Email Account Hacking Methods

By: xAsylum

1. Get the email address of the person you would like to hack. If you are hacking the email

for someone else, get all the information that the person has on the email, it will be

useful in the future.

2. Depending on what kind of email it is (we will pretend it was Gmail) go to the domain’s

website, which in this case, is http://www.gmail.com.

3. Type in the username of the account, and click “Can’t Access your account?”.

4. Click “My password doesn’t seem to be working”.

5. When it asks if Gmail accepted your username, click the bubble “Yes”.

6. When it asks if the password reset arrived at your recovery address, click the bubble “I

don’t have a recovery email address”.

7. Next, click the bubble “It's been 24 hours since I last tried to sign in to Gmail, including Gmail

for mobile, POP, IMAP, or Gmail with other Google products”.

8. Click the link to the password recovery page below the last question you answered. The link

should look something like this:

https://www.google.com/accounts/ForgotPasswd?service=mail&fpOnly=1

9. Enter the desired username, and then solve the CAPTCHA.

10. It should now come up with the password reset recovery question. You now know what

your goal is (to get the answer to the question). Be sure to write the question down

somewhere, so you do not forget it.

There are a few different ways in which you could now try to get the password.

 Social Engineering: This is my personal favorite method. You obtain the information

directly from the source of the person. Almost everyone these days have a Facebook or

Myspace account. Search the email, and when you find the account, take note of their

age. When I do this, I normally make a Facebook.com account between the ages of 19

and 21, claiming to be a College student doing a random questionnaire required for one

of my classes. I usually list around 5 questions for them to answer, one of them being

there secret question. Even with this method being so simple, it has a really high success

rate. If this does not work, and you want to try another variation of it, make another

Facebook account around the same age as the person, claiming to remember them from

high school. You can casually get the answer to the question. Here is an example if your

question was something like “Who was your best childhood friend?”:

-“Hey, Johnny, I remember you from High school, class of 84, right?”

-“Yeah, I don’t remember you, were we friends?”

-“Yeah man, I knew you, I was really good friends with your best friend ________ (fake

name).
 - __________? I don’t recognize that name; he definitely was not my best friend.”

-“Maybe I’m thinking of a different Johnny, who did you hang out with, who was your

best friend?”

-“Oh, I hung out with _____, _____, and _____. _____ was my best friend my junior and

senior year.”

Now you have the name of his possible best friend, and if that name does not work, you

can try the names of his other friends in high school that he listed.

 Doxing: Doxing is the process in which you gather as much information as possible on

someone. This is useful on email password resets that require information such as the

persons’ city, state, and zip code.

When doxing, the first thing I do is run the email through http://www.pipl.com/email/

and http://www.spokeo.com/email. These sites are comprehensive searches which run

the email through databases. After the search is done, you will know what websites the

email is registered to. Now, go to their social networking profiles which you found on

these searches, and get all the information you can. Write it down, or save it in a word

document.
 If you can get their First and Last name, as long with possibly a city and state, you are in

luck. Go to http://www.whitepages.com/person and if they are over 18, you should be

able to get most of their information.

If you are able to contact the person through something like MSN, AIM, Myspace IM, or

Facebook IM, you can get their IP address. Register on http://www.blackapplehost.com

and make a free webhosting account.

<?php

$ip = $_SERVER['REMOTE_ADDR'];

$handle = fopen('ipaddresses.txt'', 'a+);

fwrite($handle, $ip); fwrite($handle, "\n");

fclose($handle);

?>

Save this script of code as “ip.php” and upload it to your webhosting account. Along

with this file, save a blank notepad file as “ipaddresses.txt” and upload it as well. Your

link to the .php file should be something like

“http://www.username.blackapplehost.com/ip.php”. Go to http”//www.dot.tk and

register this link under something such as “funnypictures.tk”, or something of the sort.

Now, using your instant messaging program, send them a message that says, “OMG, you

must have been really drunk, I can’t believe you did that! Man, those pictures are really

embarrassing. Want to see them? They are found on funnypictures.tk. Even if they don’t
 drink, I guarantee because you mentioned their name, and out of curiosity, they will go

to the website. Once they go to it, check your text file, which will be at the link

“http://www.username.blackapplehost.com/ipaddresses.txt”. You should now have

their IP address. Copy and paste that IP address into

http://www.whatismyip.com/tools/ip-address-lookup.asp and you should now have

their postal code, city, state, and a map of where their IP address is located (Rough, not

completely accurate). These methods should be enough to get you the information you

need to get to the security question. If all else fails and you need help, you can always

message me on MSN, CaLLMeHAsYLuM@hotmail.com. I will always help ;)

 Stealer: If you can get your victim to download a file, this is by far the easiest way to get

the password. I use theref’s stealer (http://uppit.com/v/WDVKHI97, password is

“theref”). It is no longer FuD, but you can get someone to crypt your server on Hack

Forums for free, or maybe 1 dollar. Check the Service Offering section of Hack Forums to

find someone to crypt your server (http://hackforums.net/forumdisplay.php?fid=106).

After it is crypted, you have to be creative to get someone to download the file. The

most successful method I have used is by binding your server to a program that the

person would be interested in. You could also do something as offer them assistance on

their computer via Teamviewer, and then when you have control of their desktop,

download the .exe and execute it. If you have access to a reliable Drive-by-Download

and a Java enabled webhost, you could get your file executed on their Personal
 Computer very easily. Though it is a very simple concept, it is not too easy to get

someone to open a file. Like I said before, be creative.

 I hope this E-Book helped you out. If assistance is ever needed, feel free to ask me for it.

I am very experienced in all aspects of hacking emails and have done it countless times,

so I can be a very useful tool. My contact information is listed below, thank you very

much for purchasing my E-Book!

AIM: CaLLMeHAsYLuM

MSN: CaLLMeHAsYLuM@hotmail.com

Hack Forums: xAsylum (Shoot me a PM :p)