How to Hack Whatsapp Account in different ways

how to hack whatasapp Whatsapp was incepted in 2009 and it is very much clear that it has become an integral part of our lives. With more than 1 billion fan base, WhatsApp has turned to be one of the most convenient ways to communicate online. Definitely, this has to be the situation as this social instant messenger is absolutely amazing

So, if you are thinking how to hack WhatsApp account of your friend, kid, husband or any other family member, then definitely, you need to check these tricks out.

These are the best WhatsApp Hack and will allow you to hack anyone’s account. So, know how to hack someones WhatsApp, even when you don’t have his access to his phone, or even if there are numerous security measures used by that individual.

Is It Really Possible to Hack Someone’s Whatsapp Account?

Yes, it is possible to hack the WhatsApp account. From call logs details to WhatsApp messages, you can hack it all from a targeted device, be it an iOS operating system or Android phone how to hack whatasapp

Hacking WhatsApp is quite simple and you can do this through various processes. So, let us discuss the various ways to hack WhatsApp account one by one.

How to Hack Whatsapp Account without Verification Code

If you wish to hack someone’s WhatsApp account without needing any verification code, then this is the best hack to consider. This is amazing Whatsapp verification code hack that works with the trick of Whatsapp verification servers.

You need to send a spoofed request to avail an authorization code for a substitute phone. For this, you need to follow various steps:how to hack whatasapp

  1. First, install WhatsApp on your mobile phone.
  2. A new counter will begin from Whatsapp where it will send a verification code to its servers.how to hack whatasapp
  3. You need to block this message service.
  4. For this, you can either push the phone into Airplane mode or can alter the message center number.
  5. As a result of this, Whatsapp will offer an alternative method of verifying the number.
  6. Select the verification through SMS and fill in your necessary email details.
  7. As soon as the request to send SMS you need to cancel to terminate the authorization call to the Whatsapp server.how to hack whatasapp
  8. The next important thing is to do SMS Spoofing!
  9. For this, you need to copy the message details and paste it into a spoofer application. Then spend the spoofed verification code.
  10. Doing this will make you receive messages for the spoofed number on your phone and can communicate with people within the spoofed number.how to hack whatasapp
  11. Successfully, you have hacked the WhatsApp account without using the verification code.

DOWNLOAD HACK

 

How “WordPress SEO By Yoast” Could Get Your Site Hacked [Security Alert]

If you are running your site on WordPress platform and using this [Wordpress SEO By Yoast] awesome plugin then i would advise you to first update it before further reading the article, if not already. A huge flaw was found in the plugin by a freelance security consultant Ryan Dewhurst which puts your site in danger and could even get it hacked.

wordpress-seo-by-yoast-security-bug

You can read more about the technical aspect of the bug from WPScan Vulnerablility Database.
According to it ”

The authenticated Blind SQL Injection vulnerability can be found within the 'admin/class-bulk-editor-list-table.php' file. The orderby and order GET parameters are not sufficiently sanitised before being used within a SQL query.

In layman’s terms a malicious hacker could change your database by making an logged-in author visit a malformed URL through Social Engineering.

The severity of the bug was so huge that it made the WordPress team to force-push this update by which the plugin will be updated automatically if the auto-update feature is not turned-off. The update will be automatically rolled to you if you are,

  • running on 1.7 or higher, you’ll have been auto-updated to 1.7.4.
  • If you were running on 1.6.*, you’ll have been updated to 1.6.4.
  • If you were running on 1.5.*, you’ll have been updated to 1.5.7.

Yesterday Yoast team released a blog-post outlining the bug and what they did to patch the flaw.

So all in all if your on older version of the plugin then you must update it as soon as possible to avoid any risks of your site getting hacked or compromised.

Note: WordPress SEO By Yoast Premium users need to manually update the plugin by going to Plugins->Installed Plugins->Wordpress SEO By Yoast and clicking on ‘update plugin’.

7 E-Books That Could Make You A Better Hacker

“A hacker is someone who seeks and exploits weaknesses in a computer system or a computer network.”                                                                                                                                                                            -Wikipedia

A hacker is a geek at best who knows virtually everything about computers. Hacker’s know the in’s and out’s of functioning of a computer system, every minute detail.

 

hacking-ebooks

 

But to become one it takes years of learning and hardwork. If you are targeting this field and aspiring to become a master of computer security then i would suggest that before jumping straight to advanced topics you should read these 7 E-Books for beginners which would help you immensely.

7 E-Books That Could Make You A Better Hacker :

Hacking For Dummies :-

Hacking For Dummies, 4th Edition explores the malicious hacker’s mindset and helps you develop an ethical hacking plan (also known as penetration testing) using the newest tools and techniques.

Author :- Kevin Beaver.

Hackers: Heroes of the Computer Revolution :-

This is a book by Steven Levy about hacker culture. It was published in 1984 in Garden City, New York by Nerraw Manijaime/Doubleday. Levy describes the people, the machines, and the events that defined the Hacker Culture and the Hacker Ethic, from the early mainframe hackers at MIT, to the self-made hardware hackers and game hackers.

Author :- Steven Levy.

Hackers & Painters: Big Ideas from the Computer Age :-

Hackers & Painters: Big Ideas from the Computer Age is a collection of essays from Paul Graham discussing hacking, programming languages, start-up companies, and many other technological issues.

“Hackers & Painters” is also the title of one of those essays.

Author :- Paul Graham.

Linux Server Hacks :-

Linux Server Hacks is a collection of 100 industrial-strength hacks, providing tips and tools that solve practical problems for Linux system administrators. Every hack can be read in just a few minutes but will save hours of searching for the right answer. Some of the hacks are subtle, many of them are non-obvious, and all of them demonstrate the power and flexibility of a Linux system.

Author :- Rob Flickenger.

Hacking VoIP: Protocols, Attacks, and Countermeasures :-

Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it’s notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.

Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you’re serious about security, and you either use or administer VoIP, you should know where VoIP’s biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.

Author :- Himanshu Dwivedi.

Oracle 11g Anti-Hacker’s Cookbook :-

Make your Oracle database virtually impregnable to hackers using the knowledge in this book. With over 50 recipes, you’ll quickly learn protection methodologies that use industry certified techniques to secure the Oracle database server.

Learn to protect your sensitive data by using industry certified techniques
Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2
Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security.

Author :- Adrian Neagu.

Ubuntu Kung Fu: Tips, Tricks, Hints, and Hacks :-

Ubuntu’s rise to power has been rapid, historic and well-deserved. It’s the best Linux distribution ever, but most people only use a fraction of its power. Award-winning Linux author Keir Thomas gets down and dirty with Ubuntu to provide over 300 concise tips that enhance productivity, avoid annoyances, and simply get the most from Ubuntu. You’ll find many unique tips here that can’t be found anywhere else. You’ll also get a crash course in Ubuntu’s flavor of system administration. Whether you’re new to Linux or an old hand, you’ll find tips to make your day easier.

Author :- Keir Thomas.

 

If you’ve read this post till the end that means you are pretty serious about computer security field, in that case these e-books will help a lot for clearing basics and some intermediate concepts.

Know another useful e-book on Hacking? Do share it’s name with us in the comments below.

Security Flaw In Drupal Affects Millions Of Sites

Security Flaw In Drupal Affects Millions Of Sites

If you are an owner of a website which is based on popular C. M. S.(Content Management System) Drupal then this article is a must read for you. If your site is running Drupal version 7 then you may also have been affected by this newly discovered flaw which could allow a malicious user to modify or take complete control of your site.

According To Drupal :-

SA-CORE-2014-005 Drupal Core – Sql Injection,

“Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks.

A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks.

This vulnerability can be exploited by anonymous users.”

Updating Drupal to the latest version which is 7.32 will fix the vulnerability but would not recover an already compromised site. So if your website is already affected then you can follow these instructions to recover it.

How To Scan A WordPress Site For Vulnerabilities

WordPress is the most popular open-source C. M. S. (Content Management System) with ‘N’ number of plugins & themes which could make it very fun to use. But sometimes these plugins and themes could cause security issues on our site as many of them are poorly coded. So in this tutorial we are going to discuss the ways on – How to scan a WordPress site for vulnerabilities and fixing it.

scan wordpress for vulnerabilities

Vulnerability scanner which we will be using for this tutorial is named ‘WPScan’ which is free to download and install. You can also use the almighty KALI Linux which pre-includes this tool and many more. If you don’t have KALI : GET IT FROM HERE.

So Let’s Get To It :-

WPScan works by scanning the installed themes & plugins on a given website and matching them to it’s ‘database’ of vulnerable plugins/themes. If a match is found it will show a few links to SecurityFocus’s CVE database where you can read more about the vulnerability.

Scan A Website :-

wpscan –url “http://example.com”

This command will check a given site and provide various information about the installation of wordpress, themes and plugins installed.

Scan Installed Plugins For Vulnerability :-

wpscan –url “http://example.com” –enumerate vp

After executing this command, WPScan will start to match the installed plugins from it’s database and upon finding a vulnerability it will show CVE (Common Vulnerabilities and Exposures) reference links.

Scan Installed Themes For Vulnerability :-

wpscan –url “http://example.com” –enumerate t

Like the command before this, it will scan for vulnerable themes and show the related CVE reference links.

Scan The Name Of WordPress Users :-

wpscan –url “http://example.com” –enumerate u

Using this command will show the name of users with access to the admin area (wordpress login) of a particular site.

Testing All At Once :-

wpscan –url “http://example.com” –enumerate u,vp,t

If you like, you can also test all the three things at once using this command.

Bruteforcing a Weak WordPress Password :-

This post is just about scanning for vulnerabilities so bruteforcing a password doesn’t need to be here but as this is part of WPScan, it needs a mention. A weak password is no less harmful (infact much harmful) than a vulnerable theme or plugin.

wpscan –url “website.com” –wordlist passwords.txt –username helge

For this command to work you also need to provide the path to a wordlist (a file with possible passwords). You can find number of them spread across the internet but i would recommend this one.

Don’t Miss :- How To Check Website For Vulnerabilities.

Securing The Site :-

When done with the scanning part you should focus on securing your site by removing the reported plugins and themes or update them (if available).

Note :- Do not simply rely on WPScan as it won’t notify you of 0-day (Zero-Day) exploits.

So, don’t waste time & start securing your site. Feedback and suggestions are welcome, feel free to comment.

Enjoy..!!

Also See :- How To Exploit The Heartbleed Bug.

How To Add Or Remove Write-Protection From USB Flash Drives

enable-disable-write-protection

 

Many of has faced this problem once in our computing life but sometimes a need arises to write-protect our USB drives so that the data stored on it cannot be modified in anyway. In this post we will discuss how to edit Windows Registry to disable ‘Write or Delete’ feature on storage devices.

Note :- This trick will only enable write-protection on the computer it’s done.

Most of the new flash drives comes with a physical flip-switch which will enable/disable write-protection, we could use that but if the switch is not present then follow the steps below.

Enable Write-Protection :-

  • First of all, open Registry Editor by clicking on START -> RUN and type ‘regedit‘.
  • Then navigate to : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\
  • Now, create a new key by right clicking on ‘Control‘ -> New and name it ‘StorageDevicePolicies’
  • Under this newly created key, create a ‘DWORD’ 32 bit value and give it the name ‘WriteProtect‘.
  • We are almost done, Just double click on this new value and change it to 1.

Disable Write-Protection :-

To disable write-protection which we activated earlier, we have to :

  • Double click on the ‘DWORD’ value which we created.
  • Change the value in it to ‘0’ (zero).

That’s it. Now i hope you know how to enable or disable write-protection according to your needs.

