Tuesday, November 4, 2008

Stealing password

Well, truly speaking( :) ), I have no idea on how to crack a Yahoo password but still we keep hearing "Someone hacked my account". Well log on to http://www.pwcrack.com/howtohackaol.shtml and read the stuff, its great.

But if you still want to crack someone's account then the best thing would be
1. Just look when s/he types the password. (Try this with me and I'll poke your eye)
2. Try some regular passwords like 123456, asdfghjkl, chiranjivi, jenelia (Yeah people even at B.Tech CSE are stupid enough to use these). I found one who uses his own college id.
3. Try social networking (tell him, "I am your best friend, but I don't think you take me as a true friend. If you think, I am a true friend tell me your password") Hahaha!
4. Brute Force, with a lot lot lot lot lot of luck you may get it. Try Brutus. It's one of the best brute force software.
5. Listen to the traffic on the network. People on same network can listen to what others are doing. I used this at the hostel (the wifi is not secure, anyone can tell who is chatting with whom and what). If you are lucky enough, that guy will enter his password on some site that sends the password to the server in plain text. (Yeah there are a lot of site that do this.) You can try this password for his account. People never listen when they are told to put different passwords for different sites.
6. Just go to the "Lost your password" and try it. Most of the times, you can answer the secret question. And the Pin code, some people are so stupid that they put 0091 (00977 in Nepal) that is the ISD code not the pincode. Try it anyway.
7. Try some password recovery programs that recover password from Internet Explorer or Firefox saved passwords (of course this will work if you can use their computer and if they have saved the passwords)
8. Coming to BIOS password, if you are administrator of your Windows XP, you can get the BIOS password using this open source software.
9. Cracking windows has another aspect. Go to that machine, search for the .sam file. Copy that file and bring it to your computer. And start the OphCrack. It works they say, I have never tried it personally. You can try this tutorial as well.
10. Try the hint in the log in window. Some people put their password as hint.
11. Most people on windows never reset their administrator password. When you see the login window, press alt+ctrl+del twice and you will see the classic login window. Type username as administrator and password is blank.

Let me know, if anyone of these work.

Leave comments on things I missed or I am wrong with.

Added on 07/11/08

I forgot to point out that many people also put their phone numbers as their passwords. We can only feel sorry and use their accounts.

1 comment:

  1. Olo .. ]]=

    How funny people keeping passwords it's fact /: