I am interested in such a topic, is it available to the general public program on hacking page users of different social networks (VKontakte, classmates, Facebook and others) or is this myth next? For some reason, they doubt that such a product software can be found on the Internet.
One girl told me that she was hacked by programs special VKontakte and classmates. In my opinion, it is unlikely that a person without computer education could do it. For interest, I downloaded a couple of such programs, allegedly hacking pages, and did not find anything good, except for deception: imitation of hacking, spam, SMS confirmation for unpacking the program and other nonsense. And then hacking in most cases there is an allegedly on the burglary of possible passwords (breaking “scrap”) that the social network would simply be as the number of attempts to enter the account to relegate. And the second nuance – there would be much time on such a hacking, and not what the predicted accurate time of hacking in the programs would write in the programs.
What do you say about this, is there any burglary of social networks or is it just a fool for fools?) The second question: how do real hacks (thoughts immediately about XSS attacks and vulnerabilities) of social pages of users?
Answer 1, Authority 100%
Brad. There are no programs for hacking VK and classmates. Maximum are all sorts of viruses on the computer sacrifice or fake sites with authorization.
At least you should understand, but, apparently, do not fully understand if such a software existed at all, the meaning of the word “account” would be lost. There would be no researchers in the field of IB, there would be no diverse bounty-program (promotions) from vendors. Yes, and the meaning then what would be from the very concept of “information security”?
as they say, “if all the characters, then no one is a hero,” also in the field of information protection, hacking, krajaging, kukaranto (, etc.) – if some “hackers” (although they are Cracker `s), then the” steepness “of the word goes on” no “. We still do not observe this yet.
If you are once any more or less effective methods (something like CSRF or heartbleed ), then those who are responsible for the safety of the software product, try to five, mask, causing anything to make the vulnerability Only not received fame from ordinary users (ordinary mortals), but was not widely known in the society of professionals from the IB sphere. This is the authority of the brand, as – in no way – above the holes, as a rule, just joking.
And so at all you can, for example, write a keylogger, embed a user script into the browser and a lot of different. But all this requires at least some knowledge related to the development as such.
I once took the password from the account. Somehow changed the DNS. And they launched the proxing through their server. And the contact then just for HTTP worked. As the DNS change occurred, it still has a mystery. But the option of hacking two, and both are not simple.
- Attack the victim’s computer and merge the password.
- Catch through the API password with a large time interval so that IP will not be slapped (there is probably not enough life).
This is “software” – entertainment of young schoolchildren.
Dozens, and even hundreds of people with a huge luggage knowledge develop protection mechanisms, encryption.
Well, in principle, a sort of hacking is not a myth, but these are common ways – stirrers, brutfors, keylogging, but:
- For the first one, you still need to infect the victim’s computer, which will have a problematic problem.
- The second option to use to get access to a specific account – meaninglessly, can and hundreds of years to go to the selection, not counting the human factor as an example – frequent password change.
- with keyloggers the same song as with stillers.
Yes, and here too, a bunch of their “pitfalls”, such as social engineering.
And about the programs “give access to an account in one click”, it is easy to turn on – such tools should have direct access to databases, know “salt” used for data storage, which is already stupid – no one will give Such information in open access.
In general, throw this thought from my head. This does not exist.