FAKE E-MAILING

FAKE E-MAILING

Send , identify , trace Fake/Spoofed Email | Email Bombing | Email Spamming

Basics of working of Email 

Email stands for Electronic Mail. Email sending and receiving is controlled by the Email servers.Email service providers configure Email Server before anyone can Sign into his or her account and start communicating digitally.Users from across the world register in to these Email servers and setup an Email account.

Email Travelling Path :-
Let’s say we have two Email providers, one is gmail.com and other is yahoo.com, ABC is a registered user in gmail.com and XYZ is a registered user in yahoo.com.
• ABC signs in to his Email account in gmail.com, he then writes a mail to the xyz@yahoo.com and sends the message.
• But what happens behind the curtains, the Email from the computer of abc@gmail.com is forwarded to the Email server of gmail.com. Server of gmail.com then looks for yahoo.com on the internet and forwards the Email of the yahoo.com for the account of XYZ@yahoo.com. Yahoo server puts that email in that account.
• XYZ then sits on computer and signs in to her Email account.Now she has the message in her Email inbox.

Sending Fake/spoofed Email -:  Fake or spoofed email means the email from any email ID. It doesn't matter whether the sender's email really exists or not. Sender's email ID can be anything@anything.com. 

Methods :-

1. Using Open Relay servers :  An open relay server is that which allows people to send email by connecting to it. User connect to it via telnet and instructs server to send email. This method is outdated or simply I should say that, it doesn't work. I would not talk about it more.

2. Using Websites : There are numberless websites that provide free service to send fake emails. But the problem is that they attach the advertisments along with your email.  But the best two, I have found that do not attach the advertisments.

www.emkei.cz      {have some advance options}
www.hidemyass.biz/fake-mailer/

3. Using mail sending scripts : The PHP contains mail sending function which allows us to send email with fake headers.
Download a php script from here.
We just need to upload the mail sending script on a web hosting site. It doesn't work on every webshosting site because there is no email sending support.  I have tested x10hosting.com (could take upto a day for account activation) , it works perfect. Some of the other are www.000webhost.com,byethehost5.com

Note: This script contains options of sending spoofed email, spamming and email bombing. Your hosting account might be immediately suspended on spamming/bombing. But it works perfect if you have any your own premium web hosting account. If you want to try email bomber, I could let you to use my own if sufficient people request in comments.

What is Email Spamming and Email Bombing ?

Email Bombing as clear from the name is sending the mass emails that is large number of emails to a email ID in a single click. Email spamming is like sending an email to large number of email IDs in a single click. These activties are performed mainly for the advertisements of the products or services provided by a company. Many spammers spam to collect individual's personal information through some stupid things like 'fill these details to get your lottery amount' and that information is sold to businessmen looking for the people of different categories. There could be many more reasons of spamming. Spammers use automated tools to collect as many emails available on websites,forms,chat rooms and send spams to them.

How to identify whether an email is real or spoofed ?

It can be done by checking headers. Email headers is simply the text which contains the information about the mail servers that the email encountered in its path from the sender to receiver. It contains a lot of other information too.
Note: I am just telling you a few points about this so that you would just get an idea about the approach. This may or may not depend on some factors.

We can view email headers in gmail by clicking at 'show orignal', in yahoo by clicking at 'Full headers' and such kinds of options in other email service providers.

If  you get an email displaying sender's email like someone@gmail.com, someone@hotmail.com, someone@yahoo.com . Then it should be orignated from gmail,hotmail and yahoo servers respectively. But if it doesn't, the most probably the email would be fake. 

I will show you by an example, I received three emails in my gmail inbox from sender's address "someone@gmail.com."  Sender's address shows me that they should have been orignated from gmail/google server, if they would be real.

Note : There is a field called "Return-path" in headers.  If the email ID shown in this field and email ID you get as sender's email ID doesnt match, then the email is surely fake.

Can we get sender's IP address from Email Headers ?

We may or may not. Gmail, yahoo normally do not reveal sender's IP address. But when we send an email from a php script,  the headers might reveal Sender's IP. The conclusion is that answer to this question varies from different email service providers and the way how email is sent.

Can we trace sender's location, if we get his IP address ?

The IP address could only tell that which Internet Service Provider (ISP) is used by sender. Further details can not be revealed without the help of that ISP. Normally the Public IP is dynamic that is it keeps changing. We need to ask ISP about the user who was assigned that IP at the time email was sent. If sender has purchased a static IP address, it doesn't matter that when exactly was email sent. He could easily be traced.

Read More

How to Reveal Hidden Passwords (Asterisks) in Web Browsers

How to Reveal Hidden Passwords (Asterisks) in Web Browsers

Remember the situation, signing into your account with just a single click because browser is saving all your passwords for you. We know this is convenient but since you’re not typing your passwords any-more, eventually you’ll forget your password in a few days.  For security reasons, the password field in all browsers is masked with “asterisks” which won’t allow any third person (even you) to read the origi-nal typed password. But, what if you want to reveal the string behind the asterisks? There is actually few workaround for revealing the original passwords behind the asterisk and over the entire course of this article we’ll be discussing some known ways to reveal the characters behind the asterisks in different browsers.

Reveal Passwords Behind Asterisks or Dots in Different Web Browsers:

Google Chrome:

Starting off with Google chrome, the easiest way to reveal the original passwords behind the asterisk is using inbuilt Inspect element feature in the browser.

·         You just need to right click on the password field in the browser where you will get an option "Inspect Element". 

·         After clicking on it, "Web Inspector" will open out and there you can see some code which is basically Html code and you just need to replace the "password" word with "text" word and it will reveal the words behind the asterisks.

There’s another way using JavaScript which is quite quick and easy as compared to above method. Just open a site that allows users to login and after typing the password, just enter the following JavaScript code in the address bar.

Javascript: alert(document.getElementById('Passwd').value);

After entering the above code in the address bar, press enter and it will pop up a window with your password written on it.

Mozilla Firefox:

The Next most common browser is "Mozilla Firefox".

·         The chrome's "Web Inspector" trick is also applicable in Firefox.

·          Open a site that asks for login (like Facebook), right click on the password field in the browser where you will get an option "Inspect Element". After clicking on it, "Web Inspector" will open out and there you can see some code which is basically Html code and you just need to replace the "password" word with "text" word and it will reveal the words behind the asterisks as shown in screenshot below.

Apart from this, there’s another way which is quite quick and easy as compared to above method. For that you’ve to create a bookmark with the following JavaScript code as URL in it.

javascript:(function(){var s,F,j,f,i;s="";F=document.forms;for(j=0;j<F.length;++j){f=F[j];for(i=0;i<f.length;++i){if(f[i].type.toLowerCase()=="password")s+=f[i].value+"\n";}}if(s)alert("Password is:\n\n"+s);else alert("No passwords");})();

After saving this as a bookmark, open a site that allows users to login and after typing the password, open the saved bookmark by clicking on it and it will pop up a window with your password written on it.

Opera:

Next comes the "Opera" in that you can use "Dragonfly", which is an in built tool, to reveal the words behind the asterisks just like chrome's "Web Inspector". Open a site that asks for login (like
Facebook), right click on the password field in the browser and select "Inspect Element" option. After clicking on it, "Dragon Fly" will open out and you’ll see some code which is basically Html code and you just need to replace the "password" word with "text" word and it will reveal the words behind the asterisks as shown in screen shot below.

Internet Explorer:

In the same manner you can apply this trick on Internet explorer. First of all open any site (Gmail in our case) that allows user login. Now for bringing out “developer tools” press thef12 key. A new window will be opened and press Ctrl+B to enable selection of elements. After that go to login page and select the password field, doing this will take you to the password field’s code in developer window (highlighted by yellow). Now, you just need to replace the "password" word with "text" word and it will remove the asterisk mask in the password field, see screenshot below.

