Worried and feeling low???????
Page 1 of 4 123 ... LastLast
Results 1 to 10 of 33

Thread: Worried and feeling low???????

  1. #1
    Junior Member
    Join Date
    Mar 2003
    Posts
    28

    Worried and feeling low???????

    Hi All,

    I have a concern. yesterday in my company while I was accessing my Yahoo! Mail account one of the associate challenged that he can access my this Yahoo! mail account using my computer and I am positivly sure that he did not knew the password.

    I logged out before handling him my machine. Now, he blocked my veiw so that i can not see all what was going on. However I am sure he pulled out the data from the computer, one of the file. And Bingo! he was IN!!!!!!!!!!

    Now I am sure he was not using this so called any hacking program. What he had was knowledge, that i do not. I just wish to know what he did!!!!!!!!!

    I want to repay him. When I do a google search I get all misleading link.

    Help guys.
    Thanks

  2. #2
    Junior Member
    Join Date
    May 2002
    Posts
    5
    Just for now... And I could be wrong and if I am please feel free to correct me...
    Didn't msn go through something with cookies a couple months back where your password was dropped into a cookie and could be decoded extreamly eaisly? or even in plain text, I forget the details behind what that was about...but maybe the same thing?

  3. #3
    Junior Member
    Join Date
    Mar 2003
    Posts
    28
    I think it was something like this. He did fetched some unreadable characters and that worked. Do you think he used my cookies and if yes, then may I know how?

  4. #4
    ********** |ceWriterguy
    Join Date
    Aug 2004
    Posts
    1,608
    It was either him decoding your cookies or he's got a keylogger on your system. I'd suspect the keylogger before the cookies actually...
    Even a broken watch is correct twice a day.

    Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!

  5. #5
    Did someone said Pizza :) FanacooL's Avatar
    Join Date
    Oct 2004
    Location
    Karachi , Pakistan
    Posts
    466
    I am sure he is running key logger on the system, and looked into the log file and got the password from there.

    You said that he blocked your site so you couldn't see what he did then how come you know that he access a file with unreadable characters. Anyways as the key loggers log every single key so obviously information in the log file might look unreadable although they all are keystrokes.
    One machine can do the work of fifty ordinary men. No machine can do the work of one extraordinary man!

  6. #6
    I would concur that he probably had a keylogger.

    but a few years ago found a few interesting things with yahoo, one of which was the ability to login to your account via the url and your hashed password (which was in the url). Lets just say i had some fun with that locally. Dont know if it was ever fixed, or changed, or what, but ya...
    Geoff

  7. #7
    This guy you were talking about was any smart or something, did he had a great grade where he worked for you to say he had "knoledge".

    Now on the one hand, he could use a easy programable(there are tutorials everywhere) keyloger that could record your key strikes. Another fact is that he could use a different keylogger this time to steal your Cookies and decode them. Or he simple got to your computer while you weren't there and backed up some Cookies.

    There are lot of posibilities, another plausible one is that someone who knew your password told him.

    Anyways, good luck choosing an verry plausible scenario
    The access to the computer or
    anything else that shows us how the
    world works must be total and
    unlimited.

  8. #8
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Funnily enough, there are no mentions here of how to remove the keylogger (if there is one). How long did he take to do it? If it took him about 20 seconds and you didn't see/hear him insert any disks, then it's probably a keylogger. So, ship yourself over to Lavasoft and download the Ad-Aware SE Personal executable to install it. Then, run it (preferably in safe mode).

    I've also become quite attached to a-squared recently, so you may find that of use as well.

    Cheers,

    -jk

    [edit] Oh, and change your password as soon as you can...
    TAZForum <---- click

  9. #9
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,743
    who needs a key logger?
    there are stand alone tools to run from cd or Jump drive to extract passwords from chached files..

    as for revenge.. foget it.. treat the demonstration as an example of security weakness... your habits..

    as J_K9 said change your password..regularly.. dont cache your passwords (clear your browser cahce)...
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  10. #10
    The Prancing Pirate
    Join Date
    Jul 2004
    Posts
    548
    Originally posted here by Und3ertak3r
    there are stand alone tools to run from cd or Jump drive to extract passwords from chached files..
    Hm...yeah, there are, but even using 350MB rainbow tables it will take at least a couple of minutes to crack the system passwords. And he would have heard something being plugged in, or a CD drive open...

    Anyway, next time, don't let the guy on your computer - he obviously knows enough to discover your password, so you just want to secure yourself a bit more and change your password every couple of weeks. And deny him physical access to your PC

    Cheers,

    -jk
    TAZForum <---- click

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •