Introduction to Hacking Email or any Website Accounts for Beginners

Introduction to Hacking Email or any
Website Accounts - Beginners Please Read
You CANNOT hack emails or websites with
just one or two clicks with some email
hacking apps. You need to have proper
information about the person that you are
hacking. If you see sites that claim that
they can hack email accounts within
minutes and charge hundreds of dollars for
it, just laugh at them and move on. Do not
waste money on them as they will be just
scamming you.
There are two ways to hack Accounts of a
Website.
*Client side Hacking
*Server side Hacking
Client Side Hacking
This method can be done depending what
you choose. Client side hacking is basically
hacking the person's pc and extract
information. Antiviruses will detect the
apis, assemblies, etc and prevent you from
infecting them. In this case you need
1) Keylogging : This basically taps all the
keystrokes that users type. When user
types password you get it. The victim
requires to execute the keylogger "server"
file in order to be infected.
2) Password Stealing : Here you steal
password saved on user's pc. Browsers
often save passwords to provide quick
login to the user, but this can be harmful
sometimes. Here same as keyloggers you
need to execute a file on client pc. You can
use combination of keylogger and password
stealers, such as my Emissary Keylogger/­
Stealer.
3) Cookie Stealing : Here you are stealing
cookies of the user. Cookies can be used
to auto login as they hold information
about the account.
4) Remote Administration Tools : These
tools are very dangerous and give you full
control of a computer. You can view
webcams, desktops live, transfer and
download files.
5) Social Engineering : Social Engineering is
nothing but fooling someone to download
your malware or extracting sensitive
information from them.
One of the methods is this : Hacking
Accounts through SE.
6) Phishing Attacks : Phishing is creating
fake login pages similar to that of a
website's login page and then fooling the
person to enter their username and
password into the login box. The triggered
php scripts shall send the entered
passwords to your log file.
7) Zombies/Bots : This is like keylogging
and pass stealing if victim executes your
malware he she can be infected with a bot.
A bot will connect them to your irc channel
or host server and make them your
"Zombie". You can do whatever you want
with them.
That covers the client part.
Server Side Hacking
1) Exploiting : Exploiting means finding a
vulnerability and using it to your
advantage. There are various publically
disclosed vulnerabilities and exploits that
you can simply search on google and HC.
There are ways to exploit a server the
most common ones are
1) XSS Cross Site Scripting,
2) RFI, LFI
3) Uploading Shells
4) SQL Injections
5) CSRF
6) Gaining Root Access to websites hosted
on the same server and then intruding
another site on the server.
7) Using Scripts to gain information known
as Exploits.
These methods are very vast and cannot
be explained in a few lines so I am not
explaining them in this guide.
2) Bruteforce Attack : Bruteforcing is using
a bruteforcer software to try combinations
of words, numbers and symbols to fetch
the login of your victim. But this rarely
works and you need to have a powerful
computer.
3) Reverting Accounts : Here we are fooling
the website servers that we are the
authorized user and we are the holder of
an account. One of this vulnerability exists
in Hotmail and existed in Facebook. Users
just supplied some information about the
clients such as last accessed ip address,
contacts on contact list, date of birth,
location, etc. With a bit of SE its not that
hard to extract such information from the
client.
That covers most of the basics of Email/
Website Account "Hacking". Hope you
don't buy into any of the bullshit after
reading this guide.