|
-
February 13th, 2006, 01:03 PM
#11
Sounds like "session hijacking". My understanding's somewhat limited never having tried it, but the idea is to trick the session state mechanism used by Yahoo via cookies. There's a book called "Web Attacks" that has a whole chapter on it. Or you might google it.
What you need to do is to clear out all your cookies, login to Yahoo mail, and then sign in using SSL. See if he's then able to pull the same trick.
If you use webmail, and I do, you should always be logging in via some secure mechanism or option. In Yahoo, you'll see a "Submits over SSL" link right below the sign in button. Log in via that link. In Hotmail, you'll see "Sign in using enhanced security" in their login box. I don't know about Gmail, haven't used their system. Webmail has some glaring security weakness, primarily cookies and also passwords being sent in the clear. It's not unusual to see passwords in packets that sniffers like Ethereal pick up.
Let me know if your associate is able to pull the same stunt when you've logged in securely. I'm curious to know the results. Thnx.
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
February 13th, 2006, 01:06 PM
#12
A small clarification:
Paragraph 2: "What you need to do is to clear out all your cookies, login to Yahoo mail, and then sign in using SSL." should read, "What you need to do is to clear out all your cookies, then login to Yahoo mail using SSL."
--sigh--
I'll never make it as an editor...
“Everybody is ignorant, only on different subjects.” — Will Rogers
-
February 13th, 2006, 01:13 PM
#13
I'll never make it as an editor...
Not if you don't use the "edit" button.
-
February 13th, 2006, 06:09 PM
#14
Since we are on the topic of keyloggers...
Just for fun, look at the back of your machine for any hardware based keyloggers.
To see what one looks like, go to google, click on the 'Images' link
and type in Hardware Keylogger. That will show you pictures of one of the more
commonly used types.
errr... while highly doubtful, there is always the possibility that IF a hardware keylogger
was used, it was built into the keyboard itself.... but as I mentioned... doubtful. That
would cost quite a bit more $$$ and is seen more-so in government related environments.... and even then, not that often.
Pics of both: http://greenroom.nochex.com/showthread.php?t=3756
*If you did find one by chance, I'd take it/hide it and see how odd the guy acts when he finds it missing. LOL*
%42%75%75%75%75%72%70%21%00
-
February 13th, 2006, 07:22 PM
#15
You dont by chance use yahoo messenger do you? I think you can go straight to your inbox from a link in the app if messenger is logged in. Just a thought.
\"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"
-HST
-
February 13th, 2006, 07:30 PM
#16
I don't mean to be untechy like, but IMHO it seems to me that it was like a stunt you just pull out of the bag. This to me does imply knowledge of how to get past the system.
If I wanted to pull out a parlour trick it would be something that I knew, I would not go to the trouble of setting up keyloggers and the like to prove a point (unless this guy really had no self esteme what so ever).
I think more or clearer information on what was seen is needed.
However I am sure he pulled out the data from the computer, one of the file. And Bingo! he was IN!!!!!!!!!!
Unfortunately does not really say what happened. Did he physically insert something into the computer, or do you mean that he looked through the files on your computer?
I think BrokenCrow is much more on the right track, though, I don't know too much about hacking computers as I'm sure you guys have figured out, but I know a little about hacking the mind.
Jonny UberFrond
Sarcasm is a way of life 
-
February 13th, 2006, 09:27 PM
#17
Greeting's
Almost everyone has given their 0.02 $ but the fact remains that no one COULD concluded and if you want a definite answer you need to go beyond the amount of information you have provided. I'm sure everyone who has replied to this thread will come down to an unanimous conclusion if you provide some information.
i think following might help.
1. Are you the owner and the only user of the computer ? (what i mean is do you only use it or does he have access to it. If he does have access what is the user level of access that he has)
2. Do you use any kind of password storing application or do you even use IE AUTOCOMPLETE feature
3. Did you clear your cache file after logging off ?
Now if he's using a old version of some free key logger THAT DOES NOT ENCRYPT THE FILE WHERE IT STORE ALL THE KEY STROKE's then following is a fool proof way of getting the file :
type some long paraphrase like (just an e.g.) :
open notepad type : qscfthnjil.;[1234567890
write it down on a paper
close the file but **DON'T SAVE IT**
Reboot your PC
open search and then write the same phrase in the : A WORD OR PHRASE IN THE FILE.
make sure you search all the drive's and all file's
if there is a key logger you will surely find it and your yahoo password in it.
BUT IF THE KEY LOGGER ENCRYPTS THE FILE THIS METHOD WILL NOT WORK then simply download a good spyware cleaner like SPYBOT OR ADAWARE AND update the def files and let it do the rest
Apart from this there is possibility of cookie editing if he did that with a software then there is a possibility that it might show up in start menu (if you USE XP)
Beyond this why don't you scan your system for any malware, empty your cache (if you use autocomplete delete all form data in that) and then log in (if you use IE check the option of not storing encrypted web page's on the disk, then log-in in front of him. LOG-out and delete all cache files (use a program like ccleaner [www.ccleaner] if you want) then ask him to log-in to your account.
oh yes I'm sure i don't need to say this but before you do the above step change your password (keep it complex and NOTHING RELATED TO YOU and/or your LIFE)
If your last password was something that you liked, someone's birth date or anything that the other person might have known then he simply social eng. you
for the last part where you want to repay him my suggestion is that you find answer to how he cracked into your account first rather then going out to crack into his account. GOOGLE WILL NEVER GIVE YOU A CORRECT LINK OR SOFTWARE TO HACK INTO YaHOO OR MSN. NOBODY KEEPS A FILE WHERE YOU ENTER SOMEONE"S EMAIL ADDRESS AND YOU GET HIS PASSWORD
Also if you have fallen for a hoax of sending an email to some ID with your password and the email of the person who's password you want then you might not want to do that again and change your password again.
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD* 
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
February 13th, 2006, 09:42 PM
#18
any chance he just used the history file?
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
February 13th, 2006, 11:20 PM
#19
Junior Member
Hi Guys.
Looks like you are right. in saying that he used my cookies. And yes that took somewhere around 1 minutes to do the needful. Now as for a kelogger I am sure there is none in my system. I have run a complete scan of my system of my system using the Ad ware downloaded from Lavasoft. Still nothing. Now I have cleared my cookies. And will never let him touch my system. But why and how this happen. i really need to get and know what was that he did with my cookies. Any Help!
Thanks
-
February 13th, 2006, 11:25 PM
#20
This has seemed real suspicious for the starting to me so I'm going to ask you, why must you know how he did it? You seem to be asking for a step-by-step procedure on how he got your password and logged into your account.
WARNING: THIS SIGNATURE IS SHAREWARE PLEASE REGISTER THIS SIGNATURE BY SENDING ME MONEY TO SEE THE COMPLETE SIGNATURE!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
