Hi everyone
In this post i will show you how you can hack dropbox accounts using spear pishing.Well it all started with a xss bug . The bug allowed the execution of xss present in html files uploaded in the dropbox but unfortunately many pople had reported it and it got duplicated but after patching the bug i tried something new.so here is a way how the dropbox accounts can be hacked by spear pishing.Spear pishing is a type of social engineering method in which it is difficult to spot the fake pishing links and it is used by infamous hackers group like anonymous ans SEA.
So first create an interesting pishing page and upload it to your dropbox account.You can refer my tutorial on how to make a pishing page here.
Now after you have uploaded click on that file to get the preview you will see the you file in my case it is a html file.
Now the interesting stuff starts just do inspect element on the name of the file in the frame.
After that developer tools pane will open at the bottom just see there care fully you will get the link of the original file where it is getting hosted.
The link looks some thing like this.
https://dl-web.dropbox.com/get/login.html?_subject_uid=138183567&w=AAAoxOkAU_XtXk9U8EN4RO_qPBfpXzJFh3c0WU6dRUdOqg&dl=1
Just copy it to your clip board and now you have to edit it remove the last parameters with till the &.For your ease of understanding i have posted the image you can spot the difference between the two links.
This is a preview of the pishing page
Now you are done and most of the people will not be able to detect the pishing and will become victim easily.
You can spread the malicious links to anyone by shortening it.I hope you understood it well now it is upto you how you make the pishing page more attractive and spread it.You have to be strong at javascript to make your pishing page more attractive and undetectable.Example you can upload a download page of dropbox and when the victim will click the download button a login frame will be executed saying the file is made private by the user and please login to continue.
Please like the facebook page of encyberpedia
What is Bitcoin?
ReplyDeleteBitcoin is a consensus network that enables a new payment system and a completely digital money. It is the first decentralised peer-to-peer payment network that is powered by its users with no central authority or middlemen. From a user perspective, Bitcoin is pretty much like cash for the Internet. Bitcoin can also be seen as the most prominent triple entry bookkeeping system in existence.
How much bitcoin do i have to earn with this program?
The program generates only 100 BTC only.
Is the program safe?
Yes, it is very safe to use. For more information please visit their site Bitcoin Generator tool.
Is my bitcoin wallet address will be ban if I will use this tool?
No, because this is supported by other third party program and they have passed the policy of DMCA.
Advantage(s)
- Easy to generate Bitcoin
- Automatically direct to your Bitcoin wallet address
- Hustle Free Program or Method
- Secured Program
https://easybitcoin.eu.org/ref-34xp4vRoCGJym3xR7yCVPFHoCNxv4Twseo