Apart from this, there’s another way which is quite quick and easy as compared to above method. Just open a site that allows users to login and after typing the password, just enter the following JavaScript code in the address bar.

alert(document.getElementById('Passwd').value);

After entering the above code in the address bar, press enter and it will pop up a window with your password written on it. (See pic below)

Wrap Up:

Although there are so many tools out there to help you in revealing the words behind the asterisks and to get the saved passwords with in a browser, you still need to keep your system safe and protected by using "Antivirus" plus "Firewall" to avoid stealing of these passwords by someone who have access to your system. If you can use these tools to reveal your saved passwords then others can also use the same ways to get information of yours

                                                                                                                                                                                                                                                                                               

Read More

Hyper-V 2012 & boot-from-SAN - installation

Hyper-V 2012 & boot-from-SAN - installation

Had a devil of a time trying to get Hyper-V 2012 installed on one of our spare servers (HP DL360 G5).  Was installing from a DVD (iLO was not online originally) and using a USB key for the Qlogic drivers.  iSCSI HBA is a Qlogic 4062c.

Note this was an ESX 3.5 host when I started.

The error: "We couldn't create a new partition or locate an existing one. For more information, see the Setup log files."

Googling around gave me options...here is the order I tried them in:

1. Boot off physical DVD, load drivers from USB
2. Deleted old ESX partitions
3. Got error
4. Use repair function to clean drive and create/assign a new partition
5. Got error
6. Use the HP update DVD to bring firmware/BIOS up to date
7. Got error
8. Use iLO DVD image and USB key drivers (this was silly)
9. Got error
10. Checked inside server to ensure no USB devices plugged in (there were none)
11. Removed USB key, attached USB key to PC, then to server via iLO as virtual device
12. Got error
13. Used 'bfi.exe' to build a floppy image, attached via iLO
14. Successful installation!

Moral of the story:  You CANNOT have any USB devices attached in any way/shape/form when trying to install in a boot-from-SAN environment. (maybe any environment?)

Also...40GB is not enough, apparently wants 42GB (documentation says 32GB...?).  Just a warning.

Sources
* http://ixrv.blogspot.ca/2012/09/unable-to-install-windows-server-2012.html

Read More

Avast email alerting with Gmail

Avast email alerting with Gmail

Since I'm the IT person, I'm setting up everyone on Avast (unfortunately MSE is going away).

Avast has a handy 'hay IT guy, you have a virus' alerting system, but it's a teensy bit buggy.  Mostly silent timeout periods that make it look like nothing is working.  Here's how to get it working with Gmail.

Here's what you need:

• E-mail (SMTP) address, username@gmail.com or whatever your Gmail account is
• SMTP settings are...
• Server: smtp.gmail.com
• Port: 465
• Security: SSL/TLS
• From address: I used... firstname.avast@domain.com
• Check 'requires auth'
• Enter your gmail sign on stuff

The obvious flaw in this is if I ever change my gmail password, I have to make the rounds with family.  But that's ok.  I'm thankful that the feature even exists.

edit:  Oh, and the settings I changed:

• Only using browser and file AV
• Fully auto updating across the board
• Silent mode across the board
• Email alerting (under 'antivirus' settings)
• Uncheck notify for updates (since it should do updates auto)

Read More

How to recover root password in RHEL 6 ?

How to recover root password in RHEL 6 ?

STEP 1 :

Boot the system and log i n into grub.

STEP 2 :

Press ‘e’ on the selected entry.

Then select the ‘kernel /vmlinux’ entry and press ‘e’ on it.



Insert the ‘single’ keyword after rhgb quiet.

Press enter

Then press b after selecting the ‘kernel /vmlinux’ entry.

Then on the root prompt issue the following command.

passwd  –d  redhat

STEP 3:

this will set the password to blank.

Now boot the system as usual and reset the password by logging into the root account.

courtesy : practical-tech.blogspot.in 

Read More

Top 12 Android Apps to Turn Your Smartphone into a Hacking Device

Top 12 Android Apps to Turn Your Smartphone into a Hacking Device

 Mobile devices is now very common now a days and mobile devices has changed the way of bi-directional communication. There are many operating system for mobile devices available but the most common and the best operating system for mobile is Android, it is an OS means you can install other applications (software's) on it. InAndroid application usually called apps or android apps.

The risk of hacking by using mobile devices is very common and people are developing and using different apps (application) for their hacking attack. Android has faced different challenges from hacking application and below is the list of application for android hacking.