Enjoy..!

 

RELATED :- Password Protect Windows Folder Without Any Software

Search For Secrets Using Google

google-knows-everything

 

Google, a search engine which serves about 80% of total search engine industry traffic could be used to find secrets on the web which is difficult to find otherwise. These secrets could be anything from Personal Information to Confidential Data which because of someone’s stupidness (Read – Lack of Security Measures Implementation) is indexed by Google.

Don’t Miss : Funny Google

It is very much possible to search for these information easily because of the vast querying capabilities provided by Google.

 

google-query-operators

 

Using single line commands one can search for personal details like email, passwords, admin accounts, webservers etc.
For just the sake of experiment, i queried Google for emails and found a shocking ‘Half A Million‘ addresses in plain text and that too without much effort – Scary huh..!!

To search for personal data following queries can be used :-

 

search-secret-data

 

Recently, i read a book ‘Dangerous Google :: Searching For Secrets‘ by Michal Piotrowski which completely changed my view of Google forever.
The author wrote a very sticky line which engaged me into reading the book :-

Information which should be protected is very often publicly available, revealed by careless or ignorant users. The result is that lots of confidential data is freely available on the Internet – just Google for it.

The above commands (queries) are from this book only, to know more give the book a quick read-through.
I don’t know the author but the information provided makes me share it (hope it’s OK with the author).

Also See : Find Serial Keys Using Google

Tried the queries? Tell us what you found, in the comments section and don’t forget to subscribe to us.

Hide Your Data Into An Image Using Python

The Python Way :-
It is possible to hide some data into an image as demonstrated in my previous post. In this post we are going to accomplish just that but by using Python. Now you must be thinking if we can do it using command prompt in Windows then why should we bother with python, so the answer to that question is Because We Can..!!
hidden-data-behind-image


Behind The Scene :-
Before i tell you how to hide the data into an image, let’s discuss what is really happening in the background :-
The process opens each file at it’s binary state and merges them into one. To view the image you can open it simply and if you want to view the hidden data open it with any archiver software like 7zip as the files must be first archived before merging into the image.

Don’t Miss :- Password Protect Any Folder In Windows (No Software)

Requirement :-

  • Python Compiler
  • Text Editor

The Process :-
Type the following lines in a text file and save it with .py extension :

  • image = open(“image.jpg”, “ab”)
  • archive = open(“file.zip”,”rb”)
  • image.write(“n”+archive.read())
  • image.close()
  • archive.close()

Here image.jpg is the image behind which the data will be hidden and file.zip is the file which contains the data to be hidden.
So, with just 5 lines of code we can easily hide our data from the eyes of an unsuspecting user. Note that it doesn’t encrypt the data in any way, a user with some know-how could still find the information that is hidden.

If you feel the need to split the files again you can create and run this python script same as above :

  • import os
  • imgsize = os.stat(“image.jpg”).st_size
  • image = open(“image.jpg”, “ab”)
  • archsize = os.stat(“file.zip”).st_size
  • archive = open(“file.zip”,”rb”)
  • image.write(“n”+archive.read())
  • image.close()
  • archive.close()
  • narchive = open(“file2.zip”, “wb”)
  • old = open(“image.jpg”, “rb”)
  • oldr = old.read()
  • data = oldr[-archsize:]
  • narchive.write(data)
  • narchive.close()
  • old.close()

Just run this script and your file will be splitted in no time.

Have an interesting point to add, do let us know in the comments section below.

Enjoy..!!

See Also :- Create An Almighty Folder In Windows

How To Activate Windows 7 Without Any Key Or Software

windows7-logo

 

So, you’re installing Windows 7 on your PC – completed the whole process just to find out that you don’t have the key to activate it. What will you do in this case? If purchasing a new license is not an option then this post is definitely for you – keep reading.

 

windows7-activator

 

In this post i’m going to show you a nice little trick that will activate your Windows forever without any software or tool.

If you don’t know, Let me tell you – Windows 7 provides a free 30-day trial for those who don’t have key or who are just trying it as a demo. In this tutorial we are going to leverage this option to activate our Windows indefinitely.
Follow These Simple Steps :-
  • First of all, open any text editor – like notepad.
  • Then type this command in it :
  • SLMGR -REARM

 

  • Save this file as Activate.bat (Note : The extension must be .bat for this to work)
  • This step is the most important one, Now copy this newly created file to the Startup folder which you can find in the Start Menu.
  • Just restart your computer and your Windows 7 will be activated.


Explaination :-

What we have done here is created a file which when run will activate Windows for 30 days and by copying the file to the startup folder it will get executed every time you restart your PC. In this way you will get your Windows 7 activated without any illegal method or software.
 
 
If you know any other easy way or have something to say about the article – Let us know in the comments.
Enjoy..!!

Top 50 Hacking Tools That You Must Have

Whether you are a Penetration tester, a hacker or an aspiring newbie trying to learn Cyber Security, you must have a nice catalogue of tools to make your life easier. While these tools do make working simpler but cannot compensate for the vast amount of knowledge required in this field. Ethical hacking and online security involves a lot efforts. Many tools are used to test and keep software secure. The same tools can also be used by hackers for exploitation.

hacking-tools

A hacking tool is a computer program or software which helps a hacker to hack a computer system or a computer program.

 In this post i’m going to mention 50 different tools under 9 categories that your ‘Hack Lab’ must have. Most of the tools mentioned in this post are pre-included in Kali Linux which you can install to have them at once.
Intrusion Detection Systems :-
These are the tools you must have if you’re building a hack lab for penetration testing or for any security arrangement. They help you detect of any threats that might harm the system.
  • Snort
  • NetCop

Encryption Tools :-
While the above tools do identify any suspicious activity but they can’t protect your data, you need encryption tools for that.
  • TrueCrypt (The project has been shut down and no longer supported)
  • OpenSSH
  • Putty
  • OpenSSL
  • Tor
  • OpenVPN
  • Stunnel
  • KeePass


Port Scanners :-

The next big thing is Port Scanners, you can’t penetrate a network without knowing what services are running on what ports.
  • Nmap
  • Superscan
  • Angry IP Scanner


Packet Sniffers :-

These tools let you intercept traffic incoming/outgoing from the network.
  • Wireshark
  • Tcpdump
  • Ettercap
  • Dsniff
  • EtherApe

Traffic Monitoring :-
These tools let’s you monitor and analyze what is currently going on in a network.
  • Splunk
  • Nagios
  • P0f
  • Ngrep  


Vulnerability Exploitation :-

These are the hardcore tools that you will use after identifying the flaw or loop hole in the security of a network.
  • Metasploit (The Best)
  • Sqlmap
  • Sqlninja
  • Social Engineer Toolkit
  • NetSparker
  • BeEF
  • Dradis

Packet Crafting :-
Packet Crafting tools facilitate finding vulnerabilities within the firewall.
  • Hping
  • Scapy
  • Netcat
  • Yersinia
  • Nemesis
  • Socat

Password Crackers :-
These tools let you crack passwords a computer has stored in it or is transmitting over the network.
  • Ophcrack
  • Medusa
  • RainbowCrack
  • Wfuzz
  • Brutus
  • L0phtCrack
  • Fgdump
  • THC Hydra
  • John The Ripper
  • Aircrack
  • oclHashcat
  • Cain and Abel


Wireless Hacking :-

If a network have a Wi-fi access point then it can easily be broken into. Various encryption methods like WEP, WPA/WPA2  or even the latest WPS have some serious security flaws. These tools help you intrude much easily.
  • Aircrack-ng
  • Kismet
  • InSSIDer
  • KisMAC
These were some of the tools which must be in any Cyber Security Researcher’s arsenal.
So, What are you waiting for – Let the hacking begin..!!
Did I miss some other cool tools which must be in this list, do let me know in the comments.
Enjoy..!!