Hackers exist and despite not being as physically violent as pirates, they can be emotionally . In this decade many had forgotten them until they made a master appearance stealing private and intimate photos of dozens of famous actresses, leaving their naked bodies exposed to the eyes of millions of Internet users who were responsible for viralizing them.
While someone is unlikely to want a picture of you, if some individual might try to hack you to simply damage your image publicly by sharing content on your social networks in your name, steal your bank details to scam you or get information that allows you to blackmail you. These are things to which we are all exposed and although whoever wants to do so must have sufficient knowledge, it is no less true that if he proposes it he will be able to achieve it.
As we care about your security, in this post we mention what are the most used methods by Hackers to crack passwords of social networks, emails and even your WiFi. At the end of this post you will be an expert in the subject and you can even try several of them, which we hope is for the purpose of learning to protect you and not to harm anyone else. Without more to say, we begin.
Index:
What are the methods that hackers use (bad) to decipher (all bad) type of accounts and passwords?
Despite the efforts of companies to increase the security of their software, lately security threats have multiplied , becoming at the same time more difficult to avoid and making us weaker every day before these attacks.
If you use online banks and payments, emails like Gmail, Facebook, Twitter or other social networks, you are one of the objectives that these criminals look for daily and the best way to take care of yourself is to know the methods that they use to avoid them, that’s why we explain them to you below.
Keylogging
The keylogging, which the so-called keyloggers do, is based on a small program or device that is responsible for capturing and storing everything that is copied or written to a computer . First level hackers can use it because it only requires installing the program simply.
The keylogging system is quite effective , although a bit tedious when collecting and studying the information obtained taking into account the amount of things a person writes daily on social networks or jobs, just to obtain the login data of emails / social networks or electronic banks. However, it allows you to do a simple search with terms like the following “@ +.” to throw the emails entered and the password as the next word. To prevent this from happening to you you must be aware of your system tray.
In the “ Task Manager ” of Windows, look for the “ Processes or Services ” tab. You should leave information about your uses, if you notice something out of the ordinary or suspicious, perform a web search with the name of the process in question and thus know exactly what it is.
Phishing
Phishing is one of the most popular virtual identity theft techniques , due to its high effectiveness. The procedure is easy and economical, heavy software or modern computers are not required. Basically, a medium is created, be it a fake application, a fake message or a fake email in which the user logs in or provides their account information , as the case may be.
It is widely used in bank systems and it is difficult to perceive it because when « login » the server that hosts the fake page sends an image of the panel inside the bank as it normally would. Of course the attacker receives a text file with this information and thus can enter the account at any time.
To avoid this, you must be very aware of the address bar in your browser and verify that it is formally correct and does not have any type of error.
Stealers
The famous stealers, are automated applications that steal sensitive data such as passwords stored in browser memory . Although they are not very effective, there are many options from which a perpetrator can choose and thus have an interface to program commands that will take the information and register it in a system that can be accessed at any time.
To avoid it you can use master password systems with the help of Keepass, Login Control or any other similar program.
Sidejacking
Taking advantage of those connected to a particular WiFi network, whether public or private, the thugs perform a normal session hijacking through the network . The only way to stay safe from this is to avoid unknown WiFi networks or use Firesheep to verify that no one is using a hijacking system on that WiFi.
Virus, Spyware, Trojans and Worms
The best known and used are the malicious files that are usually linked to what you download on the internet , be it music, documents, books or programs. If you download something for free you should keep in mind that the ease with which you accessed them can be covered with serious problems and infections that will harm your pc.
There are many types of files that can be hosted on your computer by downloading them , each one will provide you with details of your information other than whoever has implanted it, so make sure you download it from secure and reliable sites .
Via Telephones
Although the famous virtual wallets on smartphones solve everyday problems, are also a way by which it is easy to steal information and money . There are many programs like Mobile Cpu that can record written information on mobile phones, including passwords for social networks and banks.
Hijacking
The cookies of browsers serve to authenticate the identity of a user, retrieve some of the information and the interaction of the same in each website to personalize the experience. However, this gives rise to hijacking session or hijacking session .
It is done on LAN networks using game tournaments, cybercafes, labor networks or institutions . Someone can use sniffing applications or ARP spoofing techniques that perform a search of references of the cookies of access to the sites that do not use HTTPS, in this way they access the account in a simple way. To avoid them, use HTTPS and other protection protocols when you start session on any network or community and delete cookies regularly.
List of programs and applications to hack and hack passwords
The battle of cybersecurity is several years old . With the new technologies and modernism, the most commonly used are the tools that can be housed in various operating systems and simple operation . A large number of different programs and applications have been developed to decrypt passwords on different platforms. Then you can meet them.
Brutus
It is an online program that allows you to know all kinds of passwords. It is available on Windows and works with HTTP to through basic authentication of HTML / CGI, FTP, POP3, SMB, Telnet and other forms . It has been running for many years although its last update was in 2000.
Cain and Abel
Cain and Abel, according to translation is a popular program in password cracking . It works efficiently in Microsoft operating systems, which allows you to recover or decrypt passwords using network literacy, encrypt the password, recover WiFi keys , record conversations, perform cryptanalysis, reveal password boxes, analyze routing protocols and discover keys in the cache.
It is mainly used by professionals , whether in the use of forensic investigation and analysis, although there are also those who use it maliciously.
RainbowCrack
This program reduces the time it takes to crack passwords using pre-computer tables called rainbow tables . It is possibly the most difficult to use since it requires highly technical knowledge to be able to do an efficient job, but whoever knows how to use it will be able to decipher practically any password that he pleases.
It is available for Windows and Linux operating system . It is precisely in the latter that it is most effective since it is an open source operating system that can be modified at will by the user to make it especially powerful using RainbowCrack .
John the Ripper
Quite known and fast in operation . This Unix, Windows, DOS, BeOS and OpenVMS software allows the detection of weak passwords. It also has a professional version for greater functions. It is a tool specially designed by hackers to be used by others without any good intention in between.
Wfuzz
Created for brute force attacks. What this program can do is search for unrelated resources such as directories, servlets, scripts and others, as well as formulas with user parameters and password for ease when analyzing the results. Use bruteforce GET and POST to control SQL, XSS, LDAP and other injections.
Aircrack ng
Aircrack is a program created several years ago that analyzes wireless encryption packages to discover passwords through cracking algorithms. It implements a standard FMS attack and also optimizes with Korek and PTW attacks, for all this it is a fairly powerful, efficient and fast method when compared with WEP cracking tools. It is available for Windows and Linux.
Thc Hydra
Its operation stands out for fast attacks with up to 3 protocols together, among which are Telnet , FTP, HTTP, HTTPS, SMB and others. It allows to add modules and modify the attack characteristics for greater power. It is available on all operating systems including BSD Libre, Solaris, OS, Linux and Windows, is also compatible with most existing network protocols .
Tips to avoid decrypting your passwords
Now that you know all the common ways by which someone can enter your PC or your platforms using your data, although there are also many methods that we still do not know. Therefore, you must protect yourself very well.
If in your life off the internet you are careful when going to the bank or doing anything, you must also do it on the network you can not forget that there are millions of people who want to hurt, but you will ask How to protect yourself online ?.
Fortunately there are many actions that you can start implementing to increase your security . It is essential that for each social network you do things to be a little more secure, so we detail exactly what you should do to be safe on each website.
From Facebook
Due to the attacks and thefts of common accounts, the platform has designed its own internal security methods , so that whoever wishes can use them and avoid being the next victim. Facebook uses authentication methods to make sure you are always the one who signs in to your account, there are many and you can activate some or all as required
- Text message codes (SMS) of the cell phone.
- Code generator security codes.
- Touch the security key on a compatible device.
- Security codes of a third-party application.
- Approve your attempt to log in from a recognized device.
- Printed recovery codes.
To activate some you must go to the “ Account Settings ” and once there, to the “ Security” section. You will find each one of the options and you will see information about its use.
WiFi
Apart from stealing your information, if someone uses your WiFi without authorization it can cause problems in your connection and make the network heavy, so do the following actions and make sure nobody can connect without your approval.
- Hide the network : when someone from your device searches for available networks even if yours has a password, it will appear in the list and they can use programs to decrypt it. The best thing you can do is make your network invisible. For this, go to the Router configuration and in the Basic Information section where the name is located, look for the box to hide it. There will be no problems if you want to connect another device in the future because by entering the configuration again you can add it.
- Change the name : as a precaution immediately install a router, within The configuration must change its default name, since it usually has information from the manufacturer, which makes it easier for those who want to know your password.
- Change the password : Like the name, the routers come with passwords by default depending on the brand, although in general most have the same. So it is best to change this as a basic measure. You can do it in the configuration panel, in the WLAN section.
- Change the router password : your internet has two passwords, the WiFi and the router configuration, do not get confused. You must change the two and preferably they are different. In the router you must be even more careful that they can not find out because to enter the panel it is enough to do an IP address search on the internet, if they get the access data they can change from the WiFi password to the devices that have access and the power.