaccesstoyourmachinelet’smoveontoChapter6.Wewilldiscusswhat’satriskonceyourcomputerhasbeen
compromised.
FINALWORDS
www.ebook777.com
![Page 64: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/64.jpg)
Congratulations! You’ve made it to the end of the manual. That’s probably not anaccomplishment for books of the same length. But this manual is different. You canalways make reference back to this manual whenever you have questions. I t’s like amanualandcourseinone.Learningthesystemloopholesandtricksthat“hackers”useisonlyhalftheprocess.Protectingyourprivacyis90%uptoyou,therestcanbehandledbysoftware.
Youhavethemeansandabilitytoprotectyourself.Byreadingthismanualaloneyouhaveproventhat.Youmaythinktoyourselfthatyou’reoutgunnedontheInternet,don’t.Weallhave tostart learningfromsomewhere.Evenhackersandsocalled“hackers”had tostartlearningsomewhere.Noonewasbornwiththeknowledgeofhowacomputerworks.
TheInternetisatoolbywhichmanyofthese“hackers”educatethemselves.Youcandothesame.Itremainsthemostpowerfultoolforinformationanddevelopmentthereis.
Moreandmorebusinessesandservicesaremigratingtotheonlineworld.Youcaneither,sitbackandwatchitgo,orjumponthebandwagonandrideitout.It’salluptoyou.
Exercisecautionwhendealingwithpeopleonline,butdon’tbe tooparanoid.Enjoy thepoweroftheInternetitcanbeagreatassettoyouoryourbusiness.
The online population is growing exponentially. With the recent growth of dedicatedaccessyourcomputer is connected to the Internet24hrsaday.High speedaccessgivesyoutheopportunitytodownloadfilesatlightningfastrates.It’salongwayfromtheolddialupBBS’s.Astechnologyincreasessomustyourawareness.
Realisticallymostofusdon’tcareabouttheinnerworkingsofthe
Internet.Perhapswehaveasheercuriosityofwhathappensbehindthescenes,butnoneofusreallybelievesitmakesalotofdifferencetoustoknowthatinformation.Weprimarilycare about getting our daily activities done and enjoying the power of the Internet.WewanttobeabletoLogonlinetalktoourfriendsandfamilyandusetheInternetastoolforourbenefit.
![Page 65: How Hacker's Hack Facebook & an - Muzaffar Khan](https://reader034.vdocument.in/reader034/viewer/2022042507/577c7fda1a28abe054a65723/html5/thumbnails/65.jpg)
TheInternetconnectsyoutotheworldwhereifafriendsfromAustraliawishestotalktoyouliveoneononetheycanflipontheirwebcamsturnontheirmicsandhaveavideoconference.It’sacutaboveaphonecallforafractionoftheprice.Don’tlet
“hackers”turnfutureadvancementsintounwantednightmares.
Youasausercanpreventthisbybeingcareful.Taketheextranecessarystepstoprotectyourself.Whencomparedtothebenefitsyoucanhaveitdefinitelyisworthanextra1hr-2hrsofyourtime.
Don’tstop learning, readallyoucan.Whynot?You’vegot theworldatyourfingertipsandinformationateveryturn.Butmostimportantlywhenallissaidanddone,takebackyourprivacyfromthosewhomayseektocompromiseit.
WithGreatRespect
ThankYou!
www.ebook777.com