Writing This is just to study materials only and to keep your website from the action - action that is in my writing this. I am not responsible Answer If my writing is in use / misused for a crime.
Social Engenering is a technique hackers To Make A Hacking into a Target, Social Where this Engenering do a thing where the attacker was, pretend - act as a figure of man, which became the target. (Confused yes With this explanation?: P)
Technics Social Engenering not require a special skill, like language pemerongraman that in use to write an exploit and can use a variety of Operating System, and others.
Social Engenering this technique is only to convince the network admin That we are Ko - Ko man Who Will We Prey
Technics Social Engenering or Psycologi Hacking Once this is very much kind of technique / how to Do It.
Here I will try the way Doing this technique to perform Takes Over A WebSite / Over site.
Okay Let's Doit Bro:
The first step that will determine the First Website You Take Over:
For example www.stupid-web.com
Now that Phase I (first) We Doing Whois towards the target where we will find out the identity of Sitarget, Open your browser and Come Into My Website http://www.neo-doank.co.nr/scan.php [here I have a simple program to melaukan scaning of a Host or Domainname,] (Scan only. com. net. org. info), then enter the domain namenya (www.stupid-web.com) for the scan. See Below Sample Scan results against targets
Sample Results of http://jasakom.com Whois:
jasakom.com resolved to 216.177.77.9
DNS Query Results:
; <<>> Dig 9.3.1 <<>> any jasakom.com
;; Global options: printcmd
;; Got answer:
;; ->> HEADER <<- opcode: QUERY, status: NOERROR, id: 40282
;; Flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 3, Additional: 3
;; Question SECTION:
; Jasakom.com. IN ANY
;; ANSWER SECTION:
jasakom.com. 3591 IN A 216.177.77.9
jasakom.com. 3591 IN NS ns3.discountasp.net.
jasakom.com. 3591 IN NS ns1.discountasp.net.
jasakom.com. 3591 IN NS ns2.discountasp.net.
;; AUTHORITY SECTION:
jasakom.com. 3591 IN NS ns2.discountasp.net.
jasakom.com. 3591 IN NS ns3.discountasp.net.
jasakom.com. 3591 IN NS ns1.discountasp.net.
;; Additional SECTION:
ns1.discountasp.net. 172150 IN A 64.79.161.51
ns2.discountasp.net. 172150 IN A 216.177.89.10
ns3.discountasp.net. 172 150 IN A 63.110.186.41
;; Query time: 3872 msec
;; SERVER: 127.0.0.1 # 53 (127.0.0.1)
;; WHEN: Mon May 22 19:32:50 2006
;; MSG SIZE rcvd: 204
Connecting to whois.arin.net ...
OrgName: Savvis
OrgID: SAVVI-2
Address: 3300 Regency Parkway
City: Cary
StateProv: NC
PostalCode: 27,511
Country: U.S.
ReferralServer: rwhois: / / rwhois.savvis.net: 4321 /
NetRange: 216.177.64.0 - 216.177.95.255
CIDR: 216.177.64.0/19
NetName: SAVVIS
NetHandle: NET-216-177-64-0-1
Parent: NET-216-0-0-0-0
NetType: Direct Allocation
Nameserver: DNS01.SAVVIS.NET
Nameserver: DNS02.SAVVIS.NET
Nameserver: DNS03.SAVVIS.NET
Nameserver: DNS04.SAVVIS.NET
Comment:
RegDate:
Updated: 2004-10-07
OrgAbuseHandle: ABUSE11-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-877-393-7878
OrgAbuseEmail: abuse@savvis.net
OrgNOCHandle: NOC99-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-800-213-5127
OrgNOCEmail: ipnoc@savvis.net
OrgTechHandle: UIAA-ARIN
OrgTechName: U.S. IP Address Administration
OrgTechPhone: +1-800-213-5127
OrgTechEmail: ipadmin@savvis.net
# ARIN WHOIS database, last updated 2006-05-21 19:10
# Enter? for additional hints on searching ARIN's WHOIS database.
-------- Whois Results------------------------- In allwhois.com
Registrant:
Jasakom
Ruth Jasakom
Jl. Kebon Kosong Gg. Mantri 3 No: 161B
Jakarta Pusat, DKI 10620
ID
Email: sto2009@yahoo.com
Registrar Name ....: REGISTER.COM, INC..
Registrar Whois ...: whois.register.com
Registrar Homepage: www.register.com
Domain Name: jasakom.com
Created on ..............: Tue, July 11, 2000
Expires on ..............: Fri, July 11, 2008
Record last updated on ..: Wed, February 8, 2006
Administrative Contact:
Jasakom
Administrator Jasakom
Jakarta
Jakarta, DKI Jakarta -
ID
Phone: 62-8129221973
Email: sto2009@yahoo.com
Technical Contact:
Register.Com
Domain Registrar
575 8th Avenue 11th Floor
New York, NY 10018
U.S.
Phone: 1-902-7492701
Email: domain-registrar@register.com
DNS Servers:
ns2.discountasp.net
ns1.discountasp.net
Register your domain name at http://www.register.com
----------------WHO-IS --------------------------------END ---------
In the above we can see the Identity Sipemilik Domainname, where we see information ranging from name, e-mail, Address, Phone ... Etc ... ... ... ... ... ...
That was enough for We Conduct an attack on the identity of Si-Target
Now phase II (second), we do e-mail to the Administrator in which the target Hosting: D.
Open http://www.neo-doank.co.nr/mail/ Here I have a script Anonymous E-mails I write Own / Design own. Once you go in and log on Website Targeting We send e-mail to Administrator Hosting Si-Yang Having a website that we'll hack. (Fill in your E-mail E-mail As the target for its Domain Name Registering Must)
Contents E-mail is as follows:
----------------------------------------------
Dear,
My Name is Mr. Bla ... Bla ... Bla (Bla = First name and Last name The high-Domain name that will last ... We Hack you can see after the Whois)
I 'can not login to My account, I'forgot Because my Login Name And Password,' There is' Below My Identity sandwiches I's registered domain name to your My Hosting Company:
(Enter last Whois Start All proceeds from the First name, last name, address, city zip code, and so on ..)
Please Send My Login Name and Could You Change my password to: kenatipu-loe, Because I 'Want to Manage My Account and update My Site.
Please Change My Password As soon As possible, if the Password Has Been Change
Please Send login + new passwords to My Another E-mail (enter e-mail that others are here)
Regard
In accordance with the register names Account
You Can Replace the word - he says as you see fit, or for those of you who already speak English Proficient, use your own language, if my language not good: P
Okay, description techniques at the Top Is We pretend - pretend as a person who has a website that we will Hack, where we ask for the Admin HostingCompany in place of His Domain name registered. Once There komfirmasi that password changed, you can login to the target via the Control Panel, FTP or SSH.
Happy Bro HACK
Thanks To ALL, For Read my NEWS !!!!!
0 komentar:
Speak up your mind
Tell us what you're thinking... !