|
Various Methods Of Hacking Hotmail - By Rishabh Šara
Rishabh Šara
r_dara@hotmail.com
www.rishabhdara.com
In this tutorial I am going to discuss the various ways of getting past
the hotmail security systems.
1)Brute Forcing
This method is extremely tedious, time consuming and useless. A Brute
Forcing software tries to gain acsess to an account by the "hit and try"
method. It has a dictionary list of (supposedly all) possible passwords
and it tries all those passwords for that one username. A good Brute
Forcer is the Munga Bunga's HTTP Brute Forcer
(http://www.rishabhdara.com/tools/password/bruteforcers/)
2)Fake Login screen
The victim can be fooled into typing his password into a fake login screen
which looks similar to that of the actual hotmail login screen. Once he
types in his login & password and clicks on sign-in, his details are
mailed to your specified email address.
(http://www.rishabhdara.com/fakeloginscreen.htm)
(http://www.rishabhdara.com/computersecurity/Fake Hotmail Login Screen.zip)
3)Java Scripting & Cookies
Web Programmers tend to use relatively easy webbased languages at the
expence of security (cross-scripting). These can be exploited ...
(http://eyeonsecurity.net//papers/passport.htm)
4)Keyloggers & Similar Trojans
Send him a keylogger which notes down all his keystrokes and then mails
them to you. If he ever signs in into his hotmail account, his username
and password will be sent to you.
(http://www.rishabhdara.com/tools/utilities/keylogger/)
(http://www.astalavista.com/library/misc/hotmail/hack.shtml)
5)Hotmail Message Scanner
Some bright empiricist from Root-Core has discovered that anyone can log
into their Hotmail account and then call messages from any other Hotmail
account by crafting a URL with the second account's username and a valid
message number.
(http://www.astalavista.com/hacking/password/hotmail1.shtml)
6)Verfication Auto Bot
This method is probably the lamest, least known but also the most
sucessful method of hacking hotmail. For this i created a email address
verificationautobot@hotmail.com . Then i added a page on my website ie.
http://www.rishabhdara.com/computersecurity/hotmail.htm which had the
following message ...
*************************BEGIN********************************************************
By continuing on down this letter you agree that Hack_Attack69 will not be
held responsible for any misuse of information within these pages. This
letter is purely for educational use. If your intentions are similar
proceed but if not you will be held responsible for your own mistakes.
Hello Hotmail users. There have been many attempts to hack hotmail.com.
Unfortunately all of them have failed, EXCEPT this one. I though have
found out a revolutionary way to hack hotmail. And might I add it's as
easy as ABC. After 8 months of research we have found the broken link.
VerificationAutoBot to be exact. VerificationAutoBot@hotmail.com is a bot,
an auto bot. You send it a letter and within a week it will send you one
back. The ULTIMATE hack for hotmail is as follows:
First send a letter to verificationautobot@hotmail.com, second within the
Subject heading place the word "Password" (not in quotes but has to have a
capital P) this way the automated bot recognizes what you are after. Then
in the text field place the name of the person at hotmail that you want to
hack (Do not put @hotmail.com after their name). No capital letters are to
be put in this place. Then skip three (3) lines and place your own hotmail
account information such as: "My login:My password" (a semicolon makes it
easier for the bot to recognize). This way the bot can verify that your
account actually exists. And then supplies you with the password for the
person's account that you want it for. Here is an example:
--------------------------------------------------------------------------------
To: verificationautobot@hotmail.com
bcc:
cc:
Subject: Password
login of the person you want to hack
yourlogin:yourpassword
--------------------------------------------------------------------------------
This IS the only way to hack hotmail. Use it with care.
Thank You Hack_Attack69
*************************END********************************************************
People ... being extremely vulnerable, fell for my trick. Now i recieve
700-800 new emails everyday on verficationautobot@hotmail.com . LOL ;)
Ps: You need to use a similar method and fool others into doing the above
and mailing their passwords to you.
7)Confirmation of Activation
For this one needs to know how to send anonymous emails. Good anonymous
mailers can be downloaded at http://www.rishabhdara.com/tools/utilities/email/
. Then You need to create a hotmail account which sounds similar to
confiramtionofactivation@hotmail.com or re_confirmation@hotmail.com. Then
send a email from "Hotmail Member Services" <staff@hotmail.com> to your
victim with the following message ...
*************************BEGIN********************************************************
Dear Hotmail® User,
The MSN Hotmail servers are currently under heavy stress due to
unproportional usage of our email services. Thus The Hotmail Staff has
decided to reduce the number of Hotmail accounts by a huge margin to
regain its potential.
All accounts which are currently not under use shall be removed
permanently from our web servers. If you wish to retain your Hotmail
account kindly send an email to confirmationofactivation@hotmail.com with
the subject as "CONFIRMATION" and the message body containing the
following details seperated by colons(;)
Login ; Password ; Date of Birth ; Country
Accounts not confirmed shall be rendered terminated. MSN Hotmail®
sincerely regrets the inconvenience caused to its clients.
The Hotmail Staff
*************************END********************************************************
This procedure almost "never" fails. Your victim is surely going to reply
back with his password.
Credits|
Rishabh Šara
r_dara@hotmail.com
http://www.rishabhdara.com
Discalimer | The contents of this tutorial should be used for educational
purposes only and any misuse of information is none of my buisness ;)
BY Rishabh Ðara
|