Showing posts with label E Mail Hacking. Show all posts
Showing posts with label E Mail Hacking. Show all posts

How to Know when people open your email with Google Analytics

Open your Gmail account and compose your message and save in draft

Now open this Google sheet and choose the Initialize option under the Email Tracker menu



Now you’ll have to authorize the sheet to send your Gmail messages.


Once the script is authorized, choose Email Tracker -> Send Mail, select your Gmail draft from the drop-down, enter your Google Analytics Profile ID* and hit the Send button. Your mail will be delivered to the recipient.



Now open Google analytic and find Events under the Standard Reports group


Original Source: http://www.labnol.org/

Email spoofing: The story of “Congratulations you have won a lottery” like spam emails

Mail vs E-mail
Back in old days when internet was not so common, we had to rely only on the postal/courier services. The only thing that bugs me about the traditional mail is their speed. This is when email comes. It offers numerous benefits, like its blazing fast, most of the time its free,  you can attach from pictures to videos, from management point of view you don’t have to maintain a hard folder, last but not least its environment friendly. In short, email is one of the greatest inventions of all time.

What is a spam?
I’m not that old, but again back in those dial-up connection days, there was no such thing as Gmail, most of people either used Hotmail or Yahoo mail for the emails. The problem with these two email service providers is the spams. Spams are irrelevant emails coming to you, mostly used for marketing a product/service, but they are cases where spam emails have hacked a person through social engineering attack or session hijacking. Phishing is also associated with spoofed emails, phishing is “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers“.

If you only use Gmail, you are a lucky person, because Google has got some very intelligent and sophisticated spam filtering mechanism. And frankly speaking I don’t get spams at all in my Gmail, but in case of Ymail or Hotmail … let’s just not talk about it.

What is e-mail spoofing?
In today’s article I will focus on Email spoofing. So, the first question you may ask is what is spoofing? Spoofing in simple terms is when Alice tries to be Bob. Email spoofing is when Alice sends an email to Eve but she keeps her identity to be Bob. When Eve receives an email she thinks that Bob has sent the email but it’s not.

*PLEASE NOTE THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY. GENERATING SPOOFED EMAILS OR SPAM IS ILLEGAL AND PUNISHABLE UNDER THE LAW. YOU WILL BE RESPONSIBLE FOR YOUR ACTIONS.*

Platform: Windows 7 (also works on MAC and Linux)

How to spoof an e-mail ?
There can be different ways of spoofing an email, but I am going to use “sendmail” program for it. Sendmail is a simple command line program used to send emails via SMTP protocol.

1. Go to Google and type “sendmail google code”. Open the page highlighted below.


2. Go to the download section and download the appropriate file, as I m on windows so, I will be downloading the “.exe” file.


Open the command line and call the program “mailsend”. As soon as you type mailsend, the first thing it will ask for is SMTP server. This is a very critical part, if you don’t provide the right SMTP server your email will not be sent. You have to chose a SMTP server that doesn’t require authentication. I will be using PTCL’s SMTP server i.e “smtp.ptcl.com.pk“, this server runs on port 25.


Next in “from”, enter the email ID of the person you want to spoof, In this case I m making a spoof email of Bill Gates i.e “billgates@microsoft.com


Provide the email id of receiver, I m giving my own email id.


Enter subject and then write your message, after you have completed your message.


Press enter, then press dot button and again press enter, a message will pop that your email has been sent.


Here you can see my inbox has got that spoofed email.



 Inbox overview.


This Article Written by Fowz Masood who has completed his bachelor’s in Electrical Engineering (Comp Engg) He is pursuing a master’s degree in Computer Communications and Security from SEECS-NUST, Pakistan. He has wide variety of interests Computer security/Network security


How to Send Encrypted Mail through Gmail (Secure Gmail by Streak)

Secure Gmail encrypts and decrypts emails you send in Gmail. This happens all on your machine, and the unencrypted text never reaches Google servers. This is useful if you don't want anyone but the intended recipient to ever read your email (i.e. companies, governments, etc.)

First Install Secure Gmail by Streak plugin in your chrome browser from here


Now refresh your Gmail Click on the lock icon next to the compose button.


Compose your email and send


Enter a password; your recipient will need to enter the same password.


To decrypt the email, your recipient will also need the Secure Gmail extension installed, as well as the password.

Hack Gmail Password using Hydra in kali Linux

Open your Kali Linux terminal and Type xhydra and press enter


You can also do this manually. First Open Your Kali Linux and Follow this path

Kali Linux->Passwords Attacks->Online Attacks->Hydra


In the target tab, select
Single Target: smtp.gmail.com
Protocol: smtp


In passwords tab, select
Username: Type Victim Email ID

In the passwords, select the password list option and browse to select your
Passwords file. Here I have used my custom password file.


Now select start tab and click on start button, the password cracking begins and result is as follows

Hack Email Password using Iframe URI Phishing

First of all download Super Phisher and create a Phishing page (How to Create Phishing Page)


To get the URL of the phishing page upload the page on any webhost / localhost (XAMPP in my case)


Replace the URL link in the iframe code with the URL of the uploaded phishing page


Now visit http://dopiaza.org/tools/datauri/ , select Provide Text option in URL Generator page and pasting the modified exploit code (as shown above)

Once the code has been pasted in the Text Area , click on Generate Data URL  




We will get the code as shown above after generating the URL.

In the code generated replce “plain” with “html”


Convert the above URL code in short URL by using “www.tinyurl.com”


Now send the converted URL to Victim


As soon the Victim will enter his credentials you will get the same


Reference URL: http://packetstormsecurity.com/files/121389/Iframe-URI-Phishing.html

Send Self- destructing Messages through Google Docs

First open Google Docs File from Here

Then you will get the option of “Create” On the Top at the left corner. Then choose the option Spreadsheet on it.


Now choose the option “Script Manger” in Tools Section. As shown below.


As you will click on “Script Manager” option, you will get the picture like below on the screen. Now click the option “New”.


Then you will get “Google application script“open as shown below. Now, choose the option “Blank Project”.


Now Paste the Following Script given below, and choose the time limit for message to get vanished after reading

function onOpen() {
 
 var time = 60; // Wait Time (in seconds)
 
 var ss = SpreadsheetApp.getActiveSpreadsheet(); 
 ss.toast("This message will disappear after " + time + " seconds");
 
 Utilities.sleep(time*1000); 
 ss.toast("We are now sending this private note to the shredder");

 ss.getActiveSheet()
   .getRange(1, 1, ss.getLastRow(), ss.getLastColumn()).clear(); 
}

You will get the picture like below on the screen


Now, go to the option “File”. Now save it with any name in case it gets “self Deleted”


Now , type a Message or any document  you want to send in  “Spread Sheet ”and click on share button in Top of Right Corner, as shown in the below picture.


Then, you will get the picture like this below on your screen. Now, choose the contacts that you want to send this message, and want to share.


Now, your message is ready to send to that person. When recipient get the mail & click on Spreadsheet Than message will self destruct with in 1 minute
Script Source: http://www.labnol.org

Read Gmail mail with Right Click

Go to your Gmail page
in the top right side of the Gmail page, click on "Settings"


In the Settings box that opens, click on “Labs.”


Scroll down the list of options until you come to “Message Sneak Peek.” (It was a long way down on my system.)
Click “Enable.”

You can view any email message with a right-click but this feature won’t work inside the “Spam” folder though it works for Trash.

How to Send Password Protected Email (Encrypt Mail)

First open http://www.lockbin.com/lockbin.php

Now enter your name, your email address”, Recipient email address and set a “secret password. You have to inform this secret password to receiver through phone call, text message, email etc. Receiver cannot read your mail until he/she know your secret password. Now you compose your private mail content. Enable the option I accept the term and condition and click on Submit.



Receiver will get an email to read the message you sent




To read your message receiver just needs to enter the secret key you provided. Then enter your secret Key and submit it.
 After submitting key Receiver can view message.