Hello guys in this blog post I'm going to show u how to hack or brute force email passwords using a tool called Hydra.
Hydra is a very powerful brute forcing tool and it comes built in to Kali Linux. U may need to install it in other Linux distros.
So for today's tutorial we need:
Kali Linux
Hydra
An E-mail Address to hack
SMTP server settings of the email provider(Google it, I am using a G-mail ID for this tutorial)
a good password list
So let's get started.
Use Videos :
STEP 1:
Boot kali linux and create a password list(Make sure that the list isn't too large.. avoid the built-in passwords list in kali.. this is because we do not want the mail server to be triggered while brute forcing, so try using a short list). Below is a list that I am gonna use:
STEP 2:
Note down the SMTP mail server settings(mainly the Address and the port).
[here, testvictimgeek@gmail.com is the E-mail that we are gonna hack, passwords.lst is the password list, 465 is the SMTP port no, -t is the no. of threads(which is 1 in this case), -S means its using SSL, and smtp.gmail.com is the smtp address, and at last smtp means its using smtp protocol.]
PLEASE CHANGE THE VALUES ACCORDING TO YOURS :)
Now just hit enter, u will get result some what like this below(remember to change the values as per yours, I mean in the command, don't use my e-mail address):
The green coloured one is the password :D.
That's it for this tutorial, hope to see u in the next one :)
When entering these Google Dorks for credit card details you can get a warning from Google like below:
Don’t worry, fill the Captcha and you are good to go again.
Step 2: Use SQL In
jection to Login after getting the Google Dorks for credit card detail:
SQL is the common hacking technique used in cracking the logging insecurities.
Injecting a SQL code can bypass the username and password verification by sending a specific code instead of the real username and password.
Suppose you have got a list of websites using Google dorks which you are gonna use to get credit card details of people.
Go to the login page of a particular website and instead of entering the Email Id and password fill both fields with
” or “”=”
After entering the above code press the login button. If your luck is with you have chances of getting logged in into someone’s account.Either read my sql article given in telegram channel @its_me_kali_moments
NOTE: Above topic is only for educational purpose and we don’t appreciate any kind of illegal activities using Google Dorks.
What are search operators?
Google Operators are strings used to narrow the search results downwards. When using search operators and adding the keywords these operators compel search engines to show the specific result.
Now can i make my own dork ?
Yes, you can you just need to be little bit create with this. example if you want to get shopping sites in india then dork is
inurl:”cart.php” intext:shopping” site:in
lets break it :
inurl => in url of website
intext: => in text of website pages or posts
site => search of in domains only.
And get all working google dorks
Some of the popular examples for finding websites that are vulnerable to SQL injection, XSS, API keys etc. are
Dork for SQL Injection - inurl: .php?id=
2. Dork for XSS - inurl:”.php?searchstring=”
3. Dork for API keys - intitle:”index of” api_key OR “api key” OR apiKey
Above are the most common examples of finding some common vulnerabilities on the websites, but this aren’t the limited one.
Still there are many websites that are passing sensitive information using GET method, to make it secure you can use the blocking rules. Commonly, the blocking rules could be setup easily by write some “Disallow” rules at robots.txt file.
Blocking Rules
While hunting on a private program I found a request where they were using GET parameter which contained email, some key, ID, my country name etc. So I tried finding email’s of other users on the same site and I got some yahoo email ID’s
Dork Used for yahoo : site:target.com inurl:’@yahoo.co’ (which will give me .com and .co.in) emails of yahoo
Yahoo
I got an excel sheet containing yahoo emails and phone numbers of the users of that site.
Now I wanted to find some more emails so I enumerated further and got emails of outlook.live and gmail.com
2. Dork Used for outlook : site:target.com inurl:’@live.com’
Outlook
3. Dork Used for gmail : site:target.com inurl:’@gmail.com’
7. inurl:/database* ext:sql intext:index of -site:target.com
This are some of the not so common but useful Google Dorks to find sensitive information of the website. You can also modify this dorks and you can also use more dorks with this dorks.
NOTE : You can prevent a page from appearing in Google Search by including a “noindex” meta tag in the page's HTML code, or by returning a 'noindex' header in the HTTP request.
🏴 Popular Google Dork operators
Google’s search engine has its own built-in query language. The following list of queries can be run to find a list of files, find information about your competition, track people, get information about SEO backlinks, build email lists, and of course, discover web vulnerabilities.
