Email Hacking
Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Email Hacking

  1. #1
    Banned
    Join Date
    Aug 2011
    Location
    Folsom
    Posts
    10

    Email Hacking

    Is there anyway people can hack gmail , hotmail or other mail services easily?

  2. #2
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    Most sites, failbook, snotmail, etc.....have a password recovery system. If you know the person at a "stalking" level you would be able to compromise their accounts.

    "Come witness the failure in the system!!".
    Every now and then, one of you won't annoy me.

  3. #3
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by joshuatim View Post
    Is there anyway people can hack gmail , hotmail or other mail services easily?
    Yes.
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    I would say no, not these days. If you look at people who claim to have had their accounts "hacked" it wasn't really hacking as such, more like stupidity on their part (Sara Palin anyone? )

    bludgeon has mentioned one of the most common exploits to "compromise" an e-mail account. Always lie when filling in the password recovery data

    Others are:

    1. Lack of physical security............never store login credentials where your kid brother can access your machine.

    2. Always logout properly, and clear the internet cache if you are using a machine to which others have access. You don't want to leave an open session for someone else do you?

    3. Watch out for insecure public hotspots, your traffic might be sniffed.

    I would only rate #3 as close to hacking, and it is probably the least likely.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    Social engineering is quite common. Many people use the same password for everything.
    Discover one for an unimportant account and gain access to all of that person's other accounts.

  6. #6
    Senior Member
    Join Date
    Jul 2002
    Posts
    744
    Yes social enginuity...like starting an sms convo for the sole purpose of obtaining a victims IP addie.


    Every now and then, one of you won't annoy me.

  7. #7
    @ŽΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,689
    Yahoo still has a few web APIs that allow for account brute forcing.
    Real security doesn't come with an installer.

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,191
    Yahoo still has a few web APIs that allow for account brute forcing.
    That I find surprising in this day and age, as it isn't that difficult to implement a three strike rule.

    I suppose the mitigation is that each trial takes so long that a brute force attack against a reasonably long and strong password would be far too time consuming?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    @ŽΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,689
    Quote Originally Posted by nihil View Post
    That I find surprising in this day and age, as it isn't that difficult to implement a three strike rule.

    I suppose the mitigation is that each trial takes so long that a brute force attack against a reasonably long and strong password would be far too time consuming?
    Nope.

    They're not "public" APIs, they're corporate sites that use Yahoo hosted email. The caveat is that you can also use them to access any email Yahoo hosts.
    Real security doesn't come with an installer.

  10. #10
    Senior Member Cope57's Avatar
    Join Date
    Nov 2003
    Posts
    186
    Quote Originally Posted by joshuatim View Post
    Is there anyway people can hack gmail , hotmail or other mail services easily?
    Yes, and it is mostly due to user error. One would use the same password for everything, and would let friends log into their computers.

    I would suggest a simple pattern of ten characters long or more consisting of two lower case letters, two upper case letters, two numbers, and two special characters. Something like this: 8p-mt+hXZT, and also change it occasionally, maybe every six months.

    I have 39 passwords, a different one for each website I visit, which I change frequently as 6 months, but it depends on the information for the specific site.

    I save the passwords on a .odt file which requires a password, and I keep that in an encrypted directory. Paranoid maybe, but I know it is safer than many.


    Edit: Were you asking how to hack, or just asking in general of the security of the email websites?
    Last edited by Cope57; August 23rd, 2011 at 07:30 AM.
    Computers do not have problems, they have users.
    ~Cope57

Similar Threads

  1. HowTo Interpret Email Headers
    By ShagDevil in forum Other Tutorials Forum
    Replies: 0
    Last Post: June 13th, 2004, 05:46 PM
  2. Chapter 2 - Newbie Questions Answered
    By uraloony in forum The Security Tutorials Forum
    Replies: 6
    Last Post: December 24th, 2003, 01:41 AM
  3. How to read email header
    By rajat in forum Roll Call
    Replies: 0
    Last Post: February 20th, 2002, 04:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides