-
May 10th, 2003, 05:36 PM
#21
Junior Member
yes the sending password back method...
check out the recent flaw fixed some two days ago...
http://pakiblues.proboards9.com/inde...num=1052475266
- yes, there's a method to mail someone with the script (vbscript). when the victim opens the HTML based email, it executes the scripts which eventually sends the password back to the attacker. But I feel that one has to store the password on his computer through MSN msger to get hacked that way. Anyway, that has been fixed, but I feel this method can still work.
- fake login screen were also very popular. attacker just creat a fake login screen somewhere on the net and send the victim an email with the script which can direct the mail page to fake login page asking that 'session expired, login again' type of message and a hotmail look. easy haan?
- trojans/backdoord and keyloggers are some other possible method but required some social engineering. bind with some other exe and send it to the victim...
etc etc etc...
Life would have been alot easier if I had the source code!
-
May 11th, 2003, 01:20 PM
#22
Junior Member
Whats the point in hacking hotmail anywasy the risk is 2 high. The amount of gohsts they have on the server is unbeliable, and it verry unlikly that u wont get cought. So whoever is doin it i advise u not 2.
-Å-Şıľēʼnćęđ-Mŏŋĸ
-
May 16th, 2003, 10:14 PM
#23
Member
uhhh
no one who "hacks" an hotmail account is hacking the hotmail server. Someones hotmail account could be worthwhile if it was his passport login with his CC info. But no one would have any reason to hack the hotmail server. Who cares about penis enlargment, why would you go after it anyway =p. Its a keylogger, a trojan, a script. Or the person is acting stupid
-
May 16th, 2003, 10:42 PM
#24
Originally posted here by MsMittens
Ya. That's one way. Social engineering into convincing a user that they need to send their password or something. Never send passwords via email even if it's the ISP/host asks for it. If it's the host they should have high enough admin access to go in if they truly need to.
Another way would be using a tool like ettercap, which collects passwords as they travel past on a network.
yet another thread to where you mention ettercap, why not make a shrine of it in your signature :P
-
May 16th, 2003, 11:30 PM
#25
Banned
Has anybody got a password list, or know of a brute forcer that can access acounts for hotmail, will be usefull as a favour for a friend.
Thanks in advance,
Robert
-
May 16th, 2003, 11:45 PM
#26
the person could have used a recent flaw on hotmail i am afraid to put the bugtraq link though because i might be banned but i am putting it anyway http://www.securityfocus.com/archive/1/320806
-
June 1st, 2003, 09:09 PM
#27
Junior Member
My msn acount has been recently cracked, yesterday to be exact. And is really sucks. Any suggestions on what i can do, does Microsoft care at all?
-
June 2nd, 2003, 06:00 AM
#28
Junior Member
when you log into hotmail there is an option telling msn that your on a public computer
that way it wont send any info to the computer
[blur] Y R U U [/blur]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|