A Quick Guide To Selection Sorting



In this Article I'll tell you about Selection Sort
Selection sort is that type of sorting in which smallest element of a list is searched and then this number is swapped with the first element of the list and then second smallest element is searched in the list and is swapped with the second element of the list and so on i,e this "thingy" thing continues on till n-1 times (where 'n' is the number of terms).
COMPLEXITY:-
Complexity of Selection sort is O(n^2) in best case as well as in worst case.

Well selection sort is not a good sorting algorithm which you can see even from the complexity of selection sort because selection sort performs same number of comparisons even in the best case as in the worst case. Which makes it very slow.
Pseudo-code:-
sort(Arr)
for i = 0 to n-1
smallest = location of smallest number from Arr[i] to Arr[n-1]
swap Arr[i] with Arr[smallest]

/*C Program: Implementation of Selection Sort*/
#include<stdio.h>
void swap(int a[], int i, int j){
    int tmp = a[i];
    a[i] = a[j];
    a[j] = tmp;
}
void selectionSort(int a[], int l, int h){
   for(int i=l; i<h; i++){
     int small  = i;
     for(int j=i+1; j<=h; j++){
       if(a[j] < a[i]) small = j;
     }
     swap(a,i,small);
   }
}
int main(void) {
   int arr[10], n;
   printf("Enter Size of Array: ");
   scanf("%d", &n);
   printf("Enter %d elements:\n", n);
   for(int i=0; i<n; i++) scanf("%d", &arr[i]);
   selectionSort(arr, 0, n-1);
   printf("Sorted Array is as:\n");
   for(int i=0; i<n; i++) printf("%d ", arr[i]);
   printf("\n");
   return 0;
}

More information


Amnesia / Radiation Linux Botnet Targeting Remote Code Execution In CCTV DVR Samples


