My QQ was stolen by a friend, but I couldn’t find him after many days. I want to steal it back, and steal his as well. Can anyone help me?

First of all, it is a bad behavior for friends to visit other people’s QQ, and secondly, if you really want to do this, just do it

1. Online password cracking. Everyone knows that QQ can use a proxy server to log in. This is A protective measure. It can not only hide the user's real IP address to avoid network attacks, but also speed up the login speed and ensure the stability of the login.

The technical methods used in online password cracking and local password cracking are similar, both are exhaustive methods, but the former is completely separated from the QQ used by local users. It scans the login proxy server. As long as the QQ number you want to steal is online, you can use online number stealing tools to achieve remote TCP/IP hunting, thereby stealing the QQ password without anyone noticing!

Online cracking has changed the passive cracking method of local cracking. As long as it is an online QQ number, it can be cracked and has a wide range of applications. However, because it still uses exhaustive method technology, when enumerating the length and type of key digits, the verification time is very long and the cracking efficiency is not high. Similarly, this method is also affected by many factors such as computer speed and network speed, so it is more troublesome than the previous local cracking.

At present, a relatively powerful QQ password online cracking software is called QQExplorer. Its cracking operation is divided into four steps: first, fill in the QQ number you want to steal in the QQ start number and end number (this number must be online); second, in "Add or delete HTTP proxy server" Enter the IP address and port number of the proxy server (if you find it troublesome to find the QQ proxy server, you can use some modern QQ proxy publishing software); in the third step, click the "Add & Test" button, the software will automatically detect this first Check whether the server is normal. After confirming, add it to the proxy server list (this software can fill in the addresses of multiple proxy servers, and can automatically filter unavailable or slow servers); the fourth step, click the "Start" button to start online Password cracking

2. Login window cracking

The method of forging a QQ login window to steal accounts is very simple. This is a relatively alternative method of cracking Trojan horses (there will be a special introduction to cracking Trojan horses later) ). First, use account stealing software to generate a fake QQ main program. After running it, a login window exactly like Tencent QQ will appear. As long as the user logs in in this fake login window, the entered QQ number and password will be recorded and electronically The email is sent to the tank specified by the hacker. Here we take a software called "Fox Q" as an example. When you run it for the first time, it will copy itself to the QQ directory and rename the original QQ.exe file. QQ.com (Such changes will not affect the normal operation of QQ). After the settings are completed, the original program of "Fox QQ" will disappear, pretending to be QQ and waiting for the "prey" to take the bait. In its software settings, there is a setting that can determine the number of times real and fake QQ run alternately, which can reduce the number of users who generate QQ when using QQ. doubt. For example, if the "validation times" is set to 3, then the first time the user runs QQ, it means that the user's QQ number will be stolen when the user runs it for the third time! During the QQ password sending process, if the sending fails, it will also write down the QQ number and password and wait for the next sending.

The account theft method of real-time monitoring of the QQ login window uses Windows window functions and handle functions to achieve background interception of QQ numbers and passwords. This type of software can capture passwords in almost all standard password boxes under Windows, such as QQ, Outlook, screensavers, various email clients, various game accounts and Internet accounts, etc. After capture, it will also send the password to the email address specified by the hacker in real time. Its representative hacking software is "Password Messenger", which can capture almost all passwords in login windows under Windows 9x/2000/XP, and can also steal various passwords logged in on web pages.

When using this software to steal someone's account, you only need to fill in the email address and protection password used to receive other people's QQ passwords, and pass the generated account hacker file to trick others into running it, and then you can wait for the password to come to your door! This software is different from traditional keyloggers. It hides and starts automatically every time the computer is turned on. Regardless of whether the password is entered with the keyboard, copied or pasted, it can effectively intercept it in real time! The registered version actually has an automatic upgrade function, which is very destructive.

3. Information fraud

Confucius said: A sergeant kills with a pen, a sergeant kills with words, and a corporal kills with a stone plate. There is another common, simplest and most effective way to remotely steal QQ passwords, and that is to take advantage of many people's weakness of being greedy for petty gains and carry out artificial deception!

Title: Tencent’s notification of winning xxxxx

“QQ Lucky Winner: Congratulations!!! You have become the winning user of the QQ online netizen lottery. You will receive a beautiful T-shirt 1 and have the chance to receive a NOKIA 7110 mobile phone. Note from Tencent: The prizes are sent by mail. Please fill in the following information carefully, and it will be treated as automatically giving up the chance to win gt. ; gt; QQ number: gt; Password: gt; Name: gt; E-mail address: gt; ID number: gt; Mailing address: gt; Contact number: gt; Postal code: "

For example Our QQ often receives the following messages from strangers.

If you fill in the information truthfully and send it back stupidly, your QQ password will be stolen after a while.

There are also messages like this: "Dear QQ user, congratulations on becoming Tencent's lucky number. Tencent will give you a beautiful QQ number: 12345, password: 54321. Please log in and change it as soon as possible. Password, thank you for supporting Tencent!" Many people saw it and thought it was a free bargain. After logging in, it was true, so they smiled and accepted it. However, for the sake of convenience, many people like to use the same password for everything, so when you change the password of this QQ account to the same password as your own QQ account, you have to use your own QQ account and the gifted QQ account. over! This is because the person who gave you the QQ number has applied for password protection. After you changed your password, he used Tencent's password protection function to take it back, and at the same time took away your QQ password. If your QQ has not applied for password protection, you can only say goodbye to it at this moment.

4. More Trojan hacks

“The ancient Greek army besieged the city of Troy and could not break it for a long time, so they built a large wooden horse to hide the soldiers in it. The army pretended to retreat and abandoned the wooden horse. When the city learned that the enemy had retreated, they dragged the Trojan horse into the city. At midnight, the soldiers hiding in the Trojan horse opened the city gates and set fire to them. The ambush troops outside the city rushed in and burned the city of Troy. "This is the ancient Greek myth. In the story of "Trojan Horse Massacre", the name of the Trojan horse was borrowed by a hacker program, which means "once it sneaks in, there will be endless troubles." A complete Trojan horse program consists of the server side and the control side. The so-called "Trojan horse" refers to the server side of the Trojan horse being installed in the user's computer, and the hacker who owns the control side can remotely control the computer through the network, thereby easily stealing the QQ password in the computer.

There are countless Trojan horse programs targeting QQ, and there are also a lot of them that specialize in stealing QQ passwords. They are secretly installed in the user's computer and run automatically when the computer starts. If the user uses QQ , then its account number and password will be recorded by these Trojans and sent to the mailbox of the Trojan installer. We have already introduced two QQ Trojans that steal accounts through the login window. Next, we will introduce two typical ones.

The first one: Best QQ Account Stealing 2004

This is the latest version of the "Best QQ Account Stealing" Trojan.

The method of use is similar to the "Password Messenger" introduced earlier. First, fill in the email address for receiving QQ passwords and the title of the email in the "Settings" column, and then secretly install the generated account hacker into other people's computers. The Trojan claims to be able to bypass mainstream anti-virus software and steal passwords for the latest versions of QQ, namely QQ2004 and QQ2004 Olympic Special Edition.

Section 2: QQ Spy 3.0

When using this Trojan software, click "Server" on the toolbar, follow the prompts to generate the server program, and then secretly transfer it into someone else's computer, and when the victim accidentally runs it, the Trojan is planted. This Trojan can not only steal accounts, but also quietly record the victim's QQ chat information in the background, and download executable files to achieve remote upgrades and remote execution of scripts. In addition, after registration, it can also directly remotely monitor the QQ chat history on the other party's computer.

Using Trojan software to steal QQ passwords is obviously more efficient than using the cracking methods introduced earlier! Not only does it save time, but the success rate is also high. However, how to install the server side of the Trojan program in the user's computer is a troublesome matter. In addition, many powerful Trojan programs require registration to use all their functions. Therefore, for those hackers with varying levels of skills, it will take some effort to play with the Trojan horse program.

Take the initiative to teach you how to regain your stolen QQ account

With the popularity of the Internet, the most important communication method for many friends today is QQ, but QQ security is a concern for everyone It is a topic that everyone is very concerned about. There are also endless tools for stealing QQ accounts. With the improvement of people's security awareness in recent years, everyone has paid a certain attention to QQ security. However, it is also very easy for so-called hackers to steal QQ accounts with the help of some tools. Let’s take a look at how hackers use software tools and email addresses to easily steal other people’s QQ numbers, so that we can prevent them more effectively!

1. QQ Password Sender

This software is relatively simple to use. You need to have a certain ability to "deceive". To succeed, the most important thing is to find ways to get the other party to receive and Run your Trojan and you can reap the benefits!

Download and decompress the software, run the executable file, and the running window is as shown in Figure 1.

