Talk About Marriage banner
Status
Not open for further replies.

anyone interested in evidence gathering thread?

204K views 952 replies 206 participants last post by  badbane 
#1 ·
I am a computer tech and a lot of people on here probably don't know all of the sneaky ways to get in and out of computers. There are lots of free tools running around to help a BS get answers. Would anyone be interested in a tutorial type thread or series of threads on how to install keylogger, get around passwords in windows. Social engineering tips on how to get the WW/WH caught red handed. Let me know I would be glad to lend a hand.
 
#4 ·
I am in. I have my wife's old computer (that crashed) and I know there are things in it that I would just like to have a look at. I am not ignorant of computers but would like some help.
 
#5 · (Edited)
Leave the computer alone.


Easiest thing for this is a program called active boot disk. it's 100 bucks. You download it and burn it to a cd/dvd. Then you start the computer with this cd in the drive. you may have to enter the one time boot menu. (dell is f12, gateway is del , not sure about the other manu. If you need to find it just google "boot menu for "enter your manufacturer here") Then select your cd drive with the active boot disk in the drive.
You with enter a windows like screen and you can run a HD scan and recover deleted files, or files that are hidden.

There are others but active is the easiest one I have ever used.
If you can't spare a hundred bucks there are some less user friendly linux tools you can use.

Also if the drive is not damaged and you already have an admin account you can change the password. IN control panel / user account
 
#6 ·
Getting around that pesk password in xp home is a easy as pie.

When your computer starts up just after the bios screen (black screen usually has manufacturers logo on it pops up) press f8 on the keyboard . You will run into a screen that offers to start up in several modes. You want to start in safe mode.

Once you start in safe mode a hidden administrator account is now available that the manufacturer's don't password. (big giant security hole) This hidden admin account will allow you change your WS password through control panel. This only works in xp home edition.
 
#8 ·
usually I charge money for this. But I would gladly help anyone out that is going through this. Just ask a tech question on here and I will do my best to answer.
 
#18 ·
well this one is most likely solved by social engineering. Simply figure out what his security questions are. Then one day bring it up in casual conversation. LIke what was your moms' maiden name?

Causal conversation :hey babe this old guy at church said he might have known your mom. What was her maiden name again?
His answer: I don't know I'll ask.

Why spend hours cracking a password when you can get the dummy who made it to tell you the answer. If it is an old account most people don't even remember those questions and they won't have any idea you are getting into their account. If the account is fairly new then you might peak some suspicion.
 
#19 ·
Oh man, I truly don't know if I want to do this. We have all apple products, highly tech savvy WH. I want someone to come comb through it all for me and give me a high level summary then dump it all somewhere locked down where I have to jump through hoops to get the password. I don't want to know the nitty gritty details. I think my heart would explode.

Very nice of you to offer this help. Wspouses are such bastards.
Posted via Mobile Device
 
#49 ·
Yea all you gotta do is take it to a PI or any computer tech. They will do it but you will pay handsomely. Computer work is not hard just time consuming generally. Half the stuff I do my 3 year old could if he could stand still for half and hour.
 
#23 ·
Question 1: if Party No. 1 has a FB account and Party No. 2(non-FB user) accesses it. Can Party No. 1 tell if their FB account has been or is being compromised in any way?

Question 2: if a FB user deletes potentially damning information from, say, a FB chat log, is that deleted information, in any way, retreivable? Is FB required to keep a copy of all deleted items in the rare event of a request by means of a court order?
 
#24 ·
1: facebook displays a last login time. But unless your WW/Wh is paying that much attention they won't even notice it.

2: that's more complicated private messages can be recovered but you actually have to make contact with fb and request this. They are under no obligation to restore data and will be a lot of runaround.
 
#27 ·
I actually sent an I phone and a regular phone to a supposed expert. Cost me $400, they weren't able to retrieve anything because it has already been overwritten.

If the phone is not used a lot and it's been less than 3 mos, you might find something, but older messages are typically overwritten.
 