1. SpoofApp

Here is an app that spies at heart could use – SpoofApp. It allows you to use a fake Caller ID – a number that you are free to specify yourself, in order to protect your privacy or to pull a prank on someone. Sounds like fun, doesn’t it? Well, Apple didn’t think so, which is why it never allowed the app to enter its App Store. Google, however, didn’t mind, which is why SpoofApp was available on the Android Market for about two and a half years. However, it was banned from there last year as it allegedly was in conflict with The Truth in Caller ID Act of 2009.This can be useful in social engineering. 

Download it from here

2. FaceNiff

Requirements: Android 2.1+ (rooted)

Overview: FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.

It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). It’s kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!). Please note that if webuser uses SSL this application won’t work.

Legal notice: This application is for educational purposes only. Do not try to use it if it’s not legal in your country. I do not take any responsibility for anything you do using this application. Use at your own risk

Learn More: http://goh4x.blogspot.in/2012/09/how-to-hack-friends-facebook-account.html

  

3. Penetrate Pro

Requirements: Android 2.1+ (rooted)

Overview: The most of the times you scan the Wi-Fi networks available around, they’re protected with key. Penetrate is an app that help you out with that. If the routers of that Wi-Fi networks are encrypted with WEP/WPA it will bring you the keys to access them. This seems a sort of cracking, but the developers says it isn’t, because it’s supposed to get the keys for penetration testing and you should use it only with permission from network owners. Well, apart from those regardings, it does what it says. Check the developer description to know which routers are supported.

Take in account that if you have an antivirus installed in your device, it will warn you about this app. The developer says it’s normal because it’s a security-related tool. Penetrate isn’t a danger for your phone.

This is the paid version (€1.99) that contains no ads, some more features and sponsors further development. What’s more, it allows you to use 3G to get the password instead of using dictionaries that you will have to download in the free version.

Penetrate works properly with the range of routers supported. We’re missing more though. Despite the apparent use for which it was developed this application, we all know the “regular” use. And if you’re looking for it, give it a chance. It’s a great app.

Download it from here

4. Anti-Android Network Toolkit

Requirements: Android 2.1+ (rooted)

Anti-Android Network Toolkit is an app that uses WiFi scanning tools to scan networks. You can scan a network you have the phone connected to or you can scan any other nearby open networks. Security admins can use Anti to test network host vulnerabilities to DoS attacks and other threats.

Download it from here

5. Andosid

AnDOSid is the application which is used for DOS attacks from Android mobile phones.

Download it from here

6. Nmap For Android

Nmap is a network scanner tool which gives the entire information of the ip address and website. There is a version of nmap for Android users too, with the help of this app hackers can scan the ip's through mobiles.
 
Download it from here

7. The Android Network Toolkit

The Android Network Toolkit is an complete tool kit for the pentesters , where hackers can find expolots using the mobile and penetrate or attacks the ip's according to their vunerabilities.

Download it from here

  

8. SSHDroid- Android Secure Shell

Secure shell or SSH is the best protocol that provides an extra layer of security while you are connecting with your remote machine.SSHDroid is a SSH server implementation for Android.
This application will let you to connect to your device from a PC and execute commands (like "terminal" and "adb shell").

Download it from here

10. WiFi Analyzer

WiFi Analyzer is one of the most popular applications in the Android Marketplace, which is really a testament to how wildly useful this tool is for both the average user and the more technically inclined. In the most basic of terms, WiFi Analyzer is a tool to scan the area for WiFi networks and determine which channel is the least populated so you can adjust your own hardware to a less congested part of the spectrum.

Download it from here 

11. ConnectBot

ConnectBot is an exceptionally well done SSH/Telnet client, which also acts as a terminal emulator for the local Linux sub-system. While there are better terminal emulators (though not for free), there is no question that ConnectBot is the absolute best SSH client available for Android. 

Download it from here 

12. Network Discovery

Network Discovery is a handy tool for finding and enumerating devices on public WiFi networks. Network Discovery uses a simple ping scan to find hosts on the network, and then allows the user to select one of the found hosts to target for a TCP connect() scan. 

Download it from here
 
Bonus : dSploit
dSploit is an Android network analysis and penetration suite which aims to offer to IT securityexperts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device. Once dSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing ( with common protocols dissection ), real time traffic manipulation, etc, etc . 

                                                                                                                                                                                                                                                                         Shasconvicted®

      

Read More