Subscribe To Farah

Enter your email address:

Delivered by FeedBurner

RSS FEED

Photography and adobe Photoshop

This Tool Can Hack Your Accounts Even with Two-Factor Authentication

By Farah

This Tool Can Hack Your Accounts Even with Two-Factor Authentication


The internet is a dangerous place, replete with shady people looking to steal your personal information. Enabling two-factor authentication (sometimes called two-factor verification) is one of the best ways to keep your online accounts secure. However, famed hacker Kevin Mitnick shows how even this security measure can’t completely protect your data if you don’t remain constantly vigilant.
The hack in question was not developed by Mitnick, who works as Chief Hacking Officer for security firm KnowBe4. Credit for that goes to Mitnick’s friend and white-hat hacker Kuba Gretzky. The tool is known as evilginx, and it makes phishing feasible even when the target uses two-factor authentication. It’s essentially a man-in-the-middle attack, but it uses proxy_pass and sub_filter to modify and capture HTTP traffic. It requires an Nginx HTTP server and some familiarity with Debian Linux. Many people have the necessary expertise to do it. 
You can get a complete technical rundown of evilginx on Gretzky’s site, but Mitnick has a nice, digestible video demo of the tool in action(embedded below). He uses LinkedIn as an example, but it could be used on Google, Facebook, and anything else that uses standard two-factor login. The attack starts in the same way all phishing attacks do — with a cleverly crafted email. You have to convince the target to click on a link that loads your site, which masquerades as the page your target expects. In this case, it’s LinkedIn.
Stealing a username and password like this is simply because they don’t change. A two-factor code changes every few seconds, so taking that from your fake page is pointless. Using evilginx, Mitnick shows how the page captures not the 2FA code but the session cookie. That identifies the user to a site, allowing the attacker to hop onto your account immediately.
Mitnick goes on to show how you can load the session cookie manually via the Chrome developer console, which only takes a few clicks. Then, all you need to do is reload the page, and LinkedIn displays the logged-in session. You don’t need to enter a username, password, or even the 2FA code.
Gretzky has published the code for his 2FA hack on GitHub, so everyone has access to it. That means people could try to use it for phishing purposes, but security researchers and educators can also help protect users. It just goes to show you; even two-factor authentication won’t protect you from your own poor decisions.



Promotional Links


I will do any photoshop editing very professionally


My Basic Editing Services

Improve complexion, contouring, makeups

Background Removing, Transparent

Change background white, color, different locations

Face/head/body manipulations, swapping

Adding Effects to photos

Whitening teeth, Removing braces

I can do professional photoshopping for you within your time frame!

if you want any suggestions in photo editing, I can help you even if you will not order for the time being. I love to discuss creative photoshop editing projects.

If you want something non-traditional, write me a message. 

Probably I can help you, but I would like to discuss it first.


Comments

Post a Comment

Popular posts from this blog

is Pakistan a Muslims country or is it a secular country? full Proofs

By Farah
Image
Pakistan is not a secular country with full proofs Hy, As a Pakistani I want to inform you about something very strange theory that some peoples guiding you in the wrong way in the discussion and on youtube videos nowadays. That MR. Jinnah wants to grow Pakistan as a secular country. It's not the voice of Quaid e Azam. That peoples are using on youtube I will give you the Proofs. It's propaganda against the country Pakistan please be aware. Go and analyze the voice accent and speech in their videos that they are providing you as Proofs and the other videos that I am providing you. I hope that the YouTubers make a video on it. Thanks! here are the links that, I listened & analyzed that Quid e Azam did not say that, this country for scholar people he clearly said that this country is for Muslims. so, you should need to remake a video on that, please. in this video, and in your video, his accent and words are different so, how is it possible that he changes
Read more

A very sad story of a shemale

By Farah
Image
A very sad story of a shemale Mehak Malik Shemale It was raining when we were burying Shabana alone. No thunder, no lightning, just a light breeze. I don't even know when the rain stopped and when the tears came out of my eyes. Consciousness came when my hands caressed the soil of the grave with love and became addicted to mud. Everyone left too late. I was alone in the cemetery. I looked carefully at the mud on my hands. There were cracks in the drying mud, broken, broken, just like the lines on Shabana's fair hands. It was as if the goddess of fortune had died, drawing lines. I myself never believed the stories told by the hand lines but looking at Shabana's life it seemed that maybe there is some truth in the lines of destiny. Suddenly the clouds parted and said goodbye, so I felt as if the night was buried in the dust of the grave and the night was sobbing softly. Na Shabana, shabash are not afraid. 'I touched the grave with love. ‘Now you are at peace. No teasing,
Read more

How to quickly Make picture's look soft Natural retouched, decent and clean within two minutes

By Farah
Image
Hi, guy, I hope you are all fine. Today we will learn How to quickly Make pictures looks soft so let's start it. I have a beautiful picture here.  first, we need to create a new duplicate layer. after that, we will go to filters and then we select Gaussian blur to apply it 10% and hit apply. now we need to go to layers section and change the opacity to 20 to 30% as per your requirements. Watch the Video
Read more