In this window, you only need to enter a valid email address and click the "Generate QQ Trojan" button to generate a Trojan, as shown in Figure 2.

The next step is to send the Trojan to the other party. To allow the other party to run it, you need to rename the Trojan, such as "My FLASH", "XX Software", etc., as long as the other party can trust it. Just click to run the Trojan!

Once the other party runs the software and logs in to QQ again, the other party’s QQ number, password, and the other party’s machine IP and other information will be sent to the mailbox you set by email, and you will be waiting to check yours. "War merits", as shown in Figure 3.

Tips:

This software is very suitable for use in Internet cafes. As long as you configure the software on other machines and then change to another machine to access the Internet, once others use that machine When you log in to QQ, of course you give away your QQ!

2. Invincible QQ Password Stealer

This software is a background monitoring software for stealing QQ. It also requires email to be used, and the specific settings are relatively simple.

Run the software and the configuration window will appear in Figure 4.

In this window, you need to set the SMTP server address, username and password of the mailbox you are using. In order to ensure that letters can be received normally, it is best to click the "Test" button to test after the settings are completed.

Tips:

If the email title is not filled in, the QQ number will be used as the title. In addition, it is best to set the "How many numbers to send" smaller. This function is very useful. Once the program When the number of emails sent reaches this number, it will no longer be sent, otherwise your mailbox may be burst.

3. Use QQ Password Breaker to steal QQ

QQ Password Breaker is a hacking tool for locally cracking QQ passwords. You can choose a dictionary to brute force the local QQ password, which is extremely fast. It’s fast, and you can set the delay time yourself. Let’s take a look at the specific usage method.

Download the software and unzip it. "QQPW_Crack8" is the installation program. There is also a "Crack Dictionary" folder (Figure 5). This is the dictionary file used to crack QQ passwords. It contains 4 dictionary files, of course you can also make your own dictionary for your own use. After installing the software, you can practice the power of the software!

First run the software. The main interface of the software is shown in Figure 6.

First you need to configure the "QQ path", click the "Browse" button to find the main program of QQ, the "QQ number" column will automatically display the QQ number logged in with this machine, you only need to select one of them That's it, then you need to set the "Dictionary Path", click the "Browse" button at the back, and find the location of the dictionary file, such as C:\WINDOWS\Desktop\New Folder\QQ Secret Messenger\Cracked Dictionary\dictionary1.txt, such as Figure 7.

After setting up the dictionary file, you can also set the delay time, and then you can click "Start Cracking" to crack! The software will try the passwords in the dictionary file one by one. The cracking process is shown in Figure 8.??

Tip: The cracking speed is related to the speed of your computer. Do not open any other programs during the cracking process to avoid affecting the cracking speed! This method is very suitable for stealing other people's QQ numbers in Internet cafes!

4. Easily peek into QQ2004 chat history

With the launch of QQ2004Beta, the majority of "Q friends" have once again experienced the surprises that the new version brings to everyone, so QQ2004Beta is in terms of security What about aspects? The "QQ2004Beta password-free login tool" launched for QQ2004Beta may also bring you a "surprise"!

After using the "QQ2004Beta password-free login tool", you can log in to QQ by entering any password, so that you can peek into other people's friend information and chat history! Note that this software only applies to the latest version of QQ2004Beta.

After downloading and decompressing the software, you must copy "cr-QQ2004Beta(7.13).exe" to your QQ2004Beta installation directory, usually "C:\Program Files\Tencent\qq". Otherwise, running the software directly will prompt that the QQ.exe file cannot be found!

Run the "cr-QQ2004Beta(7.13).exe" file in the QQ2004Beta installation directory, and the pop-up window will appear as shown in Figure 9.

After clicking the "OK" button, the normal QQ login interface will pop up, as shown in Figure 10.

Here you enter a password at will, and then click "Login" to log in, but a prompt box "Please enter the login password again" will pop up. Ignore it, but do not click " Cancel", otherwise QQ will automatically close, as shown in Figure 11.

At this time, QQ will be logged in offline, and you can view other people's friend information and chat records. It should be noted that the QQ chat window logged in in this way cannot be opened, so to view chat records and friend information, you must click "Menu" → "Friends and Information" → "Message Manager", or you must click on QQ Right-click a friend on the main interface, and then select the "Chat History" or "View Profile" option.

Take the initiative to teach you how to regain your stolen QQ number

Many friends have had the experience of having their QQ number stolen. Even after using the "password protection" function to retrieve it, The Q coins inside have also been looted by account hackers. If you encounter a more vicious account hacker, they will delete all your friends, and your friends will leave you forever. Have you thought about fighting back? What, counterattack? Don't be kidding, we are just rookies, not hackers. We can only browse web pages and chat. We don't even know how our QQ account was stolen. What can we do to the person who stole the account? In fact, the so-called "hackers" who like to steal accounts only use some ready-made account stealing tools. As long as we understand the process of QQ account being stolen, we can take corresponding precautions, and even switch from defense to attack, giving the account thieves a fatal blow. .

1. Know yourself and know the enemy, the technology of hacking is no longer mysterious

Today, there are very few QQ hacking software that are still being continuously updated. Among them, the most famous and widely circulated one is not "Ah" "QQ Thief" is none other than "QQ Thief". At present, most of the QQ account theft incidents are caused by this software. The conditions for using the software are very simple, as long as you have a mailbox that supports SMTP sending or a web space that supports ASP scripts. Moreover, this Trojan can automatically divide the stolen QQ accounts into good accounts and non-premium accounts, and send them to different mailboxes respectively. This is one of the reasons why "Ala QQ Thief" is so popular. Next, let us first understand how it works so that we can find a good way to fight back.

1. Select account hacking mode

Download "Ala QQ Thief". After decompression, there are two files: alaqq.exe, Love Eternal, Love Nanny qq.asp. Among them, alaqq.exe is the configuration program of "Ala QQ Thief", love is eternal, and love nanny qq.asp is the file that needs to be used when using the "website mail receiving" mode. Before formal use, its parameters need to be set.

"Mailbox Receiving" configuration: Run alaqq.exe, and the program's configuration interface will appear. Select "Email Receive" in the "Email Sending Mode Selection" option, and fill in the email address in "Email Receive" (it is recommended to use the program's default 163.com NetEase mailbox). Here we take the mailbox n12345@163.com (password n_12345) as an example to introduce the configuration of the "mailbox receiving" mode, and conduct the test below. In addition, you can fill in different email addresses in the "Inbox (Pretty)" and "Inbox (Common)" to accept QQ pretty accounts and ordinary QQ accounts. Then select the SMTP server corresponding to your mailbox in the "Sending Server" drop-down box, here it is smtp.163.com. Finally, fill in the account number, password, and full name of the sending mailbox.

After the settings are completed, we can test whether the filled-in content is correct. Click the "Test Email" button below, and the program will appear in the email test status. If all the tested items show success, the mailbox information configuration can be completed.

"Website mail receiving" configuration: In addition to selecting the "mailbox receiving" mode, we can also select the "website mail receiving" mode to automatically upload the stolen QQ number to the designated website space. Of course, some preparations need to be done before use.

Use FTP software to upload Love Eternal and Love Nanny qq.asp to a space that supports ASP scripts, run alaqq.exe, and enter the URL of Love Eternal and Love Nanny qq.asp in the "Asp Interface Address" address, then when the Trojan intercepts the QQ number information, it will save it in the qq.txt file in the same directory as Love Eternal and Love Nanny qq.asp.

2. Set additional Trojan parameters

Next we proceed to advanced settings.

If you check "Close QQ after running", once the other party runs the Trojan generated by "Ala QQ Thief", QQ will automatically close after 60 seconds. When the other party logs in to QQ again, his or her QQ number and password will be intercepted by the Trojan , and sent to the hacker's mailbox or website space. In addition, if you want the Trojan to be used in an Internet cafe environment, you need to check "Restore Wizard Automatically Transfer" so that the Trojan can still run after the system is restarted. Except for these two items, keep the others as default.

3. Steal QQ number information

After configuring "Ala QQ Thief", click "Generate Trojan" in the program interface to generate a Trojan that can steal QQ numbers. Trojan horse program. We can disguise the program as pictures, mini-games, or bundle it with other software and spread it. When someone runs the corresponding file, the Trojan will be hidden in the system. When there is a QQ login in the system, the Trojan will start working, intercept the relevant numbers and passwords, and send this information to the mailbox or according to the previous settings. Website space.

2. Develop a discerning eye so that Trojans have nowhere to escape in the system

Now that we have understood the general process of "Ala QQ Thief", how can we remove it from the system? Did you find "Ah La QQ Thief"? Generally speaking, if you encounter the following situations, you should be careful.

·QQ is automatically closed.

·After running a certain program, it disappears.

·The anti-virus software automatically closes after running a certain program.

