6:27 AM  Shubham Yadav  No comments

As a web savvy person of the modern era, you probably believe you are aware of all the potential security threats that you might come across when surfing the web. You know better than to trust that PayPal e-mail telling you to log in in 24 hours or your account will be closed, and you don't randomly download or open e-mail attachments, so you think you have the game locked up. Well, phishers have another way to get to you and your sensitive personal information. It's called click jacking.The term "clickjacking" was coined by Jeremiah Grossman and Robert Hansen in 2008. The exploit is also known as UI redressing.

So Clickjacking is a vulnerability used by an attacker to collect an infected user's clicks. The attacker can force the user to do all sort of things from adjusting the user's computer settings to unwittingly sending the user to Web sites that might have malicious code.

On a clickjacked page, the attackers show a set of dummy buttons, then load another page over it in a transparent layer. The users think that they are clicking the visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, and therefore the attackers can trick users into performing actions which the users never intended. There is no way of tracing such actions later, as the user was genuinely authenticated on the other page.

How to Prevent from Clickjacking Attacks:-

Clickjacking, put simply, is when a button, image, video, or some form of embedded content on a website is overlaid by an invisible layer that sits on top of the site underneath it.

1. Upgrade Flash Player:-Clickjacking is invisible. If you have Flash installed and you click on the wrong link, you're vulnerable.

However, Adobe's latest version of Flash is ready for the bad guys. Adobe recommends first and foremost upgrading to the latest version of Adobe Flash Player . The free upgrade adds some safeguards that will ask you for permission before granting unauthorized access to your camera, microphone, or any other data through your Flash preferences.

2. Edit Your Flash Settings:-  There are certain permissions settings that give you the control over whether to give Flash applications access to your computer. Turn them off to ensure nobody has access to your Flash settings without your permission.

3. Block Scripts From the Browser:-You can depend on some browser anti-malware technology and add-ons to prevent Flash attacks before they are even loaded. For Firefox you install the No Script Plugin.

7:06 AM  Shubham Yadav  No comments

This guest post was written by Helen Christina.
Normal 0 false false false MicrosoftInternetExplorer4 /

9:55 AM  Shubham Yadav  No comments

Hello Friends,

After a lot of request from my readers. I will coming with this Gmail password hacking tutorial. So first of all you have to know about what is Phishing? and how this Phishing Page works?

What is Phishing?                                                                                                                  Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by a fake page. i.e. in the phishing we create the fake login page which is a clone of the original page. Phishing is used for criminal activities for stealing the Username, Password,Credits Card information, Personal information etc

How the Phishing Page Works?
When a user types a Username Password in the the text box of phishing page ,The info is sent to "mail.php" which acts as a password logger and redirects the page to the original address of gmail. so that the victim does not know that yoursite is a fake/Phishing site and gets his gmail.com password hacked.

This tutorial is only for Educational purpose don’t misuse it  www.hackillusion.com will Not Hold any responsibility.

Step 1:- At this step we need to Phishing page, Download the gmail phishing page From Here.

http://www.ziddu.com/download/14215450/gmail_phishing.rar.html

After Download Extract the Phishing package, in this package there are three files.

1. Gmail.html

10:01 AM  Shubham Yadav  No comments

Hello Friends,

This post was send to me by Rakesh Kumar(Ambala). If you also want to to send your post than Contact me on Contact Us Page.

With the sudden rise in the Internet usage across the globe over the past few years, there has also been a rise in the amount of online scams and frauds. Today most of the Internet users are unaware of the most prevailing online threats which pose a real challenge for their safe Internet usage. As a result, Online Security has become a questionable factor for the most Internet users. However it is still possible to effectively combat online insecurity provided that the users are well aware of the common scams and frauds and know how to protect themselves. A study shows that over 91% of the Internet users are unaware of the online scams and are worried about their security. Well if you are one among those 91% then here is a list of 10 tips to ensure your total online security.

Always install a good antivirus software and keep it up-to-date. Also install a good anti-spyware to keep your PC away from spywares. Click Here for a list of recommended anti-spyware softwares.

Always visit known and trusted websites. If you are about to visit an unknown website, ensure that you do not click on suspectable links and banners.

