Jump to content


Photo

How to really hack HOTMAIL


  • Please log in to reply
21 replies to this topic

#21 Rainka_Shivani

Rainka_Shivani

    Advanced Honourable Member

  • Respected Member
  • PipPipPipPipPip
  • 3,531 posts

Posted 25 August 2007 - 03:03 PM


What a funny stuff!! tongue.gif Hacking....Hacking hotmail or some another else. You guys are running in 90's, that's you already proved here.
We can no longer have everything we want, we can be more than we imagined....!!

#22 THEgreenYOGI

THEgreenYOGI

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 02 September 2007 - 08:00 PM

Attention!!!!!! Attention!!!!!! Attention!!!!!!!


Guys! plz be aware... the following method is what we called as Social Engineering. it doesn't give any passwords to you but it will take ur own password.... Believe me... this is just a trick to get ur password by someone who had created system_server_password@hotmail.com as email address... Microsoft Corp. is not a fool to make these smaller and minor mistakes... so guy plz be aware from such methods.... Coz i also was one time victim of such method.....


QUOTE(GROUNDED @ May 2 2005, 12:50 AM) <{POST_SNAPBACK}>
I found this somewhere. I have not yet tried this and neither do I plan to try it. I don't have much knowledge in such fields. If any of you are interested then you can go ahead with your own risk. remember, this may be illegal and you are resposible for your own action.

Hotmail Hacking Update May,2005

Although many hacking methods have been published, since Microsoft recently took over Hotmail many vulnerabilities have been corrected. However a recent loophole has been discovered, exposing hotmails automated password retrieval server, acquiring a password has been possible relatively easily. The following method has not been addressed yet and poses a serious security threat to hotmail account privacy:


Step1
The hacker uses an online Email account such as those offered by Hotmail and Yahoo to send an e-mail in the adress:: <font color=#617661>system_server_password@hotmail.com</font>

Step2
In the subject field the exact phrase entered must be forgot_passw_141v2

Step3
Finally the following is added to the body of the Email:

login-mass141v2?+forgot=< "subsitute Email address of hacker here and the password will be sent here"

pass=?328=< "substitute your password here so the automated check is tricked into believing the Email is genuine"

retreive-mass141v2_pass=< "the victims Email address is substituted here"


Result
The automated service is tricked into sending the victims password to the Email address entered.


Discussion
The bots cookie based security check is circumvented and hence obviously flawed. This script based method makes it possible for relatively inexperienced hackers to retrieve passwords of hotmail accounts and is thus a security issue that must be addressed immediatly by hotmail. However, to date no action has been taken due to the relatively unkown nature of the method and script.

Disclaimer

Please note that this information is provided for educational purposes only

the usage of such information is illegal

We do not advocate unauthorized use or theft of any services






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users