Hacking Method

[Carding]

Jacking Method (HARDEST)

Method: Phishing
This option is much more difficult than the rest, but it is also the most common method to hack someone's account. The most popular type of phishing involves creating a fake login page. The page can be sent via email to your victim and will look exactly like the Facebook login page. If the victim logs in, the information will be sent to you instead of to Facebook. This process is difficult because you will need to create a web hosting account and a fake login page.

The easiest way to do this would be to follow our guide on how to clone a website to make an exact copy of the facebook login page. Then you'll just need to tweak the submit form to copy / store / email the login details a victim enters. If you need help with the exact steps, there are detailed instructions available by Alex Long here on Null Byte. Users are very careful now with logging into Facebook through other links, though, and email phishing filters are getting better every day, so that only adds to this already difficult process. But, it's still possible, especially if you clone the entire Facebook website.

Step 1: Download & Install HTTrack
From Kali, we need to navigate to "System Tools" and then "Add/Remove Software," like in the screenshot below.
That will open a screen like the one below. Notice the window in the upper left-hand corner next to the "Find" button. Enter "httrack" there and it will find the packages you need to install HTTrack.
You can also install it by typing the following in a terminal.

kali > apt-get install httrack
Step 2: Use HTTrack
Now that we have installed HTTrack, let's start by looking at the help file for HTTrack. When you downloaded and installed HTTrack, it placed it in the /usr/bin directory, so it should be accessible from any directory in Kali as /usr/bin is in the PATH variable. Let's type:

kali > httrack --help

I've highlighted the key syntax line in the screenshot above. The basic syntax is the following, where -O stands for "output." This switch tells HTTrack where to send the website to.

kali > httrack <the URL of the site> [any options] URL Filter -O <location to send copy to>
Using HTTrack is fairly simple. We need only point it at the website we want to copy and then direct the output (-O) to a directory on our hard drive where we want to store the website. One caution here, though. Some sites are HUGE. If you tried to copy Facebook to your hard drive, I can guarantee you that you do not have enough drive space, so start small.

Step 3: Test HTTrack
In an earlier tutorial on hacking MySQL databases behind websites (MySQL is the most widely used database backend behind websites), we used a website that we could hack with impunity called webscantest.com. Let's try to make a copy of that site to our hard drive.

kali > httrack http://www.webscantest.com -O /tmp/webscantest

As you can see, we successfully made a copy of all the pages of this site on our hard drive.

Step 4: Explore the Site Copy
Now that we have captured and copied the entire site to our hard drive, let's take a look at it.

We can open the IceWeasel browser (or any browser) and view the contents of our copied site to the location on our hard drive. Since we copied the web site to /tmp/webscantest, we simply point our browser there and can view all the content of the website! If we point it to /tmp/webscantest/www.webscantest.com/login.html, we can see that we have an exact copy of the login page!
Hmmm...what could we possibly use that for???

Step 5: Copy Our Favorite Web Site
Now, let's try HTTrack on our favorite website, wonderhowto.com. Let's try to make a copy of a forum post I wrote last week about the CryptoLocker hack. First, let's open that page right here and copy the address into Kali after the HTTrack command and then the location where you want send the copy to.

kali> httrack http://nullbyte.wonderhowto.com/forum/cryptolocker-innovative-creative-hack-0151753 -O /tmp/crytoloc
You can send the copied website to any location, but I sent mine to /tmp/crytoloc. When we do so, HTTrack will go into Null Byte, grab that webpage, and store an exact copy of it on your hard drive. Notice it also tells us that it is 208 bytes.

As you can see below, we were able to copy my Null Byte article on CryptoLocker to my Kali hard drive and open an exact copy of it with my browser.

If you are trying to find information about a particular company for social engineering or trying to spoof a website or login, HTTrack is an excellent tool for both tasks. Many of you have been asking about how to create a clone website for dnsspoof or grab credentials for an Evil Twin, now you have the tool to do so!

Pros Jacking Method

First You try to get info from the target' for example: Hey' can I get your paypal? I want to buy something' the target will send his email' it's 99% of the time that he doesnt use his main email ofcourse' so you'll have to dox him. You can use
http://pipl.com to try to get his email. There are some tutorials on youtube. When you got the email you can go to https://haveibeenpwned.com and enter the email' if it turns red you got a hit. For example' you see that it has been leaked in the database "000webhost" then you go to forums like: http://raidforums.com or http://leakforums.com or nulled.to and try to find it there' download the database and search for the email' you'll find it if you downloaded the database. Sometimes it's plain text and sometimes its decrypted. HaveIbeenpwned sometimes says in the description if it is encrypted and with what kind of encryption. A good site to decrypt the "Encrypted password" is http://finder.insidepro.com If everything goes correct you have a chance that you got the email of the target + the password now. Have fun hacking!

How to stay anonymous?
Get Tor Browser, do EVERY hack thing on there. Use a VPN (I prefer IPVanish).

