WhatsApp introduced WhatsApp Web for its users where they have to scan a QR code from their WhatsApp on mobile and then they can start using WhatsApp from their desktop or laptop in the same way they do it on their mobile phones.
WhatsApp Web is the gateway for unscrupulous individuals and companies to phish personal data, financial details, confidential information, pictures, videos, and chats from WhatsApp accounts of people.
They do it easily, just by:
1.Scrapping the QR code from the WhatsApp Web
2.Posting that scrapped QR Code onto their phishing site / page
3.Asking visitors on their phishing page to scan it from WhatsApp on their phone, in return offering some prize, cash or anything that can lure a user
4.Once the user is done with scanning, these phishing individuals or companies get complete access to the user’s WhatsApp
Most of the 1 billion WhatsApp users are not technically savvy to realize that a parallel connection to their WhatsApp account gets created the moment they scan a QR Code on a non-whatsApp site from their WhatsApp application. Try explaining that to your mother !
How WhatsApp Web Works:
1.User log onto web.whatsapp.com from their desktop
2.Scan the QR code on the page from WhatsApp on mobile
3.Get connected to WhatsApp via desktop / laptop
What Phishing Individuals and Companies are doing:
1.User is taken on a fraudulent website
2.The website requires user to scan a QR code from WhatsApp
3.Once scanned, the fraudulent website gets access to user’s WhatsApp account
What all can get stolen:
1.Anything & everything that you have shared via WhatsApp, like bank details, passwords, private pics, personal messages, etc.
2.Your entire contacts list
3.Your complete chat data
4.Your personal information
All this data can now be accessed by these phishing individuals and companies. Imagine what all they can do with this data?
Moreover, they can send messages to any contact on your phone posing as you. For example:
1.Inappropriate messages to your professional contacts
Below we will show you a few methods by which you can Hack WhatsApp.
The methods mentioned here are solely for educational purposes. You should restrain yourself from any illegal activities. Forget Illegal, You should not do any immoral or unethical activities either. Why are we sharing this then? As mentioned above, its for educational purposes ONLY!
This is Useful for parents and lovers. Do not use it for illegal purpose.
Mac id Method :
Borrow your friends’s android phone which you want to spy for just one minute.
Go to settings —> About phone —> Status—> Wi-Fi MAC address
Note down the mac address. Keep the phone for few more minutes. we need it man.
A couple weeks ago, a security firm specialist launched a free application that permits cyber criminals to get into company accounts in web-sites which use Facebook Connect. Your hacker – Egor Homakov, very first authored around the downside he’d seen in the login within January. 2014.
Nonetheless, Facebook explained they’d not really repair the situation since it can have disturbed the login feature’s compatibility having quite a few internet websites. Now Homakov has taken it when herself to instruct Facebook a training along with release a application named Reunite which takes benefit from the loophole.
“Facebook repudiated to fix this trouble twelve months previously, regrettably it’s time for you to go to the next level and give blackhats that simple tool” he authored within a writing.
Reunite works by bringing in detrimental Web addresses which, as soon as clicked on, log customers away from his or her facebook company accounts along with directly into company accounts build by simply cyber criminals. Of which then increases the opponents control in the victim’s account.
Your application can generate phony links for web-sites as well as Mashable, Vimeo, Bit. ly, Stumbleupon and more. For its component, Myspace has explained it’s aware of the imperfections Homakov is usually benefiting from, and if web-sites which operate the Get access characteristic acquire the best ways to protect independently they will have no issues.
Firefox is the top most world widely used web browser. Because it is handy and have lots of features though its add-on and extension. Sometimes we download files using Firefox and on the same time we need to go for some work. So until we come back the computer waste the energy. In this situation we can use Firefox Auto shutdown the computer when downloads are completed and helps us to save electric power.
Auto Shutdown is a cool Firefox add-on which controls your active download and shut down the computer when downloads are completed through is auto executing user script. Not only this but if Firefox is running idle it also shut downs the pc automatically with pre defined shut down time.
If you are using Downthemall Firefox extension for downloading movies, video, music and images from web then you can easily integrate Auto shutdown Firefox extension with downthemall add-on.
To crack the WEP key for an access point, we need to gather lots of initialization vectors (IVs). Normal network traffic does not typically generate these IVs very quickly. Theoretically, if you are patient, you can gather sufficient IVs to crack the WEP key by simply listening to the network traffic and saving them. Since none of us are patient, we use a technique called injection to speed up the process. Injection involves having the access point (AP) resend selected packets over and over very rapidly. This allows us to capture a large number of IVs in a short period of time.
Wifi Adaptor : Alfa AWUS036H (available on eBay & Amazon)
Software : Backtrack 4 (Free download from http://www.backtrack-linux.org)
Step 1 – Start the wireless interface in monitor mode on AP channel
airmon-ng start wlan1 6
starts wifi interface in channel 6
Step 2 – Test Wireless Device Packet Injection
aireplay-ng -6 -e infosec -a 00:1B:11:24:27:2E wlan1
-9 means injection
-a 00:1B:11:24:27:2E is the access point MAC address
Step 4 – Use aireplay-ng to do a fake authentication with the access point
In order for an access point to accept a packet, the source MAC address must already be associated. If the source MAC address you are injecting is not associated then the AP ignores the packet and sends out a “DeAuthentication” packet in cleartext. In this state, no new IVs are created because the AP is ignoring all the injected packets.
aireplay-ng -1 0 -e infosec -a 00:1B:11:24:27:2E -h 00:c0:ca:27:e5:6a wlan1
-1 means fake authentication
0 reassociation timing in seconds
-e infosec is the wireless network name
-a 00:14:6C:7E:40:80 is the access point MAC address
-o 1 – Send only one set of packets at a time. Default is multiple and this confuses some APs.
