How Hackers Steal Password
There are many ways to get a password. Some of them do not require special skills. Here are the ways of the most common and most frequently used :
. Social Engineering
. web Spoofing
. Facing Email
. password Cracking
. session hijacking
. Being a Proxy Server
. Utilizing User Negligence In Use Browser Features
1. Social Engineering
a technique of ‘theft’ or retrieval of data or information important / crucial / confidential from the person by using a humane approach through mechanisms of social interaction. Or in other words, social engineering is a technique to obtain data / information confidential by exploiting human weakness.
Keylogger is software that can record user activities. The results of the tape used to be stored in the form of text or images. Keylogger works by pounding the keyboard user. This application is able to recognize these forms as sensitive as the password form.
this technique is to take advantage of user error when typing a website address into the address bar.Phishing is an attempt to deceive the victim into thinking he is accessing a particular site, but it’s not.
4. Facing Email.
Facing an email? Yes, and very easy to do this. One way is to use mailsnarf contained in dsniff utilities. How it works is by blocking mailsnarf data packets through the Internet and compile them into an email intact.
Dsniff and mailsnift is the software works on the basis of WinPcap (equivalent to libcap on Linux) is a library that captures data packets. Captured packets are saved in a file by Windump, while Dsniff and mailsnarf went further analyze the data packets and display the password (dsniff) or email content (mailsnarf).
5. Password Cracking.
‘Hacking while sleeping.’ Was the phrase commonly used by people who do password cracking. Why? Because in general dibuthkan a long time to do password cracking. Can take hours, even days and – days! It all depends on the target, whether the target using a common password, the password has a length of an unusual character, or a combination of passwords with special characters.
6. Session Hjacking.
Session hijacking now increasingly prevalent among the attackers. Session hijacking usually done by imitation cookies. So basically, we should be able to mimic the cookies of the victim to get their login session.
7. Being a Proxy Server.
We can gather information with a proxy server for the victim to be able to surf. With a proxy server, the identity of the surfer can be ours.
8. Utilizing User Negligence In Use Browser Features.
Each browser must have features intended to ease and convenience of users in the surf. Among them is the presence of the cache and Password Manager.
Google.com. Many sites are collapsed, passwords and numbers – credit card numbers are stolen as a result of the act of those who abuse use of supernatural power, the past, it is easy to do. Just by typing in certain keywords associated with a user name and password, you can harvest hundreds of user’s password through google. But now it looks like you have to bite the fingers if you use the above manner.