 

[Carding 4 Carders]

8 popular hacking techniques you should know about​

Computers of the late 50s and early 60s were huge, and their operating costs were thousands of dollars.
In this regard, programmers were looking for ways to get the most out of the machines and came up with clever hacks.
These hacks were shortcuts that changed and improved the performance of the computer's operating system (s) or applications to quickly perform more tasks.
However, now everything has changed.
People with malicious intent can hack into your phone or company systems to steal information that is worth millions.
Our phones store a lot of information, from simple details in the form of notes to the most important ones, such as credit card details, email accounts, user credentials on social networks, and so on.
With the rapid proliferation of digital devices, attempts to access these digital diaries are increasing and becoming more Intrusive.
There are many ways to attack networks and devices.
Here are 8 hacking techniques and how you can prevent these attacks.

1) hacking Technique – Bait and Switch
Bait and Switch is the most common Scam scheme involving high-end websites that engage in advertising space for third parties.
As the name suggests, this hacking technique involves a hacker buying ad space on these sites.
When a user clicks on an ad, they are taken to a page infected with malware that installs viruses and / or adware on your phone or system, thereby gaining access to your system.
Advertising links and download banners are designed to make it look attractive, so that the victim can't resist clicking on them.
If you want to own any gadget or good thing, always buy them in well-known stores.

2) Cookie Theft
Digital footprints are very real.
Your browser's cookies store a lot of things, including your username, browsing history, and passwords for the various websites you use.
Once a hacker gets access to your cookies, they can impersonate you in this browser.
The most common way to do this is to force the user's IP packets to pass through the attacker's computer.
This method is also called Session Hijacking.
A hacker can easily do this when the user is not using SSL (https) for the entire session.
If you enter your password or Bank details on the website, make sure that the connections are encrypted.
The best method to prevent this attack is by avoiding public and unsecured private networks.
Use a VPN for encryption and tunnel the connection on your mobile phone.
And don't forget to clean your cookies so there's nothing to steal!

3) Denial / distributed denial of service (DoS / DDoS)
This is a classic method that hackers use to break into networks or systems by flooding them with a large amount of traffic, including data requests, repetitive tasks, and login attempts.
The server can't process requests on time and crashes as a result.
The target machine is overflowing with requests that reduce resources and ultimately limit the actual functionality.
Hackers are also known to set up zombie computers or botnets assigned to overload your systems with request packets.
Malware and hackers are growing rapidly every year, and the number of DDoS attacks is increasing.

4) Eavesdropping or recording surround sound
Hackers use this passive technique to listen in on other people's conversations and network connections and record the most valuable information possible.
There are various monitoring methods, such as data interception, packet sniffing, and other methods, such as surround sound recording applications.
One of them is Xnspy, a surround sound recording app that lets you listen to your phone's surroundings.
Xnspy runs stealthily in the background and runs quietly.
A hacker can install it on their phone.
The app works without showing itself in the installed apps.
The hacker sends a remote command that turns on the phone's microphone.
The app records all conversations and sounds happening around your phone.
So don't leave your phone unattended.
And if you lose it and return it after a certain period of time, reset it to factory settings.
Also, avoid using unsecured and public Wi-Fi networks.
Use a VPN.
Use IPS intrusion prevention systems to protect against eavesdropping.

5) Keylogging
Keylogging is one of the simplest and oldest hacking methods that allows hackers and intruders to record keystrokes that you make.
A more complex view involves navigation and mouse clicks.
Simple Keylogger– a simple Keylogger for Windows, Linux and Mac.
Hackers can even get usernames and passwords through the resulting log files.

6) WAP attacks
A fake wireless access point (WAP) is like a deceptive Wi-Fi access point that hackers use to monitor or intercept the victim's data streams.
Hackers find a place where the victim physically addresses, such as a park or cafe.
Once hackers have read your movements, when you arrive and connect, they will create a fake Wi-Fi hotspot, and then change the sites you frequently visit, redirecting them to you to get your data.
This attack collects information about the user from a specific space, so it is not so easy to detect the attacker.
The best way to avoid this attack is to follow basic security rules (by updating your phone), and never connect to public access points.

7) Malware
The most popular weapon among hackers is a range of malicious programs.
There are viruses, trojans, ransomware, and worms that can damage your entire system if you let them in.
To prevent the impact of these attacks, beware of emails that you open or attachments that you download.
You can disable pop-UPS in your browser and avoid the temptation to click them.
Regularly update your software and anti-malware tools.

8) Phishing
A phishing attack involves using a specially crafted email to lure the recipient into leaking their personal or financial information.
Hackers have made significant advances in this technique by using social engineering techniques and adding an element of urgency to these emails.
The hacker mimics the sites you access most often, and then catches the victim by sending a fake link, such as a software download, or a deal from your favorite store that you just can't miss, or even a fake alert about your recent online activity.
Hackers can use any of these lures and then redirect you to a fake website, from where all your credentials are collected in an online form.

In addition to all the methods and security measures mentioned above, you must remain vigilant and use common sense.
If you are not sure about the email or message, ask the person who supposedly sent it to make sure that the message is safe to open.