Reference

Amnesia / Radiation botnet samples targeting Remote Code Execution in CCTV DVR 







Download

             Other malware







Hashes


MD5SHA256SHA1
74bf554c4bc30d172cf1d73ac553d76606d30ba7c96dcaa87ac584c59748708205e813a4dffa7568c1befa52ae5f03743c40221177383da576b11a0b3f6b35d68a9cde74
5dd9056e5ab6a92e61822b6c04afd34610aa7b3863f34d340f960b89e64319186b6ffb5d2f86bf0da3f05e7dbc5d9653c865dd67853a24fd86ef74b05140827c1d5fd0bd
2b486466f4d3e30f7b22d0bc76cb68f9175fe89bbc8e44d45f4d86e0d96288e1e868524efa260ff07cb63194d04ea575ed62f6d1588bea33c20ababb42c02662d93d6015
3411bb2965f4c3d52c650aff04f48e521d8bc81acbba0fc56605f60f5a47743491d48dab43b97a40d4a7f6c21caca12a1e0281178b4a9d8dec74f50a7850867c87837435
34f915ac414e9aad2859217169f9a3aa2f9cd1d07c535aae41d5eed1f8851855b95b5b38fb6fe139b5f1ce43ed22df22d66f1e47c983a8d30ad7fd30cd08db8cd29a92b0
59e08f2ce1c3e55e2493baf36c1ad3c6327f24121d25ca818cf8414c1cc704c3004ae63a65a9128e283d64be03cdd42e90d45b81e9a97ddcc9911122f4e8fd439ccc8fa9
f4bc173bf80d922da4e755896af0db6137b2b33a8e344efcaca0abe56c6163ae64026ccef65278b232a9170ada1972affab32f8c3ce3a837e80a1d98ada41a5bf39b01e7
a253273e922ce93e2746a9791798e3fe3a595e7cc8e32071781e36bbbb680d8578ea307404ec07e3a78a030574da8f9699cfdec405f6a9f43d58b1856fce7ca3445395d3
335e322c56278e258e4d7b5e17ad98e64313af898c5e15a68616f8c40e8c7408f39e0996a9e4cc3e22e27e7aeb2f8d54504022707609a0fec9cbb21005cb0875be2a4726
93522e5f361a051f568bd1d74d901d3046ea20e3cf34d1d4cdfd797632c47396d9bdc568a75d550d208b91caa7d43a9be7fc96b2a92888572de2539f227c9a6625449f83
c86af536d87c1e5745e7d8c9f44fd25d4b0feb1dd459ade96297b361c69690ff69e97ca6ee5710c3dc6a030261ba69e06ef69a683913ae650634aedc40af8d595c45cb4f
90c7c5e257c95047dbf52bbfbe011fd64db9924decd3e578a6b7ed7476e499f8ed792202499b360204d6f5b807f881b81c3a9be6ae9300aaad00fb87d5407ed6e84ec80b
7c0528e54b086e5455ef92218ea23d035e6896b39c57d9609dc1285929b746b06e070886809692a4ac37f9e1b53b250c868abc912ff2fdcd733ff1da87e48e7d4c288a73
6405b42d2c7e42244ac73695bb7bfe6b64f03fff3ed6206337332a05ab9a84282f85a105432a3792e20711b920124707173aca65181c8da84e062c803a43a404ad49302d
6441157813de77d9849da5db9987d0bb6b2885a4f8c9d84e5dc49830abf7b1edbf1b458d8b9d2bafb680370106f93bc392dff9bdb31d3b9480d9e5f72a307715859dd094
614ea66b907314398cc14b3d2fdebe796b29b65c3886b6734df788cfc6628fbee4ce8921e3c0e8fc017e4dea2da0fd0bc7e71c42d391f9c69375505dbf3767ba967f9103
00fe3120a666a85b84500ded1af8fb61885dce73237c4d7b4d481460baffbd5694ab671197e8c285d53b551f893d6c09342ed67e08d16ab982a4012fcecdca060a5da46b
5477de039f7838dea20d3be1ae249fcb886136558ec806da5e70369ee22631bfb7fa06c27d16c987b6f6680423bc84b05b19202b45e5a58cadec8c2efa40fd924b64177d
91bf10249c5d98ea6ae11f17b6ef09708f57ec9dfba8cf181a723a6ac2f5a7f50b4550dd33a34637cf0f302c43fd0243682dab9ec3ff0b629cce4e16c9c74171dd2551d4
fb0a7e12d2861e8512a38a6cdef3ddf09351ee0364bdbb5b2ff7825699e1b1ee319b600ea0726fd9bb56d0bd6c6670cbc077c490bb22df9886475dc5bedfc6c032061024
9b7f5a1228fa66cbd35e75fb774fdc8e9c7a5239601a361b67b1aa3f19b462fd894402846f635550a1d63bee75eab0a2ae89bc6c5cc1818b3136a40961462327c3dececc
5b97d54dc5001eb7cf238292405070a6a010bf82e2c32cba896e04ec8dbff58e32eee9391f6986ab22c612165dad36a096d2194f5f3927de75605f6ca6110fe683383a01
642f523bb46c2e901416047dca1c5d4ead65c9937a376d9a53168e197d142eb27f04409432c387920c2ecfd7a0b941c8bbf667213a446bc9bc4a5a2e54e7391752e3a9b8
c617655312c573ecb01d292b320fff2eaeb480cf01696b7563580b77605558f9474c34d323b05e5e47bf43ff16b67d6ade102a6f35e08f18aa0c58358f5b22871eb0a45f
c8835a3d385162ae02bd4cb6c5ebac87b113ec41cc2fd9be9ac712410b9fd3854d7d5ad2dcaac33af2701102382d5815831eb9cf0dcd57a879c04830e54a3b85fe5d6229
1497740fa8920e4af6aa981a5b405937b13014435108b34bb7cbcef75c4ef00429b440a2adf22976c31a1645af5312528d6b90f0b88b1ad5dcc87d377e6a82dc6ac64211
5e925e315ff7a69c2f2cf1556423d5afb3d0d0e2144bd1ddd27843ef65a2fce382f6d590a8fee286fda49f807471154564fe900b3a2b030c28211404afa45703c6869dea
951ec487fb3fece58234677d7fe3e4dcbdefa773e3f09cdc409f03a09a3982f917a0cc656b306f0ece3dd1a2564a87720b03d9471522590530dd90ad30b2d235ec98b578
3e84998197fc25cbac57870e3cdeb2dec03b403d5de9778a2ec5949d869281f13976c2fc5b071e0f5f54277680c809020b9eb6d931dc6b226a913e89bb422f58228de0d0
c3a73d24df62057e299b6af183889e6bcb2382b818993ef6b8c738618cc74a39ecab243302e13fdddb02943d5ba794836a683ef6f7653e5ee64969cbbbe4403601ae9ded
d428f50a0f8cd57b0d8fe818ace6af20ce61dcfc3419ddef25e61b6d30da643a1213aa725d579221f7c2edef40ca2db39bd832256b94e43546dfb77532f6d70fcd1ce874
e1d6d4564b35bb19d2b85ca620d7b8f2d0bda184dfa31018fe999dfd9e1f99ca0ef502296c2cccf454dde30e5d3a9df9c1af00d3263893b5d23dbf38015fe3c6a92cefaf
e9502ae7b0048b9ea25dd7537818904ce7d6b3e1fba8cdf2f490031e8eb24cd515a30808cdd4aa15c2a41aa0016f80820e080ac0130ab3f7265df01b8397e4abd13c38cb
8eb34e1fb7dd9d9f0e1fef2803812759eb54dc959b3cc03fbd285cef9300c3cd2b7fe86b4adeb5ca7b098f90abb55b8a5310a99f0f8c92bfa2f8da87e60c645f2cae305a
ca0fc25ce066498031dc4ca3f72de4b8f23fecbb7386a2aa096819d857a48b853095a86c011d454da1fb8e862f2b45837f4d97eea294fc567b058b09cc915be56c2a80e1
5a2fcfff8d6aab9a0abe9ca97f6093edf6af2fa4f987df773d37d9bb44841a720817ce3817dbf1e983650b5af9295a16f4ddf49fbf23edb23f50be62637a4a688e352057
ed98e8fa385b39ca274e0de17b1007e6f7a737cb73802d54f7758afe4f9d0a7d2ea7fda4240904c0a79abae732605729a69d4c2b88bfe3a06245f8fbfb8abe5e9a894cec
320db5f1230fcfe0672c8515eb9ddcfcf7cf1e0d7756d1874630d0d697c3b0f3df0632500cff1845b6308b11059deb078d40dbf34a02dd43a81e5cdc58a0b11bfa9f5663
18d6af9211d0477f9251cf9524f898f3f97848514b63e9d655a5d554e62f9e102eb477c5767638eeec9efd5c6ad443d8b0e76be186fd609d5a8a33d59d16ffa3bdab1573

Continue reading
  1. Hacking Team
  2. Hacking With Swift
  3. Hacking 2019
  4. Hacking Music
  5. Hacking Prank
  6. House Hacking
  7. Hacking-Lab
  8. Como Aprender A Hackear Desde Cero
  9. Hacking Significado
  10. Libro Hacking Etico
  11. Hacking Linkedin

SANS SEC575 Mentor Class

Hi everyone,

Great news! I will be mentoring SANS 575: Mobile Device Security and Ethical Hacking in Luxembourg on Thursday evenings 18:00-20:00, starting from January 15, 2015.

Mentor classes are special, 10 week-format SANS classroom sessions that give the students time to absorb and master the same material with the guidance of a trained security professional.

Students receive all the same course materials used at SANS conferences and study at a more leisurely pace, so students will have:
  • Hardcopy set of SANS course books
  • Mentor Program study materials
  • Weekly Mentor led sessions
Prior to the weekly Mentor-led classroom sessions, students study SANS course material at their own pace. Each week, students meet with other professionals in their hometown area and the SANS mentor, who leads topical discussions pointing out the most salient features of the weekly material studied, provides hands-on demonstrations, and answer questions. The Mentor's goal is to help student's grasp the more difficult material, master the exercises, demonstrate the tools and prepare for GIAC certification.

On SANS SEC575, we will learn about mobile device infrastructures, policies and management, we will see the security models of the different platforms, like the data storage and file system architecture. We will also see how to unlock, root and jailbreak mobile devices in order to prepare them for data extraction and further testing. In the second half of the course, we will learn how to perform static and dynamic mobile application analysis, the usage of automated application analysis tools and how to manipulate application behavior. Last but not least, we will see how to perform mobile penetration testing that includes fingerprinting mobile devices, wireless network probing and scanning, attacking wireless infrastructures, using network manipulation attacks and attacks against mobile applications and back-end applications.

For more info, here is the link for the class: http://www.sans.org/mentor/class/sec575-luxembourg-15jan2015-david-szili
My Mentor bio: http://www.sans.org/mentor/bios#david-szili 

Information on the class, special discounts and applying for the class: szili_(dot)_david_(at)_hotmail_(dot)_com

Additional info can be also found at: https://www.sans.org/mentor
Some special price is also available for this course. A few examples: http://www.sans.org/mentor/specials

Best regards,
David

Such low price. Very SANS. Much learning. Wow!

Related posts

Top 5 Best TV Series Based On Hacking & Technology 2018

Best TV Series Based On Hacking & Technology 2018

Top 5 Best TV Series Based On Hacking & Technology 2018

Top 5 Best TV Series Based On Hacking And Technology 2018

Well, if you are a tech fanatic then you will love watching TV shows which are based on hacking and technology. If you are a tech geek, then you will know that hacking stuff in movies/serials always generates glamor and mystery and adds that special oomph factor to the movie or Tv SHOW.
However, there are not much movies/ or TV serials made on hacking and technology. Technology is rapidly becoming the key point in human lives. The previous year we have seen how hackers had made their marks on giant companies. So, in this article, we are going to discuss top TV shows which have to hack as the central theme. So, have a look at the list.

#1 Mr. Robot

Mr. Robot: Best TV Series Based On Hacking & Technology 2018
Mr. Robot: Best TV Series Based On Hacking & Technology 2018
Well, the reason why I listed Mr. Robot on the top is because this show has millions of followers and this is the first show that portrays an elite hacker. The elite hacker group uses computers, smartphones and many other technologies to penetrate secure network to take down evil corporation while being anonymous. The show displays the life of a young programmer named Elliot who works as a cyber-security engineer and a vigilante hacker by night.

#2 Silicon Valley

Silicon Valley
Silicon Valley
This TV series displays the tech and hacking with a bit of comic touch. The series shows the competition between techies in the high-tech gold rush of modern Silicon Valley. What's more interesting is the people who are more qualified are least successful whereas underdogs are making it big. This show is running successfully for three years now.

#3 The IT Crowd

The IT Crowd
The IT Crowd
The IT Crowd is very popular series and is running successfully for eight years from 2006 to 2013. It is not like Mr.Robot it has its moments of hacks. The series shows the comedic adventures of a rag-tag group of technical support workers at a large corporation.

#4 Person Of Interest

Person Of Interest
Person Of Interest
It is one of the best TV series made till now. You will get to see the humor, twists, and lots of other things. In this show and intelligent programmer built and AI (Artificial intelligence) that helps to stop the crimes in the city. The show will definitely give you chills.

#5 Chuck

Chuck: Best TV Series Based On Hacking & Technology 2018
Chuck: Best TV Series Based On Hacking & Technology 2018
The TV series was somehow popular and ran from 2007 to 2013. The show shows the character of a young hacker and nerd who accidentally downloads US Govt, secrets into his brain and there is where the story starts CIA and NSA agents protect him and at the same time exploit him.

Related posts

TERMINOLOGIES OF ETHICAL HACKING

What is the terminologies in ethical hacking?

Here are a few key terms that you will hear in discussion about hackers and what they do:


1-Backdoor-A secret pathway a hacker uses to gain entry to a computer system.


2-Adware-It is the softw-are designed to force pre-chosen ads to display on your system.


3-Attack-That action performs by a attacker on a system to gain unauthorized access.


4-Buffer Overflow-It is the process of attack where the hacker delivers malicious commands to a system by overrunning an application buffer.


5-Denial-of-Service attack (DOS)-A attack designed to cripple the victim's system by preventing it from handling its normal traffic,usally by flooding it with false traffic.


6-Email Warm-A virus-laden script or mini-program sent to an unsuspecting victim through a normal-looking email message.


7-Bruteforce Attack-It is an automated and simplest kind of method to gain access to a system or website. It tries different combination of usernames and passwords,again & again until it gets in from bruteforce dictionary.


8-Root Access-The highest level of access to a computer system,which can give them complete control over the system.


9-Root Kit-A set of tools used by an intruder to expand and disguise his control of the system.It is the stealthy type of software used for gain access to a computer system.


10-Session Hijacking- When a hacker is able to insert malicious data packets right into an actual data transmission over the internet connection.


11-Phreaker-Phreakers are considered the original computer hackers who break into the telephone network illegally, typically to make free longdistance phone calls or to tap lines.


12-Trojan Horse-It is a malicious program that tricks the computer user into opening it.There designed with an intention to destroy files,alter information,steal password or other information.


13-Virus-It is piece of code or malicious program which is capable of copying itself has a detrimental effect such as corrupting the system od destroying data. Antivirus is used to protect the system from viruses.


14-Worms-It is a self reflicating virus that does not alter  files but resides in the active memory and duplicate itself.


15-Vulnerability-It is a weakness which allows a hacker to compromise the security of a computer or network system to gain unauthorized access.


16-Threat-A threat is a possible danger that can exploit an existing bug or vulnerability to comprise the security of a computer or network system. Threat is of two types-physical & non physical.


17-Cross-site Scripting-(XSS) It is a type of computer security vulnerability found in web application.It enables attacker to inject client side script into web pages viwed by other users.


18-Botnet-It is also known as Zombie Army is a group of computers controlled without their owner's knowledge.It is used to send spam or make denial of service attacks.


19-Bot- A bot is a program that automates an action so that it can be done repeatedly at a much higher rate for a period than a human operator could do it.Example-Sending HTTP, FTP oe Telnet at a higer rate or calling script to creat objects at a higher rate.


20-Firewall-It is a designed to keep unwanted intruder outside a computer system or network for safe communication b/w system and users on the inside of the firewall.


21-Spam-A spam is unsolicited email or junk email sent to a large numbers of receipients without their consent.


22-Zombie Drone-It is defined as a hi-jacked computer that is being used anonymously as a soldier or drone for malicious activity.ExDistributing Unwanted Spam Emails.


23-Logic Bomb-It is a type of virus upload in to a system that triggers a malicious action when certain conditions are met.The most common version is Time Bomb.


24-Shrink Wrap code-The process of attack for exploiting the holes in unpatched or poorly configured software.


25-Malware-It is an umbrella term used to refer a variety of intrusive software, including computer viruses,worms,Trojan Horses,Ransomeware,spyware,adware, scareware and other malicious program.


Follow me on instagram-anoymous_adi

Related links


  1. Growth Hacking Courses
  2. Hacking Madrid
  3. Que Es El Hacking
  4. Travel Hacking
  5. Aprender A Ser Hacker
  6. Hacking To The Gate

12 Ways To Hack Facebook Account Passwords And Its Proeven Tion Techques 2020

        12 Ways to hack facebook accounts         

"Hack Facebook" is one of the most searched and hot topics around the Internet, like Gmail hacker. We have prepared a detailed list of how hackers can hack someone's Facebook account easily in just a few minutes and how can we prevent the same.

Being a FB white hat hacker, I get following questions frequently from people:

  • Can you refer any reliable Facebook hacker? (After me denying their hacking request ๐Ÿ˜› )
  • Is there any online FB cracker tool?
  • Where can I get FB hacking software?
  • Is there any free password finder?
  • How can I hack someone's Facebook account easily?

To the best of my knowledge, there is no hacking tool. You won't be able to find it anywhere. However, you will find many websites claiming that they are providing free hack tool (either online or offline), but you cannot download the password file without completing a survey. Even after going through a tiresome process of completing a survey, you would have got nothing in the endThese things are posted only with the intention of making money. Don't waste your precious time in searching such hack tool.


If you want to know how hackers can hack someone's FB account, please go ahead and read the techniques listed below. The most successful method among all of these techniques is phishing. Phishing enables someone with no or little technical knowledge to hack account's password easily in just a few minutes.

Some of the techniques listed below are not applicable only to FB but also to all daily used internet websites, such as Google, Twitter, Yahoo etc.

You won't be vulnerable to hacking if you understand how hacking works

This article is written with the aim of educating people about how hacking works and how should they prevent it. Please don't use these techniques for malicious purposes.

1 Phishing

Phishing is the most common technique used for hacking FB passwords. It is very easy for someone who is having little technical knowledge to get a phishing page done. That is why phishing is so popular. Many people have become a victim of Phishing page due to its trustworthy layout and appearance.

How does phishing work?

In simple words, phishing is a process of creating a duplicate copy of the reputed website's page with the intention of stealing user's password, or other sensitive information like credit card details. In our topic, it means creating a page which perfectly looks like FB login page but in a different URL like fakebook.com, or faecbook.com, or any URL that pretends to be legit. When a user lands on such a page, he/she may think that is the real Facebook login page, asking him/her to provide his/her username and password. So, the people who do not find phishing page suspicious are going to enter their username & password. The password information will be sent to the hacker who created the phishing page. At the same time, the victim gets redirected to original FB page.

 

Example: John is a programmer. He creates an FB login page with some scripts that enable him to get the username and password information. John puts this fake login page in https://www.facebouk.com/make-money-online-tricks. Peter is a friend of John. John sends a message to Peter, "Hey Peter, I have found a free trick to make money online, you should definitely take a look at https://www.facebouk.com/make-money-online-tricks-free". Peter navigates to the link and see a FB login page. As usual, Peter enters his username and password on it.

The hacking part

The username and password of Peter is sent to John and Peter is redirected to a money making tips page https://www.facebouk.com/make-money-online-tricks-tips-free.htmlThat's all; Peter's Facebook account is hacked.

Please note that phishing is done by a third person through emails; that is how it happens most of the time. So always beware of phishing emails, else you may lose your Facebook account, or credit card details, or any other sensitive data. Learn more about phishing.

How can you protect yourself against online FB phishing?

Hackers can reach you in many ways; email, personal messages, FB messages, website ads etc. Clicking any links from these messages will lead you to a FB login page. Whenever you find an FB login page, you should note only one thing which is URL. Because nobody can spoof/use Facebook URL except when there are some XSS zero-day vulnerabilities, but that's very rare.

  1. What is the URL you see in browser address bar? 
  2. Is that really https://www.facebook.com/ (Trailing slash is very important since it is the only separator in Google chrome to distinguish domain and subdomain. Check out the below examples to know the difference)? 
  3. Is there a green color secure symbol (HTTPS) provided in the address bar?

Bearing these questions in mind should prevent you from the hacking of online phishing pages. Also, see the below examples of phishing pages.

Some super perfect phishing pages

Facebook Perfect Phishing Page
Phishing Page – Note the misleading URL

Most of the people won't suspect this page (snapshot given above) since there is an https prefix with a green color secure icon and also there is no mistake in www.facebook.com. But, this is a phishing page. How? Note the URL correctly. It is https://www.facebook.com.infoknown.com. So, www.facebook.com is a sub-domain of infoknown.com. Google Chrome does not differentiate the sub-domain and domain, unlike Firefox does.

One can obtain SSL Certificates (HTTPS) from many online vendors. A few vendors give SSL Certificate for Free for 1 year. It is not a big deal for a novice to create a perfect phishing page like the one given above. So, beware of it.

Phishing Someone's Facebook Account Password
Phishing Page – Note the misleading URL.

This is a normal FB Phishing page with some modification in the word Facebook.


2 Social Engineering

This is the second most common technique for hacking Facebook accounts. In fact, this method shouldn't come under Hacking, since much knowledge is not required for this method. I am listing this method under hacking to ensure the list of most common techniques used for FB account hacking in their respective order. Social engineering is basically a process of gathering information about someone, whose account you need to hack. The information may be his/her date of birth, mobile number, boyfriend/girlfriend's mobile number, nickname, mother's name, native place etc.

How does Social Engineering work?

Security Question

Facebook-Social-Engineering-Security-Question
FB-Social-Engineering-Security-Question

Many websites have a common password reset option called Security Question. Most common security questions are :

What is your nickname?

Who is your first-grade teacher?

What is your native place?

or


Any custom questions defined by the user.

Obtaining such information from the respective people may let us hack into their account. So, if anyone comes to know the answer to it, they will be able to hack your account using forgot password option.

Most Common and Weak Passwords

Security Question does not let you get into others FB account easily. But, setting a weak password could easily allow any of your friends to hack your account.

What is a weak password? 

A password that is easily guessable by a third person is known as a weak password.

Most common passwords
  • Mobile Number
  • Nickname / Name and Date of Birth Conjunction
  • Boy Friend's Mobile Number / Girl Friend's Mobile Number – Most of the lovers ๐Ÿ˜›
  • Girl Friend's / Boy Friend's Name – Most of the lovers ๐Ÿ˜›
  • Boy or Girl Friend Name Combination
  • Bike Number
  • Unused / Old Mobile Number
  • Pet Name
  • Closest Person Name (can be friends too)

Now, be honest and comment here if you are one of the people who have any one of the common passwords mentioned above. Please don't forget to change your password before making a comment ๐Ÿ˜‰

How can you protect yourself from Social Engineering? 

Security Question

Don't have a weak or familiar security question/answer. Therefore, it should be known only to you. You can set your security question here. Fortunately, Facebook has a lockout period of 24 hours before giving access to the one who successfully answered the security question, meaning that the hacker cannot enter into your account until 24 hours. So you can prevent the hacking attempt by logging in to your account in the 24 hours lockout period.

Additionally, FB provides an option called "Login Alerts" under Facebook Security Settings. You should add your mobile or email there to get notified whenever your account is logged in to a new or unknown device.

Most Common and Weak Passwords

It is very simple. Change your password now if you have any one of the weak passwords stated above.


You might also be interested in hacking facebook fan page article

3 Plain Password Grabbing

insecure-plain-password-grabbing
This is another common method used to steal Facebook user's password. Most people are unaware of this method, but traditional hackers use this method to hack user accounts.

How does Plain Password Grabbing works? 

In this method, the Facebook hacker targets a particularly low-quality website, where the victim is a member and hacks their database to get the stored plain username & password of victim.

How could the hacker/attacker get access to Facebook?

Many of us use the same password for FB and also for some poor xyz.com. So, it is easy for a hacker to get your password through the low-quality poorxyz.com.

In another scenario, the hacker/attacker creates a website with the intention of getting victim's password, so when the victim registers his/her account using email and creates a password, those details will get stored in the database of the hacker/attacker. Thus hacker gets access to victim's account.

Common people, who use same email and password for these kinds of low-quality websites, may end up losing their Facebook account.

How can you protect yourself from Facebook Plain Password Grabbing? 

You should never trust the third party low-quality websites. Even passwords of popular websites, like LinkedIn, are insecure and vulnerable to hacking. So, never and ever trust the third party low-quality websites.


Most of the website developers are storing plain passwords in their database without even thinking about encryption or security. This makes Facebook hackers' job easy since the password is in plain text format.

Best way to prevent this method is to have a unique password at least for websites that you really trust. Don't use your FB password for any other website/portal, so your password will be safe .


4 Key Logger

Facebook-Hacking-Key-Loggers
A keylogger is a software tool used to record keystrokes on a computer or mobile device. This, in turn, records everything you type using your keyboard and store it for use. Generally, keyloggers are installed as application software in operating systems to track keystrokes, but there are hardware keyloggers as well.

Hardware keyloggers also are known as physical keyloggers attached to a computer in a USB port records everything before it sends the keyboard data to the computer. There are various mobile keyloggers, that perform the same action on various operating systems.

How Key Logging works?

All keyloggers run in the background (except trial versions) and won't be viewable to users until you know the keylogger password and shortcut used to view it. It will record all the keys pressed and give you a detailed report of when and what keys are used for what application – Simply, a clean report to identify passwords.

Anyone who is reading the keylogger logs is able to see the Facebook password or any passwords and sensitive information typed, like credit cards, bank username, password etc. Whenever you log in to a public computer, there are chances to lose your Facebook password to someone else.

Hardware keyloggers are identifiable in case of your personal computer but are hard in case of public computers.

In another scenario, your friend/colleague/neighbor could ask you to log in using their computer as a help. If their intention is to get your password, then you are most likely to lose your Facebook account to the hacker.

Nowadays, many people are using mobile keyloggers. It enables to track the keypad of mobile. So, any sensitive information typed on the mobile keypad is vulnerable to hacking.

How can you protect yourself from Key Logging?

You need not be afraid of keyloggers when you use your personal computer since you are the only one who is going to access it. But, whenever you use any public computer or your friend's computer, you should not trust it.

I always suggest my friends use On-Screen Keyboard whenever they are in need to type a password. Also, please make sure that nobody is checking your screen when you type your password because your screen would expose what you had typed. In windows, there is an inbuilt tool called On-Screen Keyboard that helps us to select keys using the mouse.

You can open OSK by using the Run dialog box. Winkey + R to open Run dialog box, type OSK and then press Enter. Nowadays, many banking portals provide a screen keyboard in the browser itself. So, please make use of it whenever you are surfing on public computers. On-Screen Keyboard helps even when hardware keyloggers are installed.

Never use third-party mobile keypad apps unless you really trust the publisher because the app may track all of your keystrokes and send it to the publisher.


5 Browser Extension Hacker

This method doesn't let the Facebook hacker/attacker gain complete access to your Facebook account, however, gives some power to control your account indirectly. I've seen multiple Google Chrome and Firefox add-ons, which secretly perform actions, like following a person, like a page on behalf of your Facebook profile, etc.

How Browser extension hack works?

When you visit some malicious websites or web pages, you will be prompted to install a browser add-on. Once you install the add-on, it will perform all the tasks described by the hacker or attacker who created it. Some primary actions are posting status updates on your wall, liking an FB page, following a person, adding you to some Facebook groups, inviting your friends to like a page, or join a Facebook group etc. You may not know these things happening on your FB account until you check your Facebook activity log periodically.

How can you prevent browser extension Facebook hack?

You should monitor your activities using Activity Log. You must not trust any third party websites prompting you to add a browser extension. Install add-on only from the browser store, that too only from trusted publishers. Why should you risk your account if you don't know the publisher or intention of the add-on? Therefore, always stay away from these malicious browser extensions.


6 Malicious Application Hack

Always remember that all the apps you use on Facebook are owned by third-party publishers and not by Facebook. Of course, there are a few exceptions like Instagram. A malicious application, which is requesting your permission, will do almost all kind of spam stuff on your Facebook profile.

How malicious application hack works?

Whenever you find Login using the Facebook option on any website, you should come to know that it is a third party Facebook application not owned by Facebook. When you click Login using Facebook, you will be shown a permission dialog box with the requested permission details. Once you click okay button, the requested personal details can be accessed from FB or the requested actions can be performed in your FB account on your behalf.

What could a third party application do on your Facebook account?

  • Post photos and status update
  • Share link to your timeline or to any group you belong
  • Manage your page
  • Post on behalf of you on the Facebook pages you own
  • Access your personal information
  • Access your photos including "Only me" privacy photos; sometimes they can further access your mobile photos using a Facebook vulnerability like the one I found (Don't worry, it's completely fixed now ๐Ÿ˜‰ ).

These are just examples of what can be done. What if the application you are using is malicious? It could spam your Facebook account with a bunch of worthless contents.

How can you prevent yourself from malicious application hack?

You should always beware of what permissions you give to a Facebook application even though FB is reviewing application's permission requests. Don't give permission to an application if you don't trust the website or application.

Facebook-third-party-application-dialog-box
FB Application Permission Dialog Box

You can edit the information that you give to an application in the permission dialog box (snapshot given above). Also, you should review the applications that have access to your Facebook account here if you think you had given access to malicious applications.


7 Facebook Account Hacker Software 

You might have seen or downloaded many Facebook account hacker software, but none of them could truly hack Facebook password. Hacking your Facebook password instead of the target user is what it actually does.

How does Facebook account hacker software work?

People who try to hack Facebook account usually download software that is available on various websites. The software will collect the victim's password (the one who downloaded this software) as soon as it is opened or installed. Some software prompt you to enter Facebook username and password. They will store your password in their database collection of passwords. Few other software gain administrative privilege from you to install background keylogger to get your keystrokes including the Facebook password.

How can you prevent yourself from Facebook hacking software?

Don't trust Facebook hacking software. There is no real hacking software available on the Internet as I had said earlier.


8 Malicious Mobile Application 

There are a lot of mobile applications that secretly steal Facebook access token from your mobile device. Facebook mobile app functions through API, where access-token stored in your mobile's internal memory is used for authentication.  It is more like your username and password. So, if someone steals your access-token, then he/she is likely to have full access to your Facebook account.

How malicious mobile application software works?

Facebook Application Interface do not require username or password every time to get user data. It just needs secret access-token to retrieve user's data. Facebook mobile app stores the access token in mobile's memory. The app's part of the memory is accessible only to the respective application. Mobile apps that have administrative privilege can access other app's data. For example, gaining admin privilege in a rooted android phone could allow an application to steal your access token. A hacker can do a lot of malicious things if he/she gets your access token.

How can you prevent yourself from malicious mobile applications?

  • Install mobile apps only from trusted publishers.
  • Don't root your mobile device.
  • Logout Facebook from your mobile device frequently to get your access token expired.
  • Change your Facebook password frequently.

9 Browser Vulnerabilities 

browser-vulnerabilities-fb-facebook-hack
Browser Vulnerabilities are security bugs, which exist in older versions of mobile and desktop browsers.

How does browser vulnerabilities work on Facebook hacking?

Most browser vulnerabilities are exploited through an older version of the browser since all the zero days are patched by browser vendor once it is reported by researchers around the world. For example, Browser Same Origin Policy Vulnerability could allow a hacker/attacker to read the response of any Page like facebook.com and could be able to perform any action on your Facebook account since they are able to read the response by accessing the Facebook origin. Android Chrome SOP bypass by Rafay Baloch is one such vulnerability that is affecting Android web-view in Android < 4.4.

How can you prevent yourself from browser vulnerabilities?

You should always update your browser and operating system once there is an update available. Keeping an older version always has many risk factors involved.

Self XSS is also known as Self Cross Site Scripting. XSS is basically a web security vulnerability, which enables hackers to inject scripts into web pages used by other users. What is self XSS then? Self XSS is a kind of social engineering attack, where a victim accidentally executes a script, thus exploiting it to the hacker.

How does self XSS scam work?

In this method, hacker promises to help you hack somebody else's FB account. Instead of giving you access to someone else's account, the hacker tricks you into running malicious Javascript in your browser console that gives a hacker the ability to manipulate your account. Facebook hackers use this technique to add you in groups, add your friends to the group, post on your wall, add your friends in comments etc.

How can you prevent yourself from self XSS?

Self XSS is something that you let hackers to hack your account. So never and ever copy & paste the code given by someone in your browser, otherwise, you will get your Facebook account hacked.


11 Trojan Horses 

Trojan Horse is a malicious program, which is used to spy and control a computer by misleading users of its true intent. Malware Trojan can also be called as Remote Key Logger since it records keystrokes of all the applications of our computer and sends it to the hacker online.

How do Trojan Horses work?

software you think legit might be a trojan. A PDF you don't suspect might contain a trojan. An AVI media file given by someone might be a trojan. The Trojan horse runs in the background process, collects information and send it to the hacker. Trojan Horse can be sent in any form through any medium, like pen drive, iPod, website, or email. In our topic, Trojan records FB password that you have typed in your browser and sends it to the Facebook hacker using the Internet.

How can you prevent yourself from Trojan?

  • Do not
    • install programs from unknown online sources
    • play media files received from an unknown source
    • open any kind of files downloaded from untrusted sources
    • insert pen drive from any suspicious people.
  • Do have an updated anti-virus software installed on your computer.

Keeping your anti-virus software up to date does not guarantee you to stay safe from hacking. Basically, an anti-virus software is a collection of detected malware and viruses. Its job is to compare each and every file with the database of viruses. There are many numbers of software, which enable us to create undetectable Trojans. But, it is very unlikely to target a common man with undetectable Trojanware. So, keeping an antivirus program up to date is protective to large extent. Don't forget to update your anti-virus software once an update is available.


12 FB Zero Day

Zero Day is a security vulnerability that is unknown to the respective software vendor. In our context, undiscovered Facebook vulnerabilities are called FB Zero Day.

How does Zero Day hacking work?

FB Zero Day vulnerabilities are very rare since Facebook has a bug bounty program, where security researchers around the world participate and report zero-day vulnerabilities. Zero-day is basically a security loophole that is unknown to the software vendor.

There are two types of people who find Zero Day vulnerabilities. The first case is Security Researchers and Bug hunters, who make a responsible disclosure about the vulnerability to the software vendor; FB in our context. Another case falls on the evil side. Blackhat hackers who find Zero Day vulnerabilities don't disclose it to Facebook and they will use it for their personal benefit of hacking.

@EVERYTHING NT

Related articles

  1. Growth Hacking Barcelona
  2. Chema Alonso Wikipedia
  3. Sdr Hacking