#30 ·
i amon my phone so i am answering the yahoo messenger question. most of those programs store logs locally on the computer. you can google where they are stored. you can then open them up with notepad and see whats going on. there is a way to turn logging off. but there is no
way to tell logging is on or off. so if you check and there are no logs then open up the program and turn logging back on. then check back. if logging is turned off it is a bad sign no doubt.
Posted via Mobile Device
 
#31 ·
simulatneous fb account logins are not detectable thats why you can browse on your phone and computer at the same time. but there is a last log in. but most wh are probably checking their accounts soo often they can't tell it is not them.
Posted via Mobile Device
 
#33 ·
depends on if the messages were just sent to the deleted Items folder or spam folder. Or if the person deleted out of the deleted items folder or not.
Gmail started an archive where if you were accessing the mail through your iphone it archived the messages rather than deleting them. Most providers once the message is deleted it goes to a deleted folder where it will sit for around 7 days (unless specified for a different length of time) and then be wiped.
Most email providers will not restore messages that have been fully removed.
if your Wh or WW uses microsoft outlook there is a lot you can do. But I will hold off on that until someone specifically asks for it. It isn't hard but you can make using rules in outlook to have all your WS mail forwarded to you. It isn't time consuming either but it is a pain to type all the specific instructions up. So I will wait until someone asks.
 
#34 ·
Longshot here...my wife changed jobs since her A, so the blackberry is gone, I think (at least erased) and the laptop sent back. If I find the blackberry- any way to get deleted texts off of it? It is out of service, the number has been changed to her iPhone.
 
#40 · (Edited)
If you're going to look, don't get caught...

Gmail has a "last account activity" button at the bottom of the screen. Something to keep in mind if you're getting into someone's account.

Also, on FB, there is a security setting that will send the account owner an email notification if a new (or non-registered) device is used for log in.


Just be careful with that...if the cheater is tech savvy at all, those are easily seen.
 
#38 ·
Badbane: Question: Do cell phone companies keep a written record of text messages that are transmitted to or from a user, that the owner of the cell phone account can get a printed copy of? This would be much the same way of getting a copy of a call or a texting log, telling one about all calls/texts made; the date and time; who from, who to; and the actual time duration of the transaction.
 
#44 ·
You can only see calls and the to from on phone records. As far as actual transcripts you would have to call your provider to find out. AFAIK it is a possibility but I think there might be some red tape involved and if the account is not yours it would take a court order most likely to retrieve them.
 
#39 ·
I have just a general question since I don't have his cellphone in front of me, but do have possession. My WS is not tech savy, but I suspect that he deleted his text messages from his cellphone prior to giving it to me. The phone service (Verizon) has been cancelled. Is there any information I can dig up from the unit itself? Deleted text messages? If I connect the unit to my computer, is there any information I can pull from the unit itself that could reveal the substance of his text conversations? If so, how?

I can come back later with the make/model if necessary, but was wondering if it is possible to do something with it or whether I would be wasting my time fooling with it. Thanks in advance for your help. :)
 
#46 ·
My WW has three old laptops and a PC from the time during the affair. I am not sure what was saved to any of them, although somethings I have seen. The PC is packed in a box, and one of the laptops is out of service with a defunct battery. Those two at least have not been used since just after the affair and I am sure have many deleted files on them. Is there any chance of success there with the program you first mentioned?

The laptop is an Asis (sp?), can it be run without the battery but plugged into 110V? Or does the battery need to be in it to turn it on?

Thanks for your offer of Tech savy help, many on here as I am are not too tech savy, but have been forced to be by affairs online.

I for one greatly appreciate you stepping forward. Thanks!
 
#48 · (Edited)
Simple you have lots of options one. Go get a usb to sata/ide adapter. costs about 30 bucks. you can take the HD out of the laptop(hd is where all the data is) take the HD out of the laptop. usually two screws. just look up a youtube video with your laptop model or just get screw driver happy. Hd are always able to be removed relatively easy. Any way get out the hd plug in the power from the adapter. Plug the adapter into the hd and then to you newer computer. Voila total access.
If you have a buddy with a pro version of windows or you have a pro version of office. just google how to change file ownership so you don't have to deal with permissions. You need windows pro or higher. this goes for xp up to win 8.

If you are worried the files are on the computer and have been deleted then whatever you do don't use the computer at all until you are ready to recover the files. Then you will want to use a boot disk like active boot disk.
Everytime millisecond that hd is in use you risk overwriting the deleted data that is sitting on the HD.
If you want more throughout instructions let me know what you are going to use and how you want to use it. I would suggest taking out the drive either way. Then using the adapter and the boot disk to recover the files. That way there is not reading and writing to the drive before the recovery process starts.
I mentioned this earlier and if you use the adapter you can simply transfer the recovered files directly to your newer computer.
 
#50 ·
Hey could a mod chime in here how far can i go with this. I mean hacking wireless networks and all that. I just want a clear answer so that if someone asks a question with a questionable answer I don't get banned. If there is anything I can't post here or link to I will handle through pm.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top