Showing posts with label Hacking. Show all posts
Showing posts with label Hacking. Show all posts

Pokemon Go Hack

PGHT 1.5.0.1 Update Released:- New Online Generator Page-
- Works with the latest game version -
- Compatible both on Android 4.0 and above, and iOS 7-


Click here to go to the download section.

Pokemon Go Hack is a unique tool intended for those gamers who loves playing the latest Pokemon game, who wants to be the best at like no one ever was. This simply means that you need not to be spending a lot of money for the sake of those IAP, otherwise known as in-app-purchases, nor would you spend countless hours of grinding finding items and leveling up your Pokemons. Moreover, this will give you a lot of time to enjoy the game rather than having it the played the hard way. This has been made possible with the creation of a new online tool that can be accessed relatively easy and fast or others may want to download the offline tool too, whichever suits best.
I know, there would be a lot of critics out there making fun or probably waiting to dish this claim off as "to good to be true"but I guarantee you what is promised here is true, and you can test it yourself, if you have doubtst. Hay Day HackI have been a Pokemon Go player for over a month now, and I did not believe such website exist, let alone, a tool like this. I was so skeptical at first just like any of you here, but something pushed me to try this tool. And now, I am very thankful of that because, I can fully enjoy and grasp the concept of the game, more than any of you here.. Now, I don't have to spend a lot of days waiting or finding or leveling or farming money in the game, who would want to do that? I know most of you are sick and tired of this "Free-to-Play" scheme, where you play the game for free yet you will face the reality of having hindered to play it the way you want it to be because you are required to spend real cash..
For those who are like me that is concerned about safety and security of using this Pokemon Go hack tool, you are assured that nothing harmful will ever happen. This is a cheats app that was conceptualized with the number one priority in mind, that is safety. Thus, the developer made it a point to integrate ip proxy and masking so to avoid penalty on accounts. I, definitely, can attest to this claim since I am personally using this tool for more than a month and I have never had any problem, whatsoever.Hay Day Hack
Good thing is that the latest version of this software, everything is already simplified for ease of use. They also managed to put the tool itself in an online webpage server, where you can perform the same exploits as the ones found in the offline version.
If you want to try the tool, you can do so simply by browsing the download section. Do not forget to read the instructions posted. The process is pretty straightforward and I am positive that anyone who knows basic English can understand it without any difficulty. Get it now, and start dominating the realm of Pokemon Go, and as what you guys know, "Be the best Pokemon Trainer Like No One Ever was!"


Disclaimer: This website is not affliated to Pokemon Go's developer and publisher Nintendo. Pokemon Go Hack is a tool that is intended not to encourage anyone to lean towards hacking and game imbalance but rather the sole purpose of this is for educational awareness especially to the developers of the game with regards to the flaws and how they can go about it to improve their game against exploits.

Hackers Can Steal Your ATM PIN from Your Smartwatch Or Fitness Tracker

smartwatch-hacking-atm-pin
As your day-to-day apparel and accessories are turning into networked mobile electronic devices that attach to your body like smartwatch or fitness band, the threat to our personal data these devices collect has risen exponentially.

A recent study from Binghamton University also suggests your smartwatch or fitness tracker is not as secure as you think – and it could be used to steal your ATM PIN code.

The risk lies in the motion sensors used by these wearable devices. The sensors also collect information about your hand movements among other data, making it possible for "attackers to reproduce the trajectories" of your hand and "recover secret key entries."

In the paper, titled "Friend or Foe?: Your Wearable Devices Reveal Your Personal PIN," computer scientists from the Stevens Institute of Technology and Binghamton University used a computer algorithm that can guess your password and PIN with about 80% success rate on the first attempt, and over 90% of the time with 3 tries.

Retrieving Passwords and PINs Using this Algorithm


Researchers say their "Backward PIN-Sequence Inference" algorithm can be used to capture anything a person type on any keyboard – from automatic teller machine or ATM keypads to mobile keypads – through infected smartwatches, even if the person makes the slight hand movements while entering PINs.

"The team was able to record millimeter-level information of fine-grained hand movements from accelerometers, gyroscopes and magnetometers inside the wearable technologies regardless of a hand's pose," reports Phys.org.

Although the researchers do not name specific wearable devices that are vulnerable, they note that attackers can record information about your hand movements...

...either directly by infecting your wearable device with malware or remotely by intercepting the Bluetooth connection that links your wearable device to your phone.

The bottom Line:


The team says it doesn't have any robust solution to prevent this attack but recommends manufacturers and developers to confuse attackers by inserting "a certain type of noise data" that would allow the device to be still used for fitness tracking, but not for guessing keystrokes.

Another way is to take a low-tech approach – Always enter your passwords or PINs with the hand that is not having a wearable device with the highly sophisticated motion tracker.

Cracking WPA/WPA2 – PSK Encryption

About a month ago, to my embarrassment, I learned that my Wi-Fi password was so weak that even my 10 year old neighbour could crack it…
No, not really.
  • A little Disclaimer – The contents of this post are solely for ethical and educational purposes. You may not use it for unethical purposes. The Author or the Website is not responsible for any damage to yourself, your network, or the computers in you network, should something go wrong. (Basically guys, be careful where you use this and please don’t do anything stupid.)
We’re going to start with a little introduction to Kali Linux, because that is the OS I prefer, is the easiest for this task and comes with all the tools we need. “Kali” is a Linux distribution and is the successor to the much acclaimed Backtrack, which many of you reading this article will probably know of. Now, there are many ways of installing and using Kali, if anyone needs any help, leave in the comments, and I will probably write another post about installing and its basics in the future.
In this tutorial, I’m going to hack into a Wi-Fi hotspot that I just set up, named – Anonymus.
Now, given that we have Kail Linux, open up a terminal window, type in “ifconfig “. This is going to list all the networking interfaces connected to your device.
Here, we only need (wlan0) which is our Wi-Fi card, so we can disable the others by doing “ifconfig <name of the interface> down”.
(“lo” does no matter)…
Selection_002
Now, we type “airmon-ng start wlan0”
(airmon-ng is just a tool for monitoring air traffic, “start” basically starts the tool, and “wlan0” specifies the interface we are using for monitoring)
It’ll probably show “some processes that could cause trouble”, we’ll simply kill those processes by entering “kill <process ID>”.
Now if we do “ifconfig”, it should show us the newly made monitoring interface “mon0”.
Then, put in, “airodump-ng mon0”.
In the screenshot below, the highlighted bssid is our target (and it is my own), named “Anonymus”, the channel is 13 as we can see under the “CH” column.
For our next step we type in, “airodump-ng –c <channel> -w <name> –bssid <bssid> mon0”.
Selection_007
Let me explain a few things here, “airodump-ng” is a tool for capturing Wi-Fi packets, “<channel>” means the channel your target is running on, “-w” basically writes a file by the name that succeeds it in “<name>”, (I did “handshake” just for the convenience of it) bssid is a string of numbers specific to a hotspot.
Now, open up a new terminal and type in “aireply-ng -0 0 –a <bssid> mon0”, this command send a deauthentication signal (usually called a deauth packet) to all the devices connected to that hotspot. Then after a few seconds we stop it by “Ctrl+C”. Now, as we can see, the other terminal shows that the WPA Handshake was successfully captured.
We can close both windows at this point, and open a new one. Type “ls”; that should list the files in the current directory. We can clearly see that the files from the above operation are present. But we only need the file ending with “-01.cap”.
Then we do, “aircrack-ng –w <full location of the wordlist> <the file name>”.
You may be asking what wordlist? What is that sh*t?
A Wordlist is a file containing thousands of known and possible passwords, which you can download from the internet (“specifying from the internet” – We ain’t dumb, boy! :P). The one I used can be found here. The list contains 982,963,904 words exactly all optimized for WPA/WPA2. Would also just like to point out that this is not my work, I got it from forums.hak5.org. It was a guy who compiled a whole load of useful lists, including his own to come up with 2 lists (one is 11gb and one is 2gb) I will be seeding this torrent indefinitely since it is shareware and awesome!
It will then start searching for matching keys in the word list. Now the time that this will take is solely dependent on the strength of the password. The stronger the password the more time will it take. For very strong passwords, check this out. For tips on creating your own strong password – Top 10 Tips to Create a Strong Password
After completion it looks something like the screenshot below. In it, you can see that it tested 45688 keys and my key was the 45689th. I purposely put futurama because frankly, futurama is awesome! Also it is a very weak password (People reading this, if your password is “futurama”, you’re cool! The Hell? Change it right now!)
Now that we know the password, lets test it…
Annnnd… Voila! it works!

Knowing this you will be…
But beware, don’t use it on a Lannister… (Because a Lannister always pays his debts :P)
For those of you who didn’t understand that reference, #GameOfThrones!
Hack Facebook Account By Cookie Stealing And Session Hijacking Wiith Wireshark 2016

Hack Facebook Account By Cookie Stealing And Session Hijacking Wiith Wireshark 2016

Hack Facebook Account By Cookie Stealing And Session Hijacking Wiith Wireshark
Wireshark Software to capture cookies:
Wireshark is the best free packet sniffer software available today. Actually, it was developed for making a network secure. But, the same software is now used by hackers to test for vulnerability and security loopholes in the network and to attack the network accordingly. Cookie stealing being one of the types of hacks implemented using this Wireshark software.





hack-facebook-password-735x400
Requirements:
Cain and Abel : http://www.oxid.it/cain.html
Wireshark : http://www.wireshark.org/
Firefox 3 (or one compatable with add n edit) : http://www.oldapps.com/firefox.php?old_firefox=59
Add n Edit (cookie editor for firefox) : https://addons.mozilla.org/en-US/firefox/addon/add-n-edit-cookies/
Acess to the network with user you want to hack
Network traffic
Prerequisites: Download and install all above programs. To add “Add n Edit” to your browser just open firefox, go to tools, then click add-ons. you can drag and drop the program from wherever you saved it into the little box that popped up and install it from there.
Below, I have listed steps on how to capture Facebook and other accounts cookies. This will help you to know how Wireshark and Cain-Abel can be used to sniff packets and capture cookies.
First: Gain acess to the Network. Open networks or your own network would be easy but if you have a specific slave you want you should be able to gain acess using Backtrack.
Tip: use reaver to exploit WPS for WPA/WPA2 encryptions, WEPs are easy to crack given time and OPN means there is no password.
Second: Right click Cain and choose ‘run as administrator.’ on the top bar go to ‘configure’ and be sure to select your wireless card/adapter. now click where it says ‘Sniffer’ then this litte button towards the top left:
2c516-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
Next click any empty white box then the blue “+” symbol near the button you pressed just before. choose okay
should look like this:
23534-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
These are all the devices it was able to detect.
Now we go to APR on the bottom bar. Once again click any empty white box then the blue cross. It’s easiest to just go one by one and choose all possibilities.
3b606-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
Now we have to poison them so we choose the little yellow hazard symbol towards the top left. should now look like this:
b9b36-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
we are done here, just minimize Cain for now.
Third: Run wireshark as administrator. On the top bar choose ‘Capture’ then ‘Interfaces.’ Here you will have to choose your interface that is connected to the Network we are sniffing from. if you wait a few seconds you might see some traffic being collected as seen in my photo, just choose that interface b/c thats most likely it.
b46a1-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
Wireshark will list and color-code all the traffic it sees for you. To make this simpler we can use the filter to only see the traffic we want, Type “http.cookie” in the filter. (Something to consider is to just filter to “http” and scroll through the entries looking for ones that start with the word “POST” this means that information was submitted to the webpage noted such as a username and a password! so if you see this just look through the details and you should see the info you want, most passwords will be hashed but use this site to decript them:http://www.md5decrypter.co.uk/ )

Here is an image:
b1dc4-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
You can either look through this information manually or use the search function to find what you want. In my case i want to hijack the session of a user on the forumfreerainbowtables.com so i will use the search function (press Ctrl+F, or go to edit -> search) and type in the information i know for sure will be in the entry. if your hijacking someones facebook put ‘facebook’ there. Most of the time to be safe i do not use the first entry i see b/c this will only work if the person is auto logged in, so just go down a few more until you see one you think will work (just use common sense).
a9806-facebook2bhacking2busing2bcookies2bstealing2bwildhacker


What we need are the cookies. Here are what mine look like and how to get there. With practice you will be able to tell which cookies are used for logins and be able to limit failed attempts.
ed87e-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
Copy the cookies as value and save them into a notepad (shown in pic above). I would suggest to seperate everywhere you see a “;” bc this suggests that is the begining of the next entry. The text to the left of the = is the name of the cookie and the text to the right is its value.
Final: Open up your firefox browser with Add n Edit enabled. You can get to your add ons by going to tools and they should all be listed in the drop down tab. First go to the website you are hijjacking the session from then open your cookie editor. Should look something like this:
cd34b-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
The last thing to do is to change your cookies to match the ones you captured. If the cookies given to you by the site expire (like the ones in my picture do) you will have to delete them and add all the ones we captured earlier in. if they do not expire you can just edit them. Bottom line is all the cookies must match the cookies you captures in the earlier steps EXACTLY! Make sure you do not add any extras and that you did not miss anything. Also all fields must be filled in (Path and Domain as well as Name and Value). My path is “/” and my domain is “.freerainbowtables.com
mine looks like this:
b645b-facebook2bhacking2busing2bcookies2bstealing2bwildhacker
You are now done, Just close the cookie editor and reload the webpage. If done correctly with the correct cookies you should be logged in as the user you attacked!