I found this somewhere. I have not yet tried this and neither do I plan to try it. I don't have much knowledge in such fields. If any of you are interested then you can go ahead with your own risk. remember, this may be illegal and you are resposible for your own action.Hotmail Hacking Update May,2005
Although many hacking methods have been published, since Microsoft recently took over Hotmail many vulnerabilities have been corrected. However a recent loophole has been discovered, exposing hotmails automated password retrieval server, acquiring a password has been possible relatively easily. The following method has not been addressed yet and poses a serious security threat to hotmail account privacy:
Step1
The hacker uses an online Email account such as those offered by Hotmail and Yahoo to send an e-mail in the adress::
system_server_password@hotmail.comStep2
In the subject field the exact phrase entered must be forgot_passw_141v2
Step3
Finally the following is added to the body of the Email:
login-mass141v2?+forgot=< "subsitute Email address of hacker here and the password will be sent here"
pass=?328=< "substitute your password here so the automated check is tricked into believing the Email is genuine"
retreive-mass141v2_pass=< "the victims Email address is substituted here"
Result
The automated service is tricked into sending the victims password to the Email address entered.
Discussion
The bots cookie based security check is circumvented and hence obviously flawed. This script based method makes it possible for relatively inexperienced hackers to retrieve passwords of hotmail accounts and is thus a security issue that must be addressed immediatly by hotmail. However, to date no action has been taken due to the relatively unkown nature of the method and script.
Disclaimer
Please note that this information is provided for educational purposes only
the usage of such information is illegal
We do not advocate unauthorized use or theft of any services