The Onion Routing – Highly Anonymous

Hii Friends if you read my previous article on “Proxies - Know and Use” & if u want to become Highly Anonymous on internet then today I am going to share article on “The Onion Routing – Highly Anonymous”.

We all many times use proxies for staying anonymous on internet. Lets quickly check out, what we are actually doing while using proxies. We first connect to a proxy server which brings resources requested by us from the web server.

                        
Thus a proxy server hides our identity by acting as an intermediary between us and the web server that we are accessing. You might want to read detailed post on proxies here.

Suppose we break into a server using a proxy server thinking that we are anonymous. But what if owner of web server starts enquiring about the clients connecting to it using the proxy server and it is possible that owners of proxy server might reveal our identity. This means we can’t actually rely on proxy servers for being anonymous online. Here comes the concept of THE ONION ROUTING (TOR) into picture. By using this, the client traffic is supposed to be passed from three different servers or nodes before reaching to actual web server. It may randomly take any path through any three nodes. 

 
Let’s consider it has taken path shown by green arrows. Now

* Node 1 knows only actual origin (client) but not actual destination (web server).
*Node 5 neither knows actual origin nor actual destination.
*Node 9 knows actual destination but not actual origin.

Thus no one exactly knows which client is accessing which web server. So it is highly anonymous.

Installing and Using TOR.

·        Download the TOR client from here and run the setup.
 Password – TRICKS4INDYA

Note: You need to install a Mozilla Firefox add on which is included in package you have downloaded to use Tor.

·        Open the 'Vidalia Control Panel' from the task bar and Click on 'Start Tor'.

·        Now open Mozilla Firefox browser, single click on red highlighted 'Tor Disabled' on right corner of browser and it will turn to green highlighted 'Tor Enabled'

Now just log on to 'www.whatismyip.com' and you will see your new public IP address that will keep changing after an interval of time according to the path randomly taken by web traffic through three different nodes.

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

If you want to keep up-to-date on Ethical Hacking Tutorials, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.

Read More

Proxies - Know and Use

Let’s start from general meaning of word 'proxy'. It’s actually an agent / substitute or anybody acting at place of any other.

Technically, proxies are used to bypass some firewall restrictions, maintaining anonymity or for many other purposes. Like you must using proxies for accessing social networking sites from your college network which your firewall restricts.

Let’s understand the common methodology (talking in general terms).

You bunk the lecture, requests your friend to speak up your attendance, you get the attendance (in case professor doesn’t' detect).

Now talking technically, when college firewall doesn't allow you to connect to a site (say facebook).You requests a proxy server to bring the web page from facebook and serve you, Now the firewall thinks you are dealing with a server other then facebook and allows you to make a connection(in case firewall doesn't detect ). 

Hence you have successfully managed to bypass a firewall. Proxy servers simply act as intermediate between your machine and actual server that you are accessing.

Proxy servers are mostly used to maintain anonymity. Suppose you are planning to commit an online crime, you can use proxy server. The actual webserver doesn’t come to know about you because proxy server is dealing with webserver on your behalf.

Common ways to use proxies: -

1.   Setting in Web Browser 

Steps: -

·        First of all log on to whatismyip.com and pen down your current IP.

·        Logon to google.com and search for 'fresh proxies' you will get many sites providing you list of IPs and respective port numbers. It must be like this IP: port.

Suppose logon to http://www.digitalcybersoft.com/ProxyList/fresh-proxy-list.shtml

·        Now copy the IP and port no.

·        In Mozilla Firefox browser, go to Tools--Options--Advanced--Network--Settings. You will get the dialog box as shown.

Check the option "Manual Proxy Configuration", fill IP and port no. You can configure the proxies in any browser.

·        Check out whatismyip.com again, hopefully it must have been changed. Similarly you can configure proxies in other web browsers.

2.   Using software’s: - You can download many IP hiding softwares. There are easy to use and freely available on internet. They automatically keep changing your IP after a particular interval of time.  I would recommend you one that is Ultrasoft. 

3.   Using websites: - Many websites (e.g- hidemyass.com) provide free services to hide you IP address.

You can directly visit other websites through them. If you really concerned regarding your anonymity, then must read my next coming article “The Onion Routing – Highly anonymous” on TRICKS4INDYA.

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

If you want to keep up-to-date on Ethical Hacking Tutorials, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.

Read More

Tab Napping - New Phishing Technique | Full Detail With Demo & Script To Hack Facebook Account

Hello friends, I am here with new phishing trick which is currently released in hacking field. Some of you might be knowing this but not having full idea as no one has given full discription about this with demo. Read out whole post to know more ....