-q 10 – Send keep alive packets every 10 seconds.
Some access points are configured to only allow selected MAC addresses to associate and connect. If this is the case, you will not be able to successfully do fake authentication unless you know one of the MAC addresses on the allowed list. If you suspect this is the problem, use the following command while trying to do fake authentication. Start another session and…
If at any time you wish to confirm you are properly associated is to use tcpdump and look at the packets. Start another session and…
Run: “tcpdump -n -e -s0 -vvv -i wlan1”
Here is a typical tcpdump error message you are looking for:
11:04:34.360700 314us BSSID:00:14:6c:7e:40:80 DA:00:0F:B5:88:AC:82 SA:00:14:6c:7e:40:80 DeAuthentication: Class 3 frame received from nonassociated station
Notice that the access point (00:14:6c:7e:40:80) is telling the source (00:0F:B5:88:AC:82) you are not associated. Meaning, the AP will not process or accept the injected packets.
If you want to select only the DeAuth packets with tcpdump then you can use: “tcpdump -n -e -s0 -vvv -i wlan1 | grep -i DeAuth”. You may need to tweak the phrase “DeAuth” to pick out the exact packets you want.
Step 5 – Start aireplay-ng in ARP request replay mode
This news could hurt the reputation of both companies. A passionate (and obviously very competent) reverse-engineer from France, Eloi Vanderbeken forgot the admin interface password of his router and so he just wanted to have fun accessing the administration side and that’s when he discovered a backdoor in his Linksys WAG200G router. After publishing this discovery on Github, other users have confirmed its existence in at least three other routers:
Other routers are suspected of providing equal opportunity to obtain the administrator password through the 32764 port, but it has not yet been confirmed:
The backdoor listens for communications sent to port 32764 specifically and answers a series of 13 numbered commands that can be ordered by sending a specific message. It is therefore possible to obtain the complete remote configuration of the router, the administrator password or even restore default settings.
So you want to learn how to hack facebook account password for free?
Do you know that about 60,000 accounts have been hacked since Facebook introduced its concept of trusted friends? Wait a minute! Why in the world would you desire to pay the so-called gurus to hack a facebook account password when you can easily get this done in a couple of minutes? Believe me, all web hacking exploits and glitches have not been patched up.
There is overwhelming evidence that Facebook is the largest social network on the globe. As daily schedule for a bustling life gets tighter, thereby diminishing essence of social life, Facebook has come in easy reach to enable family and friend to build bridge of social ties, thus interact with one another.
Why would you hack a facebook account password?
Some people believe it’s a breach of privacy to hack others’ accounts, while others find crushing evidence to hack facebook account password. Below are some reasons:
1. Recovery of lost or hacked account passwords.
2. Spouse may want to check fidelity status of his partner since people often reveal their darkest and deepest secrets, passions and hobbies on social media.
3. Monitor to regulate web exuberance of your children.
4. Revenge on a wrong done to you.
5. Crime prevention unit may hack facebook accounts of shoplifters, sex offenders, and criminals to gather evidence necessary to arrest and prosecute criminals.
6. To satisfy curiosity.
Strategy for hacking facebook account password
You can hack facebook account passwords for free online; by using software, without software, without survey, with software download, id number, etc. Below is the strategy you can use to hack facebook account for free.
1. Three fake profiles
2. Browser: Firefox and Chrome
3. Luck and Patience
Create three fake personal profiles and customize them to stir least suspicion. Send add request to your victims using these profiles and make sure that one of the profiles goes to the same school as victim, one has same surname and the other has same workplace. Make sure your created profile is 7 days old. After the victim has accepted your request, interact with him using these profiles and once you are done, you are set to hack.
Open Chrome and go to facebook.com and click “forgot your password?” link and enter the victim’s surname or e-mail address. Alternatively, you can enter the victim’s name and your facebook profile name.
Click on “No longer Access To These”. Facebook will prompt you to enter your e-mail account that you now have access to send you recovery details. Ensure that you enter fake e-mail address for safety.
Facebook tries to verify hacking attempts, therefore, you need to clear your Chrome cookies and reset your internet connection/ change your IP and proceed to restart your browser.
Enter answers to security questions. Guess them and if you are lucky, you will be prompted to reset your password. If you are unlucky, simply enter 3 to 4 reasonable wrong answers and it will take you to step 4.
You will be required to enter e-mail id and victim’s profile name. Simply clear your Chrome cookies/cache and reset your internet connection/change your IP and restart your browser.
Here, facebook will ask you to select three friends from a list of trusted friends. Simply select three of the customized profiles using same school, workplace and surname.
Click “send security code” in new page. Then, open your Firefox and login into your fake accounts, copy the security codes and paste them in corresponding fields. Facebook will send you resetting details from facebook on the account you entered in step 2.
PS : This blog post is for educational purposes only. We will come up with one more article on hacking facebook accounts with yet another method called Phishing with fake webpages