Let’s look at the most popular Google Dorks and what they do.
cache: this dork will show you the cached version of any website, e.g. cache: itsmekali.com
allintext: searches for specific text contained on any web page, e.g. allintext: hacking tools
allintitle: exactly the same as allintext, but will show pages that contain titles with X characters, e.g. allintitle:"Security Companies"
allinurl: it can be used to fetch results whose URL contains all the specified characters, e.g: allinurl client area
filetype: used to search for any kind of file extensions, for example, if you want to search for jpg files you can use: filetype: jpg
inurl: this is exactly the same as allinurl, but it is only useful for one single keyword, e.g. inurl: admin
intitle: used to search for various keywords inside the title, for example, intitle:security tools will search for titles beginning with “security” but “tools” can be somewhere else in the page.
inanchor: this is useful when you need to search for an exact anchor text used on any links, e.g. inanchor:"cyber security"
intext: useful to locate pages that contain certain characters or strings inside their text, e.g. intext:"safe internet"
link: will show the list of web pages that have links to the specified URL, e.g. link: microsoft.com
site: will show you the full list of all indexed URLs for the specified domain and subdomain, e.g. site:securitytrails.com
*: wildcard used to search pages that contain “anything” before your word, e.g. how to * a website, will return “how to…” design/create/hack, etc… “a website”.
|: this is a logical operator, e.g. "security" "tips" will show all the sites which contain “security” or “tips,” or both words.
+: used to concatenate words, useful to detect pages that use more than one specific key, e.g. it itsme+ kali
–: minus operator is used to avoiding showing results that contain certain words, e.g. its_me_kali will show pages that use “its_me_kali” in their text, but not those that have the word “Kali”
Google Dork examples
Let’s take a look at some practical examples. You’ll be surprised how easy is to extract private information from any source just by using Google hacking techniques.
Log files
Log files are the perfect example of how sensitive information can be found within any website. Error logs, access logs and other types of application logs are often discovered inside the public HTTP space of websites. This can help attackers find the PHP version you’re running, as well as the critical system path of your CMS or frameworks.
For this kind of dork we can combine two Google operators, allintext and filetype, for example:
allintext:username filetype:log
This will show a lot of results that include username inside all *.log files.
In the results we discovered one particular website showing an SQL error log from a database server that included critical information:
MyBB SQL Error
SQL Error: 1062 - Duplicate entry 'XXX' for key 'username'
Query:
INSERT
INTO XXX (`username`,`password`,`salt`,`loginkey`,`email`,`postnum`,`avatar`,`avatartype`,`usergroup`,`additionalgroups`,`displaygroup`,`usertitle`,`regdate`,`lastactive`,`lastvisit`,`website`,`icq`,`aim`,`yahoo`,`msn`,`birthday`,`signature`,`allownotices`,`hideemail`,`subscriptionmethod`,`receivepms`,`receivefrombuddy`,`pmnotice`,`pmnotify`,`showsigs`,`showavatars`,`showquickreply`,`showredirect`,`tpp`,`ppp`,`invisible`,`style`,`timezone`,`dstcorrection`,`threadmode`,`daysprune`,`dateformat`,`timeformat`,`regip`,`longregip`,`language`,`showcodebuttons`,`away`,`awaydate`,`returndate`,`awayreason`,`notepad`,`referrer`,`referrals`,`buddylist`,`ignorelist`,`pmfolders`,`warningpoints`,`moderateposts`,`moderationtime`,`suspendposting`,`suspensiontime`,`coppauser`,`classicpostbit`,`usernotes`)
VALUES ('XXX','XXX','XXX','XXX','XXX','0','','','5','','0','','1389074395','1389074395','1389074395','','0','','','','','','1','1','0','1','0','1','1','1','1','1','1','0','0','0','0','5.5','2','linear','0','','','XXX','-655077638','','1','0','0','0','','','0','0','','','','0','0','0','0','0','0','0','')
This example exposed the current database name, user login, password and email values to the Internet. We’ve replaced the original values with “XXX”.
Vulnerable web servers
The following Google Dork can be used to detect vulnerable or hacked servers that allow appending “/proc/self/cwd/” directly to the URL of your website.
inurl:/proc/self/cwd
As you can see in the following screenshot, vulnerable server results will appear, along with their exposed directories that can be surfed from your own browser.
Vulnerable web servers
Open FTP servers
Google does not only index HTTP-based servers, it also indexes open FTP servers.
With the following dork, you’ll be able to explore public FTP servers, which can often reveal interesting things.
intitle:"index of" inurl:ftp
In this example, we found an important government server with their FTP space open. Chances are that this was on purpose — but it could also be a security issue.
ENV files
.env files are the ones used by popular web development frameworks to declare general variables and configurations for local and online dev environments.
One of the recommended practices is to move these .env files to somewhere that isn’t publicly accessible. However, as you will see, there are a lot of devs who don’t care about this and insert their .env file in the main public website directory.
As this is a critical dork we will not show you how do it; instead, we will only show you the critical results:
ENV files
You’ll notice that unencrypted usernames, passwords and IPs are directly exposed in the search results. You don’t even need to click the links to get the database login details.
SSH private keys
SSH private keys are used to decrypt information that is exchanged in the SSH protocol. As a general security rule, private keys must always remain on the system being used to access the remote SSH server, and shouldn’t be shared with anyone.
With the following dork, you’ll be able to find SSH private keys that were indexed by uncle Google.
If this isn’t your lucky day, and you’re using a Windows operating system with PUTTY SSH client, remember that this program always logs the usernames of your SSH connections.
In this case, we can use a simple dork to fetch SSH usernames from PUTTY logs:
filetype:log username putty
Here’s the expected output:
SSH usernames
Email lists
It’s pretty easy to find email lists using Google Dorks. In the following example, we are going to fetch excel files which may contain a lot of email addresses.
filetype:xls inurl:"email.xls"
Email lists
We filtered to check out only the .edu domain names and found a popular university with around 1800 emails from students and teachers.
site:.edu filetype:xls inurl:"email.xls"
Remember that the real power of Google Dorks comes from the unlimited combinations you can use. Spammers know this trick too, and use it on a daily basis to build and grow their spamming email lists.
Live cameras
Have you ever wondered if your private live camera could be watched not only by you but also by anyone on the Internet?
The following Google hacking techniques can help you fetch live camera web pages that are not restricted by IP.
Here’s the dork to fetch various IP based cameras:
inurl:top.htm inurl:currenttime
To find WebcamXP-based transmissions:
intitle:"webcamXP 5"
And another one for general live cameras:
inurl:"lvappl.htm"
There are a lot of live camera dorks that can let you watch any part of the world, live. You can find education, government, and even military cameras without IP restrictions.
If you get creative you can even do some white hat penetration testing on these cameras; you’ll be surprised at how you’re able to take control of the full admin panel remotely, and even re-configure the cameras as you like.
Live cameras
MP3, Movie, and PDF files
Nowadays almost no one downloads music after Spotify and Apple Music appeared on the market. However, if you’re one of those classic individuals who still download legal music, you can use this dork to find mp3 files:
intitle: index of mp3
The same applies to legal free media files or PDF documents you may need:
intitle: index of pdfintext: .mp4
Weather
Google hacking techniques can be used to fetch any kind of information, and that includes many different types of electronic devices connected to the Internet.
In this case, we ran a dork that lets you fetch Weather Wing device transmissions. If you’re involved in meteorology stuff or merely curious, check this out:
intitle:"Weather Wing WS-2"
The output will show you several devices connected around the world, which share weather details such as wind direction, temperature, humidity and more.
weather-wing-device-transmissions
Preventing Google Dorks
There are a lot of ways to avoid falling into the hands of a Google Dork.
These measures are suggested to prevent your sensitive information from being indexed by search engines.
Protect private areas with a user and password authentication and also by using IP-based restrictions.
Encrypt your sensitive information (user, passwords, credit cards, emails, addresses, IP addresses, phone numbers, etc).
Run regular vulnerability scans against your site, these usually already use popular Google Dorks queries and can be pretty effective in detecting the most common ones.
Run regular dork queries against your own website to see if you can find any important information before the bad guys do. You can find a great list of popular dorks at the Exploit DB Dorks database.
If you find sensitive content exposed, request its removal by using Google Search Console.
Block sensitive content by using a robots.txt file located in your root-level website directory.
Using robots.txt configurations to prevent Google Dorking
One of the best ways to prevent Google dorks is by using a robots.txt file. Let’s see some practical examples.
The following configuration will deny all crawling from any directory within your website, which is pretty useful for private access websites that don’t rely on publicly-indexable Internet content.
User-agent: *
Disallow: /
You can also block specific directories to be excepted from web crawling. If you have an /admin area and you need to protect it, just place this code inside:
User-agent: *
Disallow: /admin/
This will also protect all the subdirectories inside.
Restrict access to specific files:
User-agent: *
Disallow: /privatearea/file.htm
Restrict access to dynamic URLs that contain ‘?’ symbol
User-agent: *
Disallow: /*?
To restrict access to specific file extensions you can use:
User-agent: *
Disallow: /*.php$/
In this case, all access to .php files will be denied.
Advanced Google Dorking Commands
intitle:"index of" inurl:ftp.
filetype:txt inurl:"email.txt"
Live cameras We can use Google to find open cameras that are not access restricted by IP address. The following Google dorks retrieve live cameras web pages.
NeMan-In-The-Middle Attacktworking is an important platform for an Ethical Hacker to check on, many of the threat can come from the internal network like network sniffing, Arp Spoofing, MITM e.t.c, This article is onXerosploit which provides advancedMITMattack on your local network to sniff packets, steal password etc.
As we all know, SMS Bombing any Android smartphone is a new trend in the world of pranks. Everyone just wants to have fun with their friends by bombing their SMS Inbox with unlimited text messages. So, if you are also searching for an unlimited SMS app to bomb someone’s inbox, then SMS Bomber Apk might be the best choice for you.
SMS Bomber is an SMS Bombing application that allows users to spam someone’s SMS Inbox with unlimited SMS. It’s worth to note that there are hundreds of SMS Bombing apps available on the web and on different Android app stores, but none of them work like SMS Bomber. SMS Bomber stands out from the crowd due to the features that it provides.
One of the most notable things of SMS Bomber Apk is that it doesn’t reveal the sender’s identity or any other private information. By this way, the receiver can never guess the sender. Apart from that, SMS Bomber Apk doesn’t implement any restriction on the length of SMS. So, you can now send unlimited lengthy text messages to your friends without any limitation.
T-Remix or Termux will Help to Customise Your Termux in such a way that you will Enjoy using Termux it will give you a morden look and we also have add a feature of password,so now you can also set Password on your Termux and protect it so no one can login in your termux in absence of you. one more feature that we have added is that you can change dollar sign and put anything you want in that place. Hope you guys like this Project,then dont forget to give it a like and stay connected for such amazing projects.
Wifi Hacking Apps for Android Smartphones, anyone can hack Wifi network around them. WiFi is the best source of high-speed internet and gives better reliability than a mobile network.
Hacking WiFi networks is an important part of learning the subtleties of ethical hacking and penetration testing.
A LOIC (Low Orbit Ion Cannon) is one of the most powerful DOS attacking tools freely available. If you follow news related to hacking and security issues, you doubtless have been hearing about this tool for the past several months. It has become widely used, including in some highly-publicized attacks against the PayPal, Mastercard and Visa servers a few months back. This tool was also the weapon of choice implemented by the (in)famous hacker group, Anonymous, who have claimed responsibility for many high profile hacking attacks, among them, hacks against Sony, the FBI and other US security agencies. The group not only used this tool, but also requested that others download it and join Anonymous attacks via IRC.
In this brief article, I will give an overview and operational model of the tool. There are 2 versions of the tool: the first is the binary version, which is the original LOIC tool. The other is web-based LOIC or JS LOIC.
Note:- This thread is now CLOSED by Online Hacking (The Admin) due to violation of our Terms. I was informed that many attacks on several persons` Mobile Phones are done by using my information as a base guide. We never invade people`s privacies and we don't want it to be done by other people, specially using our Information & Techniques. That's Y , I've decided to close THIS guide PERMANENTLY! (Screenshots, Requirements, Headings, Commands & Problems_Section R not gonna Remove)
If U want further Guides & Techniques, Join Telegram Telegram and Telegaram Group. Our Groups are open for all people.
All the groups are now Strictly watched by our Responsible & Genius Administrators!
First, we must define the meaning of a DDoS attack. DDoS attacks are a main concern in internet security, and many people misunderstand what exactly they are.
The kind of information you can learn from a tracking link depends on the type of link you're using. There are two types of tracking links that Grabify can create, the default being a lightweight and nearly undetectable redirect to a decoy URL. This default option looks and acts like a URL shortener, and the average person wouldn't notice it.
From this kind of link, you can expect to get the IP address, country, browser, operating system, hostname, and internet service provider. For someone that's harassed online, that alone may be enough to file a police report or press charges.
If you want to use the advanced tracking link that Grabify offers, the target will see a brief redirect page that looks like this:
Because the average user wouldn't recognize this as something to be suspicious of, it's generally safe to use when you need more information. Because we're rendering a page this time, we can learn a lot more information about the user.
With the advanced tracking, we can see the battery level and whether or not the device is plugged in. We can see the make and model of the device, the internal network IP address, the time zone, screen size, and even which way the user is holding their device. This level of detail can get downright creepy and can give you the upper hand in proving someone isn't really who they say they are.
✳️ Video Tutorials :-
.
FEATURES
Date/Time
IP Address
Country
City
Battery
Charging
Orientation
Connection Type
Timezone
Language
Incognito/Private Window
Ad Blocker
Screen Size
Local IP
Browser
Operating System
Device
GPU
Bot Name
Bot URL
User Agent
Referring URL
Host Name
ISP
VPN/Proxy Detection
Tor Detection
Virtual Machine Detection
Step 1: Find a Plausible Link to Send
For this attack to work, we need to create a scenario where it makes sense for the target to click or tap a link. There are two different kinds of links we can send, one loads a fake referral page that grabs more information, and the other is a simple pass-through link that is less visible but also records less information.
Step 2: Create a Tracking URL
The first step in tracking a target with a Grabify link is to find a link you think your target would expect to receive. It should be something unsuspicious when the target ends up at the URL, and it will serve as a cover for the tracking link you create. You want to pretend like you're sending them a regular innocent URL shortened version of whatever decoy link you pick.
Grabify will generate a tracking page, complete with a tracking link and interface with information about each time someone has clicked or tapped on the link. When you first start, it should be empty, although some URL shorteners will use bots to preview the link you're shortening, and that data might show up.
Now that we have a functional tracking link, it's time to start making it look more like something our target would click or tap.
Step 3: Shorten & Hide Your Tracking Link
Grabify isn't exactly a subtle URL name, so part of successfully getting your target to click or tap on a link is providing a link that doesn't look too out of place. You can obscure the link with any number of URL shorteners, some of which are available right in Grabify.
Below, you can see the list of URL shorteners Grabify supports. Click on "View Other link Shorteners" next to Other Links on the log page.
If the included shortener options don't suit your situation, you can always create a custom link that looks like an image file, GIF, CSV, HTML, Torrent, or ISO file.
Click on either "Click here" beside Select Domain Name or "Change domain/Make a custom link" in the New URL box, then check out the "Extension" drop-down. You can make it look like you're sharing a file rather than a referral link, which may work better to trick the target into clicking or tapping on your link.
In this custom link menu, there are also options to a different domain from one of the ones provided by Grabify, provide a custom path, and give a custom parameter.
Once you generate a shortened link or a custom URL disguise, you're ready to present it to the target. Once the target clicks or taps the link, an entry will appear under the "Results" section of your log page.
Step 4: Interpret the Tracking Information
Now, open your target link and see what you get. In the default configuration, you don't use a fake referral page, so you don't get the most information possible.
You should see a detection on your management portal (you may need to refresh the page), and you can select it to view more details. As you can see in my example below, I have the essentials, like the location, IP address, and information such as the internet service provider and operating system.
To kick things up a notch, you can enable the "Smart Logger" feature by clicking the toggle switch on the web interface. The toggle enables a fake tracking page that will be able to extract a lot more information.
Once "Smart Logger" is enabled, open the link again and take a look at the recorded information. This time, you should see a lot more information.
This extra information can tell us a lot. For one, in my example, the internal IP address tells us that this person is likely connected to a VPN, as a standard local IP address would probably look like "192.168.0.2" or something similar. We can also see more information about the specific device that made the request, as well as the screen size and browser extensions installed.
You'll also notice that you can learn if the battery is charging and what battery level is. It could allow you to track a person over a short period, with their battery level either increasing if charging or decreasing if not charging, which could identify the device uniquely. Another overlooked value is the language and time zone, which are often set by the system.
In some cases, we can see the make and model of the device making the request, allowing us to pinpoint the hardware used by the target. Any of these details may be enough to bust a catfish, either by revealing them to be in the wrong state or country, showing a device different from the one the person uses in their (probably fake) photos, or by showing a time zone that makes no sense for where they claim to be.