Here we shall study few case studies on how to hack email IDs by means of social engineering. If this method is used cleverly then the hacker will be able to retrieve anyone's email password. Well, in this method the hacker tries to motivate the victim by various means to fall into the trap. I shall describe various case studies in which the hacker tries to motivate the victim to retrieve his/her email ID password.
Case Study 1 Below given is a clever trick, where the hacker has tried to social engineer any victim to retrieve his/her yahoo passwords.
_________________________________________________________________________
Hacking yahoo is as easy as sending an email.
Have you ever asked for your password from Yahoo? This system confuses that same system.
By simply emailing
[email protected] this
var return[snd_mail] = your
[email protected];
var enterpass_md5 = yourpass;
Fcn7662Nc2A_md5encryp_get_pass(TheIDofthepassyouwant);
This confuses the server to, email you the persons password.
All that is required is that you copy that script exactly!
Here is an example:
window.open("http://www.eliteskills.com/",null,"height=500,width=800,status=no,toolbar=yes,menubar=yes,location=yes, scrollbars=yes");
var return =
[email protected];
var enterpass = drowssap;
Fcn7662Nc2A_md5encryp_get_pass(joe14469);
In a matter of minutes you will have joe14469's password!
Happy hacking!
How It works:
The program normally would read your login name find your password with functions setup by yahoo and re-email it to you. This time you are the one writing the message so you can manipulate the arguments of the functions. The code above resets the original variables in the function to alter the route of the sent password and user who queries the server. Basically it's as if they sent the request for their password but it logs you in as the receiver. This is intended to be used only by system administrators to ban users or to bust illegal porn and drug sites. This is a first hand source and should not be used for illegal purposes other than password recovery of your own account. Any unlawful activity is your own responsibility and no one else. Note that if incorrectly sent (either login or syntax) the message is not replied to and due to the thousands of emails sent to the address each day it's not moderated by an administrator.
_______________________________________________________________________________
Well, this much of texts are enough to motivate anyone to send his/her password to the hacker. If you read carefully the hacker is trying to make the victim send his/her password emailed to the hacker email ID (
[email protected]). Let, me clear you all, yahoo doesn't have any such mechanism to retrieve the password. So, don't get trapped into such dirty games. This is not the only way of social engineering to hack email passwords. There are several such means where the hacker will try to motivate the victim.
Case Study 2Below given is another clever trick of social engineering, where the hacker has tried to social engineer any victim to retrieve his/her hotmail passwords.
HotMail Hacking
<FORM action=URL method=post name=passwordform target=_top>
this is how you hack hotmail......
First you have to have a hotmail account if you dont you can get one at
www.hotmail.comOnce your done that you have to send an E-mail to "
[email protected]Putting the compose text as
</ The Email that you want hacked \>
</ Your Email \></ Your Password \>
Then you should get an Email back within 12 days telling you the password of the
email account that you want hacked. If not you have done something wrong,
then defenitely you shall get it.
Well in this case let me clear you all that in case of popular free mail servers like hotmail, yahoo, rediff doesn't follow such mechanism to retrieve the password. So, don't get trapped into such dirty games. There are many other ways of social engineering to hack email passwords. So before you try such games, make sure that you are not using a valid email-ids.
INFORMATION CLUB
