How can you steal soap, or a saga of human stupidity.
There is no limit to human stupidity
Non limitus homius dibilus
Here in the forum the conversation went, about hacking e-mail, everyone wants to foul each other, the passwords to learn, such as to pin. So I decided to write an article on this topic .. Or rather, to systematize the existing ones. Now they are in the internet just in bulk, and all the same. Let me think, I will collect everything in a bunch ... Yes, and questions about the "breaking of someone else's soap" will be diminished ...
So, the method is the 1 st.
The most common way. It is based on the following. All of us are people, right? We all have the same weaknesses, shortcomings, we all make purely human mistakes. That's what the science of glorious social engineering is based on. So, it's shorter. The hacker can write a message to the victim about the following content: "Postal service @ mail.ru cleans accounts." If you do not want your account to be deleted, reply to this email with your username and password in the "Subject" field in the following format: username ; Password " . You ask why the topic is in the field? I answer. Of course, this is not necessary. Simply, the victim will think that the robot will receive the letter for automatic processing, and the robot has more confidence. Instead of cleaning your accounts, you can think of something else: they say that your mailbox is sending out virus / spam mails, send a password, otherwise your account will be deleted ... In short, you can just dohrena .. Hmm, I almost forgot! The letter can be written with a plausible soap, such as [email protected], [email protected], [email protected] ... Also, the hacker can use some anonymizer or send a letter by telnet-client, indicating in the header "address Reply "(reply-to) your soap. Thus, in the field "from whom" the victim sees, for example, [email protected], but when answering the letter the answer will go to the specified e-mail.
Method 2-nd.
An attacker can register where the thread is, for example, a page with a title such as "We break someone else's soap" and send a link to the victim allegedly on a hacker's page ... On the page itself there can be text of the type
"There are several MILLION users on mail.ru There is a percentage that has a weak memory and dull brains to remember your password and often these peppers are faced with the problem of forgetting the password So even a small percentage of the more than a million crowd of soapbox owners is also a peculiar crowd , Which requires its passwords.There are all sorts of a la "Forgot password" in which you are asked the answer to a secret question, the data you entered during registration, etc. But the most interesting is that it is not a person who is engaged in this, but a machine, I.e. the usual programlinna !!!! And if there is a program, there is a hole in it. Now let's proceed to the description of specific actions.
Everything is simple.
At the address [email protected] sits a mail-robot that analyzes requests for password recovery and depending on this, either refines your data, or immediately sends a password.
On the site there is a form for filling with all possible parameters, which is then sent to the robot with a special Subject.
The trick is that if not one but two requests are shoved into the sub-report, then the last box will be checked, and the information will be sent for the second one!
So we move our brains ... That's right!
We send two requests: in one we inform infu about the box of the victim, in the second one about his (we all know about our own;))
So, we want to break off [email protected]
Our account [email protected] password qwerty
We write a letter to the robot on [email protected]
Subject: login = vasya_pupkin & pass = & answer =; login = hacker & pass = qwerty & answer =
Those.
The first time we insert in the subject of the letter request for a box-victim - [email protected]: login = vasya_pupkin & pass = & answer =
And then, through the semicolon, the second request, with your data, which the robot will check and make sure that they are correct!
Login = hacker & pass = qwerty & answer =
Total: the subject of the message looks like this:
Login = vasya_pupkin & pass = & answer =; login = hacker & pass = qwerty & answer =
All, wait for the pass on your soap !!! "
Noticed the catch? well done! For "nevyhavshih" explain ... hacker just create your own mailbox on the mail server with the name of the type [email protected]. Now the passwords of the whole pack fly to him on the soap! Do you understand? Well, the main thing is not to yawn after him .. just quickly change the secret password / answer, the forwarding address (and ~ 99%, that there is the same pass!)
Method 3-rd.
Most people can not keep their passwords in the head, so they often use the same passwords. Huh, are there thoughts? I hope so, but for the others I explain. The hacker writes a letter to the victim with a proposal to join a thread of society, the club, to participate in the lottery. The letter asks you to indicate the nickname for joining the ranks, the attackers of chat rooms, for example;) and the password to confirm his identity. If the victim is stupid enough, and the burglar knows enough about her / his interests and can guess where he wants to enter, then the probability that an answer to the letter will come ~ 90%. The probability that it will coincide with the pass from the box is ~ 50-70%. The chances are pretty good.
Well, the basis of the social. I told you, like, the engineering. Think! .. We are all potential victims! We go further.
4 th Method.
Brute force method.
From the title everything is clear and understandable.
First, the hacker can try to sort through the passes manually, standard. Type qwerty, pass, gfhjklm, 123, etc. The method is pretty dumb and the chances of success endlessly end to zero. Would you do that? That's right and the hacker would not! The burglar can use the prog to scan passwords, brutus for example. After setting up, he simply runs it and goes to sleep;) But if yuzvere not beat the standard pass - it will take a lot of time! And on the dial, it's better not to try ...;)
Further.
Method 5-th.
Receiving a pass through the Forgotten Password Recovery service.
You know about the existence of such things? Made for sclerotics, well, it's used .. you understand. ;)
The attacker learns about the victim as much as possible. Through ICQ (in the inf.), If there is time, and the main desire (and in the event that the victim is male), can correspond with a woman's nickname with him ... In a word, ways doh ... er ... much shorter! ;) After he goes to the recovery page, he hammers all the received information and waits, waits, waits ...;) This method is most suitable for mail.ru, they are very well taken care of all sorts of marazmatists who can not hold the pass in the head ! ..
The 6th method.
Not hacking like getting a pass, but hacking as getting access to the box.
Long and windy. But more or less effective.
So, after choosing a victim, the hacker starts sending out spam emails on his behalf. If someone complains about it, it is likely that his account is deleted. But maybe the hacker will not want to wait for someone to roll the complaint. In this case, he can take any anonymizer or list of proxies and from various people start to send the admin of the complaint. Here, like, this bad man spit my box / sends porn / calls to violence, etc. In the end, the box crashed. And the main thing is not to miss this moment. Once removed - the cracker registers under the username of the victim. All mail will be referenced there, but it will not be read by the owner, but by the hacker ...;)
Another couple of ways:
1. You can sacrifice the backdoor to the victim. After that, she is completely in the greedy hands of a hacker.
2. A hacker can write a letter to which the victim can not fail to respond. Mats there are some thread .. And how to get the answer, in the header looks ip, checks for the balls. If there are, then tyrits files in which the postman keeps passwords, if the victim checks through the browser, tyrit necessary cookies.
Among other things, you can break a box (as well as a provider or a site), knowing well the holes - through which you can drag passwords or something else. For this, the hacker must try to get to himself where necessary. This, of course, is difficult, so social engineering (wrestling) is a very good way! Recommendation of the best staff. ..
We draw conclusions, gentlemen ...
Do not communicate with dubious fans on ICQ! ;)
Before answering a dubious letter, look in the headline if the address "[email protected]" is not listed in the "Reply-To" field, instead of the [email protected], from which you, allegedly, received a letter.
How to view the title?
It's very simple ... If you read mail directly on the server, from the browser, for example to @ mail.ru, then all you need to do is click on the link "header". A page similar to the one in which you normally read mail will be loaded, but instead of the letter its header will be indicated. In the mail client "The Bat!" To read the header you need to press a key combination
Another tip: do not use the same password everywhere. The best password is a password like dg # Kn $ or Y # $ hGJ. Such that it could not be picked up by a banal search. To generate random passwords I can advise the Password Generator program . Everything is extremely simple there. Choose the length of the password, the characters you want to use in it, the randomness factor of the characters (the more, the more real the word, eg gerosvaxa instead of mpwkmscxv), press the "Generate" pimp and choose whatever you like from the list! And those who have a tight memory, I advise you to write passwords not on your computer, but to create a notebook to prevent them from being stolen.
What does the title consist of?
Consider this example:
Received: from mail.bieberdorf.edu (mail.bieberdorf.edu [124.211.3.78]) by mailhost.immense-isp.com (8.8.5 / 8.7.2) with ESMTP id LAA20869 for;
Tue, 18 Mar 1997 14:39:24 -0800 (PST)
Received: from alpha.bieberdorf.edu (alpha.bieberdorf.edu [124.211.3.11]) by mail.bieberdorf.edu (8.8.5) id 004A21;
Tue, Mar 18 1997 14:36:17 -0800 (PST)
From: [email protected] (RT Hood)
To: [email protected]
Date: Tue, Mar 18 1997 14:36:14 PST
Message-Id:
X-Mailer: Loris v2.32
Subject: Lunch today?
We will perform a line-by-line analysis of these headings and find out what exactly each of them means:
Received: from mail.bieberdorf.edu
This email was received from a computer called mail.bieberdorf.edu ...
(Mail.bieberdorf.edu [124.211.3.78])
... and which is really called mail.bieberdorf.edu (ie, it identified itself correctly) and its IP address is 124.211.3.78.
By mailhost.immense-isp.com (8.8.5 / 8.7.2)
The computer received the message mailhost.immense-isp.com; On it worked the program sendmail version 8.8.5 / 8.7.2 (if you do not know what these numbers mean - do not pay attention to them).
With ESMTP ID LAA20869
The receiving computer assigned the message the identification number LAA20869. (This information will be used only on this computer if its administrator needs to find this message in the protocols, for all the others it usually does not matter.)
For
The message is addressed to [email protected]. Note that this header is not associated with the line "To:".
Tue, 18 Mar 1997 14:39:24 -0800 (PST)
The letter was sent on Tuesday, March 18, 1997 at 14:39:24 on Pacific Standard Time (PST - Pacific Standard Time), lagging behind the Greenwich time zone for 8 hours, whence it came "-0800".
Received: from alpha.bieberdorf.edu (alpha.bieberdorf.edu [124.211.3.11]) by mail.bieberdorf.edu (8.8.5) id 004A21;
Tue, Mar 18 1997 14:36:17 -0800 (PST)
This line indicates the transfer of the letter from alpha.bieberdorf.edu (computer rth) to mail.bieberdorf.edu; This transfer occurred at 14:36:17 Pacific time. The sending machine was called alpha.bieberdorf.edu, its real name is also alpha.bieberdorf.edu and its IP address is 124.211.3.11. On the biberdorf mail server, the sendmail program version 8.8.5 works and it assigned the letter 004A21 for its internal needs.
From: [email protected] (RT Hood)
The letter was sent from [email protected], who gave his real name: RT Hood.
To: [email protected]
The letter was addressed to [email protected].
Date: Tue, Mar 18 1997 14:36:14 PST
The report was created on Tuesday, March 18, 1997 at 14:36:14 Pacific Time.
Message-Id:
The message was assigned this identification number (by the machine mail.bieberdorf.edu). This number is different from the SMTP and ESMTP ID numbers in the "Received:" headers, because it is assigned to the letter "for life", while the remaining numbers are associated with the specific operation of sending a message on a particular machine, so these numbers do not have No sense for the rest of the machines. Sometimes (as in this example) the Message-Id number contains the sender's address, but more often it does not carry any apparent meaning.
X-Mailer: Loris v2.32
The message was sent by the Loris program version 2.32.
Subject: Lunch today?
Speaks for itself.
Comments
Commenting on, remember that the content and tone of your message can hurt the feelings of real people, show respect and tolerance to your interlocutors even if you do not share their opinion, your behavior in the conditions of freedom of expression and anonymity provided by the Internet, changes Not only virtual, but also the real world. All comments are hidden from the index, spam is controlled.