NOTE: If you are interested in protecting yourself against this hacking method, please refer to this thread.
For this method, it helps to know the person, even a little, but i'll still give you a step-by-step tut on how to find the information and fill out each part of the form.
NOTE: THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY, I AM NOT RESPONSIBLE IN ANY WAY FOR HOW THIS INFORMATION IS USED, YOU USE IT AT YOUR OWN RISK. YOU MAY LEARN ALSO HOW TO GET YOUR OWN ACCOUNT BACK FROM THIS.
Step 1: go here:
https://support.live.com/eform.aspx?prod...mcs&scrx=1
Step 2: Give them your victims full name.
Now, if you do not know their first name, try the following things to find it.
First, try using these two sites, simply enter their email and hit return.
http://www.pipl.com/email
http://com.lullar.com
if you want more, google their hotmail account(s), for example, type into google:
"victimshotmail@hotmail.com"
Include the quotes, cause this searches for only the hotmail account.
If you gain any results, it will most likely be forums or if you're lucky, social networking sites, that they have filled out their info on.
Go through these searches, and look at every one, even make a .txt file in notepad pasting down all the info you can on them.
Once you're done, if you havnt got their last name, keep reading..if you have, goto step 3.
Presuming you dont yet have their last name, try going to social networking sites, like:
http://www.myspace.com
http://www.facebook.com
http://www.bebo.com
http://www.friendster.com
Or any others you can think of, and search for their hotmail account using the websites search feature.
if you get any results, you're in luck, most of the time people include alot of information on themselves in there. Follow any leads you can find on the info, and even ask them or their friends (look up a tutorial on social engineering info out of people first, it will help).
Now another thing you can do is use http://www.whois.com IF your victim has their own website.
If you dont have it by now, maybe you should find an easier target, or if you're desperate, use this technique to hack one of their rl best friends, and alot of the time they have their full name assigned to your victims hotmail address, in their addressbook.
Or, I sometimes just say "I'm pretty sure I only put in my first name at registration, I'm paranoid like that" or something along those lines... It's worked for me.
BTW: This is called d0xing, or "documenting", basically harvesting info on people, it's completely legal as long as you get all your info from the public domain (forums, social networking sites etc).
Step 3: The e-mail address for us to send a response:
Simple, give them your email address... could use a fake one if you're paranoid (one you got access too), but I don't see any risk.
Step 4: Primary e-mail address/member ID associated with the account you are inquiring about:
Here you put in your victims email address (the one you're trying to hack). Then click Continue.
Step 5: Date of birth.
You can simply give them the year, if you dont know any further then that..but if you want to be on the safe side, read step 2, and use those techniques to find their date of birth.
Step 6: Country
If you dont know their country, which you probably should, use their IP address which you will have in one of the next steps to find it, by using
http://www.ip-adress.com/ip_tracer/
Step 7: State
same deal, use their IP addy if you dont know it already
Step 8: ZIP or postal code
Same deal again, it's usually correct if you use the IP addy...just use http://www.ip-adress.com/ip_tracer/
and find their town/suburb or whatever, and google the ZIP code for it.
Step 9: The secret answer to your question
simply put "i dont remember"
Step 10: Your alternate email address
for this, you just put in the email address you're trying to hack, you dont need their alternate email address.
Step 11: Your IP Address
Okay so here's probably the toughest one, but it's still easy. (NOTE: It's very hard to revert an account unless you successfully complete this step)
There's alot of ways to get their IP, i'll give you the easy ones.
Email: Get them to send you an email somehow, it doesnt matter how, you can just send an email saying:
"hey, how are you?" and they'll probably reply. Once you have their email (dont use old emails, please, everybody uses dynamic IP's these days)
right click on it, and click "view source", you will see something like this:
...now you want to find "X-Originating-IP: [XX.XXX.XX.XX]" That is their IP address.
Website: Go here http://www.syntaxmaster.info and register an account for free, it's real easy.
Now once you're registered, go to Software/Tools > IP Stealer; and then you can type in the URL you want your IP stealer to redirect to.. so just google or myspace or something will do. Now you'll see above that they give you your URL, you just send them there and it'll grab their IP, redirect them to google (or whatever site you choose), and then show their IP down at the bottom of the page.
I suggest using spam or http://www.doiop.com/ to shorten your URL and make it custom, you could make it something like:
http://www.doiop.com/profile-329479
And viola it'll look like a social networking site "Hey, I'm katie. :) I'm looking to meet new people and was wondering if you wanted to be friends? ^_^ This is my profile btw:
Something like thaat. :P
MSN: if you can talk to them on msn, then you can get their IP that way too..there's two ways, either download a easy-to-use script, or do it manually with cmd,
i'll show you how to do it manually first.
Manually: Send them a file, or get them to send you a file.
"hey, i love that song, can you send me it?" or "omg, this is the funniest picture ever".
Before you start the transfer though, goto start > run (if you're using vista, just press the windows key) and type in cmd, and hit enter.
type in the following: netstat -n
and hit enter, it will show you a list of active connections to different IP's.
Remember or take a screenshot of those IP's, because once you start the transfer, type in netstat again while it's transferring and check for any new IP's, that is your victims IP.
With a script:
IF you have windows live messenger plus (probably the best WLM IMO), download this script:
http://rapidshare.com/files/133356881/IPGet_1.50.rar
It's called IP-Get, and will show you your current msn contacts IP addresses IF you're currently connected to them with a fileshare. It will also allow you to save the IP addresses, and look up their locations.
Here is a screenie of IP-get:
by now...if not, look up a tut on it, using the search feature.
Step 12: Your internet service provider
very easy to find, use their IP, either using the IP get script if you have it, or http://www.ip-adress.com/ip_tracer/
Step 13: The last date and time that you successfully signed in
Unless you know this as a fact, either take your best guess, say you dont remember, or yesterday.
Step 14: The names of any folders that you created in addition to the default folders
leave this blank, or say you dont know (unless you know this for a fact).
Step 15: Names of contacts in your hotmail address book
give them all the contacts you know are definately or most likely in there, including yourself, and even their other accounts (they might add themselves, everybody seems to). Also give them wilma@live.com and smarterchild@hotmail.com, as most people have them added.
Step 16: Subjects of any old mail that is in your inbox
okay just use common sense for this one, things to include are:
hey, how are you, RE:, FW:, admin, windows live, hotmail staff, recovery, registration, support, lol, password, comfirmation, noreply, delivery status notification (failure).
Also, if they are subscribed to any forums (like hackforums(but please dont hack other HF members :P)), social networking sites (like myspace, bebo) or online games (like RuneScape, WoW), then be sure to include them too.
Step 17: Names of contacts on your messenger contact list
If you happen to know any of their friends, this is where you put their display name...if you dont have them added, put their first names, and if you dont know them at all, just leave it blank, or say you dont remember.
Step 18: Your Messenger nickname
If you know it, put it in..if you dont, say "i cant remember it exactly" or leave it blank.
Step 19:
The rest you dont really need to worry about, except for in additional info, can put anything else that might make you sound more convincing..like:
"please do your best to recover my account, i dont want to go and have to add all my friends again, it'd be a great help if you got it back for me, thank you in advance."
obviously dont put exactly that, but you get the gist of it :)
Okay, i believe that is it, within 24 hours you will recieve an email from customer support, they will either give you a link to reset your (victims) password, or ask for you to send it again with more info, as an email reply..and in that case, you dont have much luck, cause they can just get your IP address from the email and know you're lying :) so try again, and hope you get a more gullible staff member. If you have firefox, click the spoiler.
This add on for firefox  will be very useful if you need to do it again (and a lot of other  things!), it saves all typed/submitted text, so you just need to go back  to that page, right click then click "recover form", click the most  recent one, and recover it then resend.


 
No comments:
Post a Comment