Hack Facebook , Gmail , Hotmail , Etc Easily With Tab Napping Technique

What Is Tab Napping: -

Tab napping is new type of phising scam that does not require you to click on any url to redirect you to the phishing site instead it relies on the fact that a lot of people used tabbed browsing(Opening multiple tabs while browsing).In tab napping one of your inactive tab is automatically replaced by with a new tab without your knowledge. Tab Napping is a type of phishing with smarter way to confuse the victim. For example Victim was viewing page A in a tab of a browser and then left this idle and now using some other website in another tab of browser. After some time the page A will automatically change to the phishing page. This is your phishing page. Idea is to confuse the victim in multiple tabs of browser.

How Can You Use That Easily By Yourself:-

• First refer Facebook Phisher and create your own phisher
• Then create your own blog.
• Download the Tab Napping script.

Password:- TRICKS4INDYA

• Just Open the script and Find this,

timerRedirect = setInterval("location.href='http://www.gmail.com'",10000); //set timed redirect

• Now replace the ' http://www.gmail.com ' to your real page/blog address.
• Now, Select all & Copy Tab Napping script and you need to paste this code at the end of the real page html code(means above </html> ).
• That will not make any difference in your blogs layout.
• This script will track the user actions and as soon as the blog will kept ideal ,
• That script will redirect the victim to the phishing page your derived.
• Now send this blog address to your victim.
• You can use http://www.smartdots.com/ for professional address for free
• And also use fake email address sender.

Real Demo For Tab Napping :-

• Just Go here and wait keep yourself idle for 10 sec. 
• You will be redirected to the real "Tricks4indya phishing page of facebook ".

Enjoy The "Tab Napping  - New Phishing Technique " and donot forget to comment...

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

If you want to keep up-to-date on the Ethical Hacking Tutorials news, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook pageto keep informed about the latest security.

Read More

Download Free Email Extractor | Extract Email Addresses

Hii friends, everybody wanted to extract email addresses from online websites and make a list of such email addresses??? Recently, I posted Anonym Mailer software which is used to send anonymous emails. This software combined with a list of email addresses can help in marketing products. I was asked by some readers to post a link to download free email extractor software. Usually, Email extractor helps in extracting email addresses on websites. Thus, you can create your own list of email addresses using free email extractor and market your products.

Download Free Email extractor to extract email addresses: -

·        Download Free Email extractor to extract email addresses.
Password: TRICKS4INDYA

·        Run the downloaded email extractor on your computer to see: -

·        Now, enter the keywords belonging to your niche or simply hit on “Random” button to generate random keywords. Hit on Start and Email extractor will load all possible URLs related to your keywords and will start extracting email addresses from these pages.

·        You can see the extracted email addresses in “Results” tab.

·        Now, get some Email bomber software (I will post in my coming articles) and start your products marketing. The use of Email extractor software depends on your will now.

Note: - Use “Registrator” if you’re getting any sort of “prjXTab.ocx missing” or such errors.

So friends, download email extractor software and extract email addresses to start your product marketing. The main advantage of this Email extractor software is that it extract email addresses at a fast speed, unlike other email extracter softwares on web. If you have faced any problem while using email extractor software to extract email addresses, please mention it in comments.

Enjoy free email extractor to extract email addresses…

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

If you want to keep up-to-date on the Ethical Hacking Tutorials news, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.

Read More

Send , identify , trace Fake/Spoofed Email | Email Bombing | Email Spamming

Basics of working of Email (You can skip this part)

Email stands for Electronic Mail. Email sending and receiving is controlled by the Email servers. Email service providers configure Email Server before anyone can Sign into his or her account and start communicating digitally. Users from across the world register in to these Email servers and setup an Email account.

Email Travelling Path :-

Let’s say we have two Email providers, one is gmail.com and other is yahoo.com, ABC is a registered user in gmail.com and XYZ is a registered user in yahoo.com.

·        ABC signs in to his Email account in gmail.com, he then writes a mail to the xyz@yahoo.com and sends the message.

·        But what happens behind the curtains, the Email from the computer of abc@gmail.com is forwarded to the Email server of gmail.com. Server of gmail.com then looks for yahoo.com on the internet and forwards the Email of the yahoo.com for the account of XYZ@yahoo.com. Yahoo server puts that email in that account.

·        XYZ then sits on computer and signs in to her Email account. Now she has the message in her Email inbox.

Sending Fake/spoofed Email: -

Fake or spoofed email means the email from any email ID. It doesn't matter whether the sender's email really exists or not. Sender's email ID can be anything@anything.com. 

Methods: -

·        Using Open Relay servers: - An open relay server is that which allows people to send email by connecting to it.User connect to it via telnet and instructs server to send email. This method is outdated or simply I should say that, it doesn't work. I would not talk about it more.

·        Using Websites: - There are numberless websites that provide free service to send fake emails. But the problem is that they attach the advertisements along with your email.  But the best two, I have found that do not attach the advertisements.

www.emkei.cz      {have some advance options}
www.hidemyass.biz/fake-mailer/

·        Using mail sending scripts : The PHP contains mail sending function which allows us to send email with fake headers. Download a php script from here & Password is TRICKS4INDYA.

