Social network hacking programs [closed]
Want to improve this question? Update the question so that it it fit into the theme of Stack Overflow in Russian.
Closed 5 years ago.
Improve the questionGood afternoon!
I am interested in this topic, whether programs for hacking the pages of users of different social networks (Vkontakte, odnoklassniki, Facebook, etc.) are available to the general public. others) or is this another myth? For some reason, it is doubtful that such a software product can be found on the Internet.
One girl told me that she hacks special programs vkontakte and odnoklassniki. In my opinion, it is unlikely that a person without a computer education could do this. For interest, I downloaded a couple of such programs, allegedly hacking pages, and found nothing good, except deception: imitation hacking, spam, SMS confirmation for unpacking programs and other nonsense. And then the hacking in most cases occurs allegedly by brute-forcing possible passwords (hacking with a "crowbar"), which the social network would simply reject such a number of attempts to log in to the account. And the second nuance - such a hack would take a lot of time, and not what they write in the programs the predicted exact time of hacking in the region of 15 minutes.
What do you say about this, is there any hacking software for social networks or is it just a deception for fools?) The second question is: how is it carried out? real hacks (thoughts immediately about xss attacks and vulnerabilities) of users ' social pages?
4 answers
Nonsense. There are no programs for hacking VK and Odnoklassniki. The maximum is all sorts of viruses on the victim's computer or fake sites with authorization.
At the very least, what you should understand, but, apparently, do not fully understand, if such software existed at all, the meaning of the word "account" would be lost. There would be no researchers in the field of information security, and there would be no various bounty programs (rewards) from vendors. And then what would be the meaning of the very concept of "Information Security"?
As they say, "if everyone is a hero, then no one is a hero", as well as in the field of information protection, hacking, cracking, crowing (etc.) - if there are only "hackers" around (although they are crackers), then the" coolness "of the word goes to "no". We haven't seen that yet.
If there are any really more or less effective methods (something like CSRF or Heartbleed), then those who are responsible for the security of the software product try to fix, mask, do whatever they want, so that the vulnerability not only does not become known to ordinary users (mere mortals), but also is not widely known in the internet. society of information security professionals. This is the authority of the brand, after all - over the leaky, as a rule, only joke.
And so in general, you can, for example, write a keylogger, embed a user script in the browser, and much more. But all this requires at least some knowledge related to development as such.
I had my account password stolen once. Somehow changed the DNS. And started proxying through your server. And the contact then just worked over http. How the DNS change occurred is still a mystery to me. But there are two hacking options, and both are not simple.
- We attack the victim's computer and leak the password.
- We iterate through the api password with a large interval of time, so that the ip is not blocked (life is probably not enough).
This is " PO " - entertainment for younger students.
Dozens, or even hundreds of people with a huge amount of knowledge develop security mechanisms, encryption.
Well, in principle, this kind of hacking is not a myth, but these are common methods - stillers, brute force, keylogging, BUT:
- For the first one, you still need to infect the victim's computer, which is quite problematic.
- The second option is to use to gain access to a specific account - it makes no sense, they can and hundreds of years to go on the selection, not counting the human factor, as an example-the frequent change of passwords.
- With keyloggers, the same song as with stillers.
And here, too, a lot of its "pitfalls", such as social engineering.
And as for the programs that "give access to the account in one click", you should just turn on your head - such tools should have direct access to databases, know the "salt" used for storing data, which is already stupid - no one will give such information is publicly available.
In general, put this thought out of your mind. There is no such thing.