Perform a virus scan on the files/email attachments that you download before executing them.

Regularly Update your operating system and browser software. For a better security it is recommended that you surf the Internet through the latest version of your browser program.

Never share your password (email, bank logins etc.) with any one for any reason. Choose a strong password (A blend of alphanumeric

9:42 PM  Shubham Yadav  No comments

Google technologies are known for their extended beta test periods -- so much so that when the search giant actually ships a finished product it's front page news. But if beta represents the salad days for a Google project, its adult life can be considerably shorter and more brutal. Consider the fate of Google Gears. Launched just four years ago, Gears officially ground to a halt last week, soon to be replaced by equivalent technology from the HTML5 specification.

Gears arrived in early 2007 amid much enthusiasm among Web developers. Its goal was to provide a means for Web browsers to maintain state between sessions, bridging the gap between the traditional desktop computing paradigm and the nascent world of cloud computing. By maintaining copies of essential data on the client PC, Gears allowed Web-based applications to remain accessible even when the PC lacked Internet connectivity.

However, there will be no more new Gears releases. Gears will never be available for the latest wave of browsers, including the just-released Internet Explorer 9 and the upcoming Firefox 4. Even Google's own Chrome browser, which has shipped with Gears built-in since its inception, will be dropping support for the technology as of version 12, due later this year.

It's tempting to interpret Gears' demise as a failure for Google, but that wouldn't be quite right. Rather, the decision to discontinue Gears can be seen as a victory in Google's drive to promote open Web standards as an application platform, and it offers telling insight into the ongoing HTML standardization process.

Leading by example
In retrospect, Google has made no secret of its plan to retire Gears. It warned developers that Gears technology would eventually be deprecated as early as December 2010. But when you read between the lines of the media coverage of Gears throughout its life cycle, it quickly becomes clear that Gears had a terminal date almost since its inception.

In 2008, about a year after Gears was launched, I interviewed Dion Almaer, who at that time worked for Google Developer Programs. Even then, Almaer made no secret of the parallel development efforts underway at Google and the W3C's HTML5 working group. "You can take a look at the HTML5 proposal that's being actively edited at the moment, and you'll see that there's a database API like Gears has a database API," Almaer said. "We very much want this to be part of the Web for everybody to use."

In fact, Almaer made no distinction between the Google Gears technology and the specification being mulled at the W3C. "We've got Gears out there," Almaer said. "We've learned a lot from actually doing this work to get it working offline. So now we can go back to the standards groups, and we can share our experience, and we can work with them to get these standards that have actually been battle-tested."

background: #EFEFEF url(https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4gOO5NcYSzeXGtnON6lQpcys6EOV-2qKPbBoXLUpZ3IzWlvY2F2mFTIGC8pcB4y05_Lrh6a0f-LsOOmptwDT25xo6QSpwf3zhTK4eXZ_CagyvitiqQTh8UYDWSsH4gkAewsJx_z5KwEY/s1600/background.png) left top repeat-x;color:#222222;font-family:Arial,Helvetica,Sans-serif;font-size:13px;margin:0px;padding:20px 0px 0px 0px;

10:07 AM  Shubham Yadav  No comments

Hello Friends,
I have to come for this post because of from last some day i received many emails from my readers all of them ask me to create phishing page for different-2 website like gmail, yahoomail, facebook, orkut, hotmail etc. So today I will share the phishing method, So that everyone will able to create phishing page as their requirements.
This tutorial is only for Educational purpose don’t misuse it  www.hackillusion.com will Not Hold any responsibility. If you are not aware with Phishing than read it first “What is Phishing and How it Works?”

Follow these steps for create phishing page for any website:-
Step 1:- First of all open the Website in your browser for which you want to create Phishing page.
Step 2:- After open of the website copy the source code of website by right click on page and save to any name with “.html” extension.
Step 3:- Now open notepad and paste the below code and change the “http://www.redirectwebsite.com” to the address which you want to redirect the user after entering of user name and password. Pass.txt is our database where the details are stores and save this file to any name with “.php” extension. Suppose we save it as hi.php.
1: