Tag Archives: hacking

Simple Way to Check Whether Your Gmail Account Has Been Hack or Not

There are two of my favorite site in my google reader that their domain name has been stolen, MakeUseOf.com and David Airey. All of the incident have two things in commons, they both use Gmail as their web mail to store valuable information and use Goddady as their Registrar.

I dont want to discuss about Godaddy but i would like to describe about Gmail, because by far Gmail to me is the best web mail, and i’d like to share tips to check whether you account has been hack or not.

One of the common method to know whether your gmail account has been compromised by cracker (Person who use hacking to do evil things) is by checking the “Filters” and the “Forwarding and POP/IMAP” in the setting page of your Gmail. This is just one way to check whether your gmail has been compromised or not, i don’t know other method.

Here is the step by step with the screenshot:

  1. Click on “Settings” on the right above corner of your gmail
  2. here are a closer one, click on “Settings”

  3. Then click on “Filters” tab
  4. If u never use Filters tab before then there should be no list in it, but if you have use it, check the filters and double check to make sure you dont forward it to unidentified email.

    If u found a list on the filters that u dont know, delete it right away.

  5. Last Check the “Forwarding and POP/IMAP” Tab
  6. From Web IV

    if u never use any of these feature or even understand it, just disabled it all, To disable it set it in to
    Forwarding: Disable
    POP Download: 1. Status: POP is disabled
    IMAP Access:1. Status: IMAP is disabled

Capiche? u could leave a comment to ask more.

OMG, There are unauthorized changes that i didn’t know?!
(like adding filter or POP setting)!!

First delete it right away and change the gmail password.
If u ever store password about others critical site on your gmail account, for god sake change it quickly.

Make your password really strong, u could check how strong your password in Microsoft Password checker and read about Strong passwords: How to create and use them(Microsoft) too. Note: if u still not confident using Gmail, u could always use Yahoo or personal email using your domain name.

To go depth in to the process of Gmail hijacking, u could read in detail at GNUCITIZEN site in Google GMail E-mail Hijack Technique

Update:
Gmail also keeps a list of the last few IPs that have logged in at the bottom of the page. Much easier to keep track of * From: Nuke It dot Org

Here are the screenshot to see the IP log

Click on the “Details” to see the IP log for the last IP on 5-12 hours

Update:
Just found an interesting new post from Gnucitizen and others about Gmail Exploit

Google hack query Summary (yes, another one… )

On January the 8Th, my website crash, and the database couldn’t be recovered. So i lost all of my writing…, well i could recover it, but I’m just too lazy to do it :P . It’s just 15-20 writings and I want to start a fresh new blog with new template off course. This kind of accident teach me that i should prepare backups of my writing once a week or more often. Well no pain no gain.


First of all I’d like to compile all writing i read about googling as a reminder for my self. there’s a couple web site that help me a lot on this writing, all of them l’ll wrote it in the last paragraph in this writing.
Usually in websites there’s a directory that are open in public. not all of them but a lots of them usually store interesting film, music or even books. In this directory there’s a generated note that this is an open directory when u open it and contain a list of files in that current directory. yada yada yada…so if u want to check it it use this query or just click it:

-inurl(html|htm|php|asp|aspx|pl|py|cgi|tcl) intitle:”index of” + “last modified” + “parent directory” + description + size

With the above google query it’ll show all open query, but if u want to connect it with some topic or some person, let say Jessica Simpson, just added in the back of the query so it will become like this:

-inurl:(htm|html|php|asp|aspx|pl|py|cgi) intitle:”index of” +”last modified” +”parent directory”+description+size +”jessica simpson”

it could be shown if there’s any files that are being named Jessica Simpson. The naming convention could be different inevery place so try your luck. if u want more specific type of file, like a video or an mp3 of jessica simpson just add mp3 or avi.

-inurl:(htm|html|php|asp|aspx|pl|py|cgi) intitle:”index of” +”last modified” +”parent directory” +description +size +( avi | mp3 | wmv | mov ) “jessica simpson”

in case u want an ebook like Da Vinci Code u could use this query, with a lot of type of ebook.

-inurl:(htm | html | php | asp | aspx | pl | py | cgi) intitle:”index of” +”last modified” +”parent directory” +description +size +( pdf | lit | rtf ) “da vinci code”

Most of this writing i get from Google Tutor, u could look the popular writing of this site is Voyeur-Heaven, all about Google search in here and Google Tutor’s Google Search Manual. Others sources are from googleguide.com about the advance operators. There’s an official help center also, u could look it up in Google Web Search Features, The Essentials of Google Search and Google Advanced Operators.
Actually the first time i learn about google hack is when i read an article from johnny ihackstuff, he wrote a wonderfull articles on google hack, about getting a credit card number and get almost everything that are available in the web. That a long time ago, right know he bundled the articles bout google into Google Hacking Database (GHDB) .

…or the easiest way to search MP3 or e-books, u could use G2P, website that use Google hacking to locate MP3s.