·The browser is automatically closed when visiting an anti-virus software website.

·If the anti-virus software has an email monitoring function, a warning box will appear for the program to send emails.

·If a network firewall (such as Skynet firewall) is installed, a warning appears that NTdhcp.exe accesses the network.

If one or more of the above situations occur, the system may have been infected with "Ala QQ Thief". Of course, being infected with a Trojan is not terrible, we can also remove it from the system.

1. Manually detect and kill Trojans. After discovering that the system is infected with "Ala QQ Thief", we can manually remove it. After running "Ala QQ Thief", a file named NTdhcp.exe will be generated in the system32 folder in the system directory, and the key value of the Trojan horse will be added to the startup item in the registry so that it can run every time the system starts. Trojan horse. The first thing we have to do is to run the "Task Manager" and end the Trojan process "NTdhcp.exe". Then open "Folder Options" in Explorer, select the "View" tab, and uncheck the "Hide protected operating system files" option. Then enter the system32 folder in the system directory and delete the NTdhcp.exe file. Finally, enter the registry to delete the NTdhcp.exe key value, which is located in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Currentversion\Run.

2. Uninstall the Trojan. Uninstalling "Ala QQ Bandit" is very simple. Just download the configuration program of "Ala QQ Bandit" and click the "Uninstall Program" button after running it to completely remove the Trojan from the system.

3. Use retreat to advance and give the account robbers a fatal blow

After working for a long time, I finally completely eliminated the "Ahla QQ Thief" in the system. Then, facing Damn thief, should we teach him a lesson?

1. Exploit loopholes and switch from defense to offense

The so-called "attack" here does not mean directly invading the computer of the hacker. I believe that this kind of "technical activity" is not suitable for everyone. .

Here we just start with the loopholes that exist in almost all account-stealing software, so as to teach the hackers a lesson.

So what is this vulnerability?

From the previous analysis of "Ala QQ Thief", we can see that the configuration section fills in the email account and password for receiving QQ number information emails, and the email account and password are both stored in plain text in the Trojan in the program. Therefore, we can find the email account and password of the hacker from the generated Trojan program. Then it is easy to control the email address of the thief, allowing the thief to steal the chicken but lose the rice.

Tip: The above vulnerability only exists in Trojans that send QQ number information by email. If you choose to use the website to receive the information during the configuration of "Ala QQ Thief", this vulnerability does not exist.

2. Network sniffing, seizing the hacker’s mailbox

When the Trojan intercepts the QQ number and password, it will send this information to the hacker’s mailbox in the form of email , we can start from here and intercept the network data packet during the process of the Trojan sending the email. This intercepted data packet contains the account number and password of the hacker's mailbox. When intercepting data packets, we can use some network sniffing software. These sniffing software can easily intercept data packets and automatically filter out password information.

·x-sniff

x-sniff is a sniffing tool under the command line. It has very powerful sniffing capabilities and is especially suitable for sniffing password information in data packets.

Unzip the downloaded x-sniff to a directory, such as "c:\", then run "Command Prompt" and enter the directory where x-sniff is located in "Command Prompt" , and then enter the command "xsiff.exe

-pass -hide -log

pass.log" (command meaning: run x-sniff in the background to filter the data packets Get the password information and save the sniffed password information to the pass.log file in the same directory).

After the sniffing software is set up, we can log in to QQ normally. At this time, the Trojan has also started to run, but since we have already run x-sniff, all the information sent by the Trojan will be intercepted. After waiting for a while, enter the folder where x-sniff is located, open pass.log, and you will find that x-sniff has successfully sniffed the account and password of the mailbox.

·sinffer

Many friends may have a fear of things under the command line, so we can use graphical sniffing tools to sniff. For example, sinffer is suitable for novices.

Before running sinffer, we need to install the WinPcap driver, otherwise sinffer will not run properly.

Run sinffer. First we need to specify a network card for sinffer.exe, click the network card icon on the toolbar, select the network card you are using in the pop-up window, and click "OK" to complete the configuration. After confirming the above configuration, click the "Start" button in the sinffer toolbar, and the software will start sniffing.

Next, we log in to QQ normally. If the sniffing is successful, the captured data packets will appear in the sinffer interface, in which the email account and password information are clearly listed.

After getting the email account and password of the hacker, we can delete all the QQ number information emails or change his email password to teach the hacker a lesson and allow us rookies to be righteous.

If you read to the end you will see this sentence: Be careful with these software, they are poisonous.