Getting e-mail password

Home / Hacking, News, Security / Getting e-mail password

December 22, 2009 PlanetCreator 0 Comments 0 tags

Step 1: Login to

http://www.facebook.com

with your account.

Step 2: Find the “friend” who you would like to hack.

Step 3: Go to their profile and click the “info” tab.

Most people post all their information under this section, example: birth date, hometown, favorite music, favorite movies, email address… you get the idea. This information is what you will be using to gain access to their facebook account.

Step 4: Locate their “email address”.

(NOTE: some people don’t reveal their email address… that sucks)

Step 5: Go to the account recovery page for that persons email account

GMAIL

https://www.google.com/accounts/ForgotPasswd?service=mail&fpOnly=1

YAHOO
Code:

https://edit.yahoo.com/forgotroot?done=http://mail.yahoo.com&src=ym&partner=&intl=us

HOTMAIL

https://account.live.com/ResetPassword.aspx?mkt=EN-US&ru=https://login.live.com/login.srf%3flc%3d1033%26wa%3dwsignin1.0%26rpsnv%3d11%26ct%3d1249336714%26rver%3d5.5.4177.0%26wp%3dMBI%26wreply%3dhttp:%252F%252Fmail.live.com%252Fdefault.aspx%26id%3d64855%26mkt%3den-US%26bk%3d1249336693%26lc%3d1033%26vv%3d650&lc=1033

Now you have a few options depending on how they setup their account recovery.

You can use their information from their facebook to crack their “secret question”.

I have found that many people do have “secret questions”. I have looked up peoples schools to find out their mascot, I have gone thru their pictures to see if they tagged their pets name or even their first car. Even looking thru wall post or notes will expose these answers.

And for those that don’t have secret questions, but have alternative email addresses. You can try to guess and register their alternative email address if it has expired but thats a long shot.

With this type of approach you will not only gain access to their facebook account but everything else that is registered under their email address.

Facebook is a very good tool to help gain information about people, it’s like everyone is just posting their whole life for the internet to read about.
The end.
h4cKm4sHiNe

Explore More

Critical persistent xss vulnerabilities at IPAY : Myanmar Online payment Official Site

This evening, I found a fascinatedÂ big bill board “IPAY” http://www.ipay.com.mm at Thamine Junction, Yangon, Myanmar. Then, I said my friend “googl3group” about it, and saidÂ “NO XSS, NO SQL

Ur email can be intercepted!

Top 10 Places Your Email Can Be Intercepted The Internet has radically changed the way we communicate with each other. Email is obviouslyan extremely valuable and ubiquitous form of communication,

critical XSS vulnerability on Accounts Chamber of the Russian Federation http://www.ach.gov.ru

PlanetCreator.Netâ€™s Security Team Member has reported another critical XSS vulnerability on Accounts Chamber of the Russian Federation http://www.ach.gov.ru These are some information from Vulneral Site http://www.ach.gov.ru: This vulnerability has been

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
on November 15, 2024 at 12:00 am
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
on October 1, 2024 at 12:00 am
reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
on October 1, 2024 at 12:00 am
dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] openSIS 9.1 - SQLi (Authenticated)
on October 1, 2024 at 12:00 am
openSIS 9.1 - SQLi (Authenticated)
[dos] Windows TCP/IP - RCE Checker and Denial of Service
on August 28, 2024 at 12:00 am
Windows TCP/IP - RCE Checker and Denial of Service