The truth about Gmail / Yahoo / Hotmail password hacking / cracking
On the Web - DO NOT BE NAIVE !
You might have seen a lot of websites that offer to hack Hotmail or Yahoo account password, some claim to hack them using the "expertise" they gained in last X years , some claim to hack it using previously existing loopholes...
Goes same for "Hotmail password crackers" or "Yahoo password stealers"...
So ? what's the truth then ? There are no magical techniques
These websites demand $100 to $300 per account for hacking hotmail / yahoo & get you...absolutely nothing! DO NOT PAY ! It's a TRAP ! They claim Hotmail has a MD5 password : it's bullshit too. Hotmail / Yahoo / Gmail DO NOT USE MD5 for password hashing. They use more complex systems.
As for -fake- Hotmail Password cracker "software", any company or website that claims to hack password using software usually show a -fake- MD5 hash of the password which is indecipherable.
Ok, Hotmail/yahoo cracking site/software are all bullshit. But I need to steal a hotmail/gmail/yahoo password !
As any other website or web services (Facebook, Twitter, ...), it's possible to get credentials using conventional techniques :
- Phishing : use of Fake Login Pages, also known as spoofed pages. These fake login pages resemble the original login pages of sites like Yahoo, Gmail, etc. The victim is fooled to believe the fake webmail page to be the real one and enter his/her password. But once the user attempts to login through these pages, his/her login credentials are stolen away.
- Keylogging : locally or remotely install a keylogger application on the victim's computer. It records the keystrokes into a log file and then you can use these logs to get required Facebook, Hotmail, GMail, etc password.
- Primary email address hack : simply ask the web service to send password reset email to the victim's primary email address - of course if this email account is already compromised.
- Social engineering : method of retrieving password or answer of security question simply be quering with the victim. You have to be careful while using this as victim must not be aware of your intention. Just ask him cautiously using your logic.
- Cookie Stealing / Session Hijacking : Google it. See for example FireSheep
We obviously do NOT crack hotmail / yahoo / gmail / twitter password here. DO NOT ask us for, nor anything related to these Web Services.