Module XIII Page | 1600 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved.. Module XIII Page | 1601 Ethical Hacking and Countermeasures v6 Copyright ©
Trang 1Module XIII Page | 1600 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
Ethical Hacking and CountermeasuresVersion 6
Module XIIIHacking Email Accounts
Ethical Hacking and Countermeasures v6 Module XIII: Hacking Email Accounts
Exam 312-50
Trang 2Module XIII Page | 1601 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Trang 3Module XIII Page | 1602 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
This module will familiarize you with:
Ways of Getting Email Account Information
Trang 4Module XIII Page | 1603 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Creating Strong PasswordsSecurity Techniques
Trang 5Module XIII Page | 1604 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Introduction
Trang 6Module XIII Page | 1605 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council
All Rights Reserved Reproduction is Strictly Prohibited
Introduction
Hacking email accounts has become a serious threat
Email accounts are the repositories where people store their private information or even their business data
Due to the widespread use of the Internet techniques and tools hacker can access the user ID and email password
Trang 7Module XIII Page | 1606 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Ways for Getting Email Account
Information
Stealing Cookies
Social Engineering
Password Phishing
Ways for Getting Email Account Information
Email account information can be extracted from an individual using many methods Hackers make use of many things that appear to be from a legitimate source that extracts the information from users Some ways for getting email account information are by:
Stealing cookies
Social engineering
Password phishing
Trang 8Module XIII Page | 1607 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
If a user’s cookie is stolen by an attacker, he/she can impersonate the user
If the data present in the cookies is not encrypted, then after stealing the cookies an attacker can see the information which may contain the username and the password
Stealing Cookies
A cookie is a small text file that is sent by the web server to a browser and stored on the user’s hard disk when user browses the website A cookie is created via Perl script, JavaScript, Active Server Pages, etc Cookies are used to authenticate and identify user to a website It has information such as user ID, user preferences, username, password, archive shopping cart information, etc
If a website uses a cookie, then first time you visit the site, the server generates the cookies and sends them to the browser Now, every time when you visit the site, the browser transfers the stored cookies to that site The website retrieves information stored on the cookie and serves the desired result The cookie can be only sent to the site that creates it If a user’s cookie is stolen by
an attacker, he/she can impersonate the user The attacker can view contents of the cookie if the data is not encrypted
Trang 9Module XIII Page | 1608 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Social Engineering
Social engineering is defined as a “non-technical kind of intrusion that relies heavily on human interaction and often involves tricking other people to break normal security procedures.”
Social engineering hackers persuade a target to provide information through a believable trick, rather than infecting a computer with malware through a direct attack
Most of the persons unwittingly give away key information in an email or by answering questions over the phone such as names of their children, wife, email ID, vehicle number and other sensitive information.
Attacker use this information for hacking email accounts
Social engineers persuade knowledge workers to provide information through a believable trick, rather than infecting a computer with malware through a direct attack
Trang 10Module XIII Page | 1609 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Password Phishing
The process of tricking user to disclose user name and password by sending fake emails or setting up fake website which mimics sign-in pages is called phishing
After gaining Username and password, fraudsters can use personal information to:
Commit identity theft Charge your credit card Clear your bank account Change the previous password
EC-Council Copyright © by
EC-Council
All Rights Reserved Reproduction is Strictly Prohibited
Fraudulent e-mail Messages
You might receive an e-mail message from bank asking for updated information
The message provides the target user with a link to a legitimate site but redirects the user to a spoofed one
That message ask for Login, password, and other sensitive information
Attacker can use this information for hacking email accounts
Trang 11Module XIII Page | 1610 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
The scammers proceeded to the second phase of the scam operation by sending millions of spam emails to members and non-members that seemed to be a warning from the “Valley National Bank” The bogus email reads, "This is an e-mail fraud attempt designed by hackers to obtain your personal information The e-mail has a link that sends you to a site similar to our Internet Branch site and requests you to supply your card information We urge you not to follow the links
or enter any account information." Finally, it was mentioned that the customers banking profile has been locked and a toll free number is given to call and unlock the profile instead of providing
a web link The customers who call the toll free number will be asked for sensitive information The consumers are caught in the trick played by the scammers as the scam is delivered in the form of a warning
Trang 12Module XIII Page | 1611 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Vulnerabilities
Trang 13Module XIII Page | 1612 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Vulnerabilities: Web Email
While using web based email service, after clicking a link present in the email body, it transfers from URL of the current page (webmail URL) to the next page (link present)
This information is transmitted through third party web servers
Information can include:
• Email address
• Login ID
• Actual name
Vulnerabilities: Web Email
When using a web-based email service, clicking a link present in the email body transfers the URL
of the current page (webmail URL) to the next page (link present) For example, suppose you are using gmail and you got a mail from hdfcbank containing a link to check your account balance After you click that link, the URL of the current page of the gmail is transferred to the hdfcbank page This information is transmitted through third-party web servers It reveals personal information stored in the web email services The information transmitted may include email address, login ID, and actual name An example showing the above is illustrated below:
Trang 14Module XIII Page | 1613 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Vulnerabilities: Reaper Exploit
The confidentiality of email can be brought down
by the micro virus like Reaper Exploit Reaper Exploit works in the background and sends a copy of reply or forwarded mails to the hacker
This exploit uses the functionality of DHTML in Internet Explorer, used by Microsoft outlook
Email clients who make use of the internet explorer as their HTML engine are vulnerable
Email scripting should be turned off, to prevent from this attack
Trang 15Module XIII Page | 1614 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Email Hacking Tools
Trang 16Module XIII Page | 1615 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Tool: Advanced Stealth Email
Redirector
This program monitors outgoing traffic
of the target PC's email client and intercepts all the messages sent from it
Intercepted emails are forwarded to a pre-specified email address
Advanced SER does not intercept emails sent from web-based email services like www.yahoo.com, www.hotmail.com etc
Tool: Advanced Stealth Email Redirector
Trang 17Module XIII Page | 1616 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Tool: Mail PassView
• Outlook Express
• Microsoft Outlook 2000 (POP3 and SMTP Accounts only)
• Microsoft Outlook 2002/2003/2007 (POP3, IMAP, HTTP and SMTP Accounts)
• Windows Mail
• Netscape 6.x/7.x
• Mozilla Thunderbird
• Group Mail Free
• Yahoo! Mail - If the password is saved in Yahoo! Messenger application
• Hotmail/MSN mail - If the password is saved in MSN Messenger application
• Gmail - If the password is saved by Gmail Notifier application, Google Desktop, or by Google Talk
Mail PassView is a small password-recovery tool that reveals the passwords and other account details for the following email clients:
Tool: Mail PassView
Source: http:// www.nirsoft.net/
Mail PassView is a small password-recovery tool that reveals the passwords and other account details for the following email clients:
Outlook Express
Microsoft Outlook 2000 (POP3 and SMTP Accounts only)
Microsoft Outlook 2002/2003/2007 (POP3, IMAP, HTTP, and SMTP Accounts)
Windows Mail
Netscape 6.x/7.x
Mozilla Thunderbird
Group Mail Free
Yahoo! Mail - If the password is saved in Yahoo! Messenger application
Hotmail/MSN mail - If the password is saved in MSN Messenger application
Gmail - If the password is saved by Gmail Notifier application, Google Desktop, or by Google Talk
Trang 18Module XIII Page | 1617 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Tool: Email Password Recovery
Tool: Email Password Recovery Master
Source: http://www.rixler.com/
Email Password Recovery Master lets users recover email account passwords that have been cached by popular email clients It provides a friendly interface that makes it simple to recover passwords Basically, users will only need to start the program and it’ll retrieve passwords automatically and display them instantly With a unique recovery algorithm, Email Password Recovery Master is able to recover all passwords, regardless of their length or complexity
Email Password Recovery Master is a program that displays logins and passwords for email accounts stored by: Eudora, The Bat!, Becky, IncrediMail, Gmail Notifier, Group Mail Free, PocoMail, Forte Agent, Mail.Ru Agent, and Scribe
Trang 19Module XIII Page | 1618 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Tool: Mail Password
Mail Password is a universal password recovery tool for POP3 email accounts
It recovers all POP3 email logins and passwords stored on your computer by your email software
Mail Password emulates a POP3 server and the E-mail client returns the password
It supports all email programs, including Outlook, Eudora, The Bat!
to recover lost email passwords Mail Password emulates a POP3 server and the e-mail client returns the password As a result, Mail Password supports all email programs There are two limitations:
1 Mail Password does not recover passwords to web-based email accounts, such as Hotmail, Yahoo!, usa.net, etc
2 Mail Password is intended to recover your passwords only It just extracts passwords stored on your computer
Trang 20Module XIII Page | 1619 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council
All Rights Reserved Reproduction is Strictly Prohibited.
EC-Council All Rights Reserved Reproduction is Strictly ProhibitedCopyright © byEC-Council
Email Finder Pro
Email Finder Pro extracts business emails from a file or a directory containing files
Fast and simple email address extraction utility
Tool: Email Finder Pro
Source: http://www.emailarms.com
Email Finder Pro is the simplest way to extract business emails from a file or a directory containing files You can use any common types of files and feed them to Email Finder Pro It quickly grabs all the email addresses from the files you provided and creates a list of emails that you can feed to a mass mailing program like Advanced Emailer