How do I hack my friend’s email account?

Hacking or Cracking an email account is definitely not an easy job to do because nowadays well-known email providers have armoured their servers with strong IDS systems and hardcore scripts. However, vulnerabilities still exist. I will suggest you to try out the following things:




- Bugs: You could exploit existing bugs or you could find your own bugs. You can try out web-application exploit methods such as SQL Injection, XSS, Cookie Stealing, RFI, LFI, CSRF etc. (Hint: Yahoo’s got a PG source variable bug that allows the attacker to get Yahoo passwords in seconds)




- Phishing: You can create a fake login page that redirects the login information into your mailbox.

- Social Engineering: You can use Social engineering techniques to acquire passwords. This method has been very effective.

- Using a Keylogger: You can use a keylogger to log all the keystrokes that have been processed in a system. This is an effective way to acquire passwords, but remote infusion of keyloggers is difficult unless you compromise the victim’s system. You should try out Aradamax Keylogger or S-C Keylogger or code one in C.





- Password Guessing: The least effective technique.

That’s right. With this FAQ and a little bit of Google skills, you can have your basic concepts clear in no time. I hope you enjoyed reading it all through. Suggestions/Complaints/Queries go to binary [dot] fella [at] linuxmail [dot] org.

Shout Outs: r4y, brawny, thex, Unified Security, 0xD, Tayo, Dev, all the folks at Hackers Library.