3- Dictionary attack
In contrast with a brute-force attack, where all possibilities are searched through exhaustively, a dictionary attack only tries possibilities which are most likely to succeed,
typically derived from a wordlist or a dictionary. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short, single words in a dictionary, or are simple variations that are easy to predict.
A lot of people use those combinations as their password:
Name + random number
Name + date of birth
Name + !В§=)$ etc.
Family name + random number
Family name + date of birth
...
This is why collection information is important since you need to know how his full name is and the names of his family members or friends.
Maybe the name of the dog or the name of an old friend could be the solution to crack the password.
Tools:
Acccheck
https://labs.portcullis.co.uk/tools/acccheck/
Cain & Abel
https://cain-and-abel.de.malavida.com/windows/
Aircrack-ng
https://www.aircrack-ng.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4- Pwned and leaked Data
It is possible hack people with only an E-Mail through that
"Have i been pwned" allows you to search across multiple data breaches to see if your email address, old password or phone number has been compromised.
You can put in the email of the victim or even an old password of them. It will display if any of their date ever got leaked to the public due to hacked/
leaked databases and mass hacking attacks.
If you see the warning "Oh no - pwned!" You basically won because the website will display you which kind of leak lead to the password of the victm
beeing publicly avaible. You can end up downloading the leaked database on different public forums and then end up using it for yourself.
There is even one for internet bankings so try it out yourself.
533 million Facebook users' phone numbers and personal data have been leaked online. Yaho had a big ass databreach in 2017 too.
You can download all of them on random forums and hope that your victims data are one of them.
This is how it would look like if the E-Mail/ Password already got leaked.
Here are the sites for this:
Have i been pwned:
https://haveibeenpwned.com
Internet banking:
https://www.ebas.ch/have-i-been-pwned/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In contrast with a brute-force attack, where all possibilities are searched through exhaustively, a dictionary attack only tries possibilities which are most likely to succeed,
typically derived from a wordlist or a dictionary. Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short, single words in a dictionary, or are simple variations that are easy to predict.
A lot of people use those combinations as their password:
Name + random number
Name + date of birth
Name + !В§=)$ etc.
Family name + random number
Family name + date of birth
...
This is why collection information is important since you need to know how his full name is and the names of his family members or friends.
Maybe the name of the dog or the name of an old friend could be the solution to crack the password.
Tools:
Acccheck
https://labs.portcullis.co.uk/tools/acccheck/
Cain & Abel
https://cain-and-abel.de.malavida.com/windows/
Aircrack-ng
https://www.aircrack-ng.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4- Pwned and leaked Data
It is possible hack people with only an E-Mail through that
"Have i been pwned" allows you to search across multiple data breaches to see if your email address, old password or phone number has been compromised.
You can put in the email of the victim or even an old password of them. It will display if any of their date ever got leaked to the public due to hacked/
leaked databases and mass hacking attacks.
If you see the warning "Oh no - pwned!" You basically won because the website will display you which kind of leak lead to the password of the victm
beeing publicly avaible. You can end up downloading the leaked database on different public forums and then end up using it for yourself.
There is even one for internet bankings so try it out yourself.
533 million Facebook users' phone numbers and personal data have been leaked online. Yaho had a big ass databreach in 2017 too.
You can download all of them on random forums and hope that your victims data are one of them.
This is how it would look like if the E-Mail/ Password already got leaked.
Here are the sites for this:
Have i been pwned:
https://haveibeenpwned.com
Internet banking:
https://www.ebas.ch/have-i-been-pwned/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~