     We just need to upload the mail sending script on a web hosting site. It doesn't work on every webhosting site because there is no email sending support.  I have tested x10hosting.com (could take up to a day for account activation) , it works perfect. Some of the other are www.000webhost.com,byethehost5.com

Note: This script contains options of sending spoofed email, spamming and email bombing. Your hosting account might be immediately suspended on spamming/bombing. But it works perfect if you have any your own premium web hosting account. If you want to try email bomber, I could let you to use my own if sufficient people request in comments.

What is Email Spamming and Email Bombing ?

Email Bombing as clear from the name is sending the mass email that is large number of emails to a email ID in a single click. Email spamming is like sending an email to large number of email IDs in a single click. These activities are performed mainly for the advertisements of the products or services provided by a company. Many spammers spam to collect individual's personal information through some stupid things like 'fill these details to get your lottery amount' and that information is sold to businessmen looking for the people of different categories. There could be many more reasons of spamming. Spammers use automated tools to collect as many emails available on websites, forms, chat rooms and send spams to them.

How to identify whether an email is real or spoofed ?

It can be done by checking headers. Email headers is simply the text which contains the information about the mail servers that the email encountered in its path from the sender to receiver. It contains a lot of other information too.

Note: - I am just telling you a few points about this so that you would just get an idea about the approach. This may or may not depend on some factors.

We can view email headers in gmail by clicking at 'show orignal', in yahoo by clicking at 'Full headers' and such kinds of options in other email service providers.

If  you get an email displaying sender's email like someone@gmail.com, someone@hotmail.com, someone@yahoo.com . Then it should be originated from gmail, hotmail and yahoo servers respectively. But if it doesn't, the most probably the email would be fake. 

I will show you by an example, I received three emails in my gmail inbox from sender's address "someone@gmail.com."  Sender's address shows me that they should have been originated from gmail/google server, if they would be real.

Note: - There is a field called "Return-path" in headers.  If the email ID shown in this field and email ID you get as sender's email ID doesn’t match, then the email is surely fake.

Can we get sender's IP address from Email Headers ?

We may or may not. Gmail, yahoo normally does not reveal sender's IP address. But when we send an email from a php script, the headers might reveal Sender's IP. The conclusion is that answer to this question varies from different email service providers and the way how email is sent.


Can we trace sender's location, if we get his IP address ?

The IP address could only tell that which Internet Service Provider (ISP) is used by sender. Further details cannot be revealed without the help of that ISP. Normally the Public IP is dynamic that is it keeps changing. We need to ask ISP about the user who was assigned that IP at the time email was sent. If sender has purchased a static IP address, it doesn't matter that when exactly was email sent. He could easily be traced.

Feel free to ask any queries in comments.

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

 
If you want to keep up-to-date on the Ethical Hacking Tutorials news, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.

Read More

Image Hack: How to hack Images on friend’s computer

Hii Friends, I think you really like my previous post “How to hack an Email Account Password by Keylogger” & today I am going to share article on “How to hack Images on friends computer using Image Worm software”.

Image Worm software developed by Nathan which you can use to hack images on remote computer. You can also use Winspy Keylogger to hack images on remote computer.

Image Worm: Hack Images on friend’s computer: -

·        Download Image Worm software to hack images on friend’s computer.
Password: TRICKS4INDYA

·        Run the Image Worm software to see: -

·        Now, select any image on your computer. This image will be used to replace all the images on victim computer i.e. all the images on your friend’s computer will be changed to your selected image.

·        After selecting the image, hit on “Build Worm” and Image worm will create a server.exe file in current directory.

Note: Do not run this server.exe file on your own computer. I don’t know how to nullify the changes done by this image hack. If you want to try out on your computer, make sure you use Deep Freeze 6 software before running server.exe file.

·        Now, bind the server.exe file with any other .exe file using FUD binder software. Send this binded file to your friend and ask him to run it on his computer. After running, our server.exe file will silently install itself on victim computer and all his images will be changed to your image selected in Step 3.

1.   Images before Image hack: -

2.   Images after Image hack: -

Thus, now you can see this image hacking software changes all images on victim computer. You are able to hack images on your friend’s computer thanks to Image Worm software.

Note: The server.exe file may take some time to hack images on remote computer. Also, on some computers, Image Worm is able to hack images present in “Pictures” folder. So, the working of Image worm to hack images varies according to computer.

So friends, I hope now you can hack images on your friend’s computer. I have tried this image hack and is working perfectly for me If you have any problem in this tutorial to hack images on remote computer, please mention it in comments.

Enjoy Image Worm software to hack images on your friend’s computer…

Note: This is illegal and is for educational purpose only. Any loss/damage happening will not be in any way our responsibility.

If you want to keep up-to-date on the Ethical Hacking Tutorials news, latest Tips & Tricks, latest scams & most important awareness and are a member of Facebook, don't forget to Join the Tricks4indya Facebook page to keep informed about the latest security.

Read More