Help Mr. Wizard!
Results 1 to 10 of 10

Thread: Help Mr. Wizard!

  1. #1
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675

    Question Help Mr. Wizard!

    I don’t whether or not you have encountered this, but it lit me up pretty good when I came across this way to access my AO Account from Google. So by all means educate me my knowledgeable friends since I'm in need of learning.

    I was using Win98se and Firefox (the latest version of 0.9.3) through my home network which looks like: 98se w/sygate> wireless router (nat)> dsl modem > internet. I logged on to my AO Account normally, and was viewing this thread:

    http://www.antionline.com/showthread...hreadid=260726

    I’m somewhat familiar with snort, so I was curious as to what the member’s question really was. To get all the info I could on “abort_invalid_hex” I could have reached over to the bookcase but what the heck, I’m online. I opened another Firefox Browser and in Google I entered “abort_invalid_hex”. Much to my surprise the very first entry was:

    AntiOnline – Maximum Security for a Connected World
    Last Reply By: nothingelse Thread Is In: AntiVirus Discussions | Total Replies: 3
    The AntiPoint Status Of This Thread Is Currently: even abort_invalid_hex ??? ...
    anticode.antionline.com/ - 71k - Aug 6, 2004 - Cached - Similar pages

    Got any ideas as to what happened when I clicked on it? It opened my freaking account and I was logged on through Google. Complete access to the account!

    I would suppose that there is a reasonable explanation, however since I couldn’t believe my eyes, I tried it again. Bingo, complete access again. I even looked at my PMs

    Well curiosity was killing me so I tried it again by keeping the original Firefox Browser opened and used Slim Browser as the second. Bingo, complete access again.

    First of all how is this possible?

    And second, isn’t it possible that if someone was conducting a search with Google on the exact same topic, at the same time, wouldn’t their results be the same and access to the account be possible?

    I read MsMittens thread: Google is watching you
    http://www.antionline.com/showthread...hreadid=260700

    Is this related?


    Help Mr. Wizard!

    Tressel, trassel, trussel, trome, time for this one come home.
    Connection refused, try again later.

  2. #2
    BANNED
    Join Date
    Nov 2003
    Location
    San Diego
    Posts
    724
    Try logging out and doing it again.
    When death sleeps it dreams of you...

  3. #3
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,696
    Cookies. Dumbass.
    Real security doesn't come with an installer.

  4. #4
    Senior Member
    Join Date
    Mar 2004
    Posts
    111
    Cookies. Dumbass.
    Wow, not needed.
    NORML

    Signature image is too tall!

  5. #5
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Cookies. Dumbass.
    Thanks for the positive and informative post.

    Cookies could be the answer, but how is the thread posted on Google by accessing the AO cookies that could be on the computer?
    Connection refused, try again later.

  6. #6
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    Cookies were created to maintain user information and to customize Web sites. In many cases, they make it easier to navigate and use the Internet. For instance, upon your first visit to a site you are often asked to register by giving your name and a password for access to that site. The site will then place a cookie on your hard drive, which contains that information. When you return to that site, the cookie is retrieved and read and the web site “recognizes” you as an authorized guest. This means that you only have to register once, instead of having to enter information every time you access the site.

    This was taken from here.

    Even though you were usign a different browser other than the one you used to log into AO with all cookies are stored in the same place so when you opened a new browser or even same one it check for a recent cookie of the site and found that you had one and that you had identified with the account you were using.


    Sorry if I lack the technical terms but I hope you get the idea.

  7. #7
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Thanks for the info, however:

    Only the site that created the cookie can read it.
    http://www.compukiss.com/sandyclassr...article816.htm

    cheers
    Connection refused, try again later.

  8. #8
    BANNED
    Join Date
    Nov 2003
    Location
    San Diego
    Posts
    724
    Did you log out and try to do it again like I said?
    When death sleeps it dreams of you...

  9. #9
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    AntiOnline – Maximum Security for a Connected World
    Last Reply By: nothingelse Thread Is In: AntiVirus Discussions | Total Replies: 3
    The AntiPoint Status Of This Thread Is Currently: even abort_invalid_hex ??? ...
    anticode.antionline.com/ - 71k - Aug 6, 2004 - Cached - Similar pages

    This is all the information in which you saw on google which is able to be seen by all. When you clicked on the link you made a request to view the page. The request was made not to google (which only supplied the hyperlink) but to AO itself which in turn read from the cookie, reconized you, and viewed the page from your account.

  10. #10
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Socialist

    Hey thanks. Thats the answer I was looking for! I wasn't sure about that process.
    All the more reason to disable cookies.


    muert0,

    I did several times. Thanks for the thought though.

    cheers
    Connection refused, try again later.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •