server monitoring
+ Reply to Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 27

Thread: How to steal someones yahoo cookies ?

  1. #1
    Join Date
    Dec 2005
    Posts
    3

    How to steal someones yahoo cookies ?

    Is there a way to steal a yahoo cookie just by sending a message to your victim e-mail ?

    And if you get a yahoo cookie from a victim , how can you login to his e-mail address ? Through what program ?

  2. #2
    Join Date
    Dec 2005
    Posts
    1

    Smile hmm

    sup i gotta few cookie grabbers but they require password lol well look i just got into that cookie shit a few days ago, ive heard of doing a cookie search and i think its hard to find too so good luck with that but i'll tell u if u do get a valid cookie to an ID heres what u can get

    cookie for anhkhongcanbiet2008:*2*456 <bot name lol
    Y=v=*&n=8tba*ud*p2u4d&l=0d7a7ed620d*84jsqqy/o&p=m2m0c*p0*2000000&r=fb&lg=us&intl=us&np=*; T=z=vrVlDBvxqlDB*7x*ZYZnV7QNDEzBjYzMjY0MzQxMTU-&a=QAE&sk=DAA2F.XZv7Xq0s&d=c2wBTXpZMEFURTBOVEV6TkRNMk5qSS0BYQFRQUUBdGlwAUVaRGswRAF6egF2clZsREJnV0 E-

    info

    ------------Decoded Information------------
    Cookie Date: 6/**/***8 *0:52:** PM
    User Name: anhkhongcanbiet2008
    Gender: Male
    Year: **86
    Age: **
    Zip Code: *2*45
    Country: United States
    Language: English - United States
    Content:English - United States
    Prompt:

    ------------Grabbed Information------------
    City/State: You don't have any cities selected for weather forecasts. Please click
    Alternate E-mail: he fare between the selected cities goes
    Aliases: anhkhongcanbiet2008 - chat_pf_*


    ------------Buddy List------------
    cobecodon_kl_7*
    cogaiyeu_donphuong
    ditimnuaconlai_84200*
    dongsong8888
    emvancodon_coanhnao
    em_o_hcm*
    hoalantrang_kephanboi
    hoang_phi_hung**8*vp
    hongphuc*57
    informationtechnology_de%06n
    kim_chi8**
    ngoisaodoingoi8*7
    ngoisaouocmo78*
    nguoichanthat*4
    nuocmatphitruong_2_4
    maimai_yeu8*85%06n
    cobekieuky_vuitinh_2005
    saobang00000%06n
    xanguoi_vangtrangkhoc*6*005
    thanh_ngoc_lan_a*k*%06n
    colautrang020*
    maiyeumainho_240*
    got that info from a cookie decoder, i dont know how to get a cookie without the pass besides searching for the cookie but thats hard as hell so i hope this helps u out

  3. #3
    Join Date
    Dec 2005
    Posts
    3
    Hy , thanks for posting that here . Well i have some cookies too . I got them from someone but he doesn't want to give me the script . So , i started to look for one and/or find something helpful on the WWW but till now , didn't found anything .


    Here is a yahoo cookie :

    [email]shaq_charon@**********[/email] - \'B=a5ls4sl*ou2gj&b=*&s=vf; Q=q*=AACAAAAAAAAAAA--&q2=Q4.Gag--; YMBM=d=&v=*; HP=*; B=aknfdsh*n*nma&b=2; Q=q*=AACAAAAAAAAAeg--&q2=Q*lEag--; F=a=O6BTyOEsvdCZXT6DSYqQKNld_o_rbz20vsm*XOFoKumLM6qCeJkKbQpuz2tr&b=EMyn; C=mg=*; CP=v=60*02&br=i&sp=; LYC=l_v=2&l_lv=*&l_l=0d*h420k_*e*e&l_l_lid=*ffs22g&l_r=dj&l_um=0_0_0_0_0; U=mt=e8c85J2MhYq*GpbVwQvnIm*CcW**MofRIj*YlQ--&ux=af2eDB&un=emetc5jg6igaa; Y=v=*&n=ciqmf24r54r7n&l=i70g_270hed/o&p=m2mvvro0**i60000&jb=*6|47|&iz=2400&r=bs&lg=us&intl=us&np=*; YMBM=d=&v=*; YGCV=d=; T=z=sMsjDBsSBkDBrfo65/4WDF2NDZOBjY2Mk5OTjI0NDI-&a=QAE&sk=DAAyQS.KHm/nvR&d=c2wBTXpFNUFURXhOVGs*T*RVek*6VS0BYQFRQUUBdGlwAVdKU0JhRAF6egFzTXNqREJnV0E-; YM.Gen=i=vaIa6Ur8iCzhU2jjLHpwZz0lUA--&v=*\'



    I need a script that can retrieve this information remotely just by sending a hidden message to the victim .

    I have the message that need to be sent by e-mail to the fvictim but i don't have the .php script to process grabb the cookie and save it to a .log or .txt file in the same path where the .php is .

  4. #4
    carlo Guest

    Ill look for you

    Ok im going to give this a shot. By the way the cookie abbove is this decoded:



    --------------------------------------------------------

    Cookie Created : 2*/**/**7* 00:57:55 GMT
    Yahoo-ID : shaq_charon
    Gender : Male
    Year Of Birth : **86
    ZipCode : 2400
    Country : Romania
    Prompt For Pass :
    Language : English - United States
    Int. Lang. & Cont. : English - United States
    Industry : Other
    -------------------------------------------------------

    Ill get back when i have something on this.

  5. #5
    Join Date
    Dec 2005
    Posts
    44

    You can use a rat

    Why dont you use a rat to steal yahoo cookies from remote computers !

    Now don't ask what this RAT means..

    Although if you want a complete process of to get into someone's account you could visit after a few days because i am currently preparing the ****** article to be inserted under my personal blog.

    If you can have access to remote computer then you could install a logger and then maybe sniff off .lst file from anywhere in the world.

    You can sniff it off through project leviathan. It is a good rat for that reason and is open source.

    [url]www.evilopinions.com[/url]

  6. #6
    Join Date
    Dec 2005
    Posts
    3

    Well " evilopinions " , we know what RAT is . It's recognized by all anti viruses.

    You can use RAT to hack someone's pc if the victim doesn't have an antivirus . RAT is preaty good . You can gain access to all the data on the PC , you have remote ability to do what ever you want on the victim pc.

    Anyway , RAT , compared with a cookie stealer is NOTHING . A cookie stealer exploit sent by e-mail is the best thing you can do to steal someones cookie sesion and then login it with it . It's not recognized by any anti-virus and also it's hidden . LOL .


    Hey CARLO , i knew about the cookie . I was logged in her e-mail address few days ago and i didn't had to decript the cookie . I logged in with the cookie : AS IT IS .

    Please let me know CARLO if you can help me with the php source code .

    Thanks .

  7. #7
    Join Date
    Dec 2005
    Posts
    1
    Is it posbile to use just java script to steal someones yahoo cookie, or make a java script that can install a key logger that is on a remote server, on victims pc ?

  8. #8
    Join Date
    Dec 2005
    Posts
    2

    Arrow



    -> Is it posbile to use javascript or any malicouse script to exploit script in yahoo body ?

    -> I need a script that can retrieve this information remotely just by sending a hidden message to the victim .

    -> I have the .php script to process grabb the cookie and save it to a .txt file and i have a decoder of yahoo cookies i can give you this if you help me.

    Please Help.

  9. #9
    Join Date
    Jan 2006
    Posts
    3

    I have the php script to steal the cookies.

    To many reports of the yahoo cookie grabber, so, yahoo ******* everything. There is another way to hack into yahoo emails but it costs something of $5,000.

    Last edited by cyanide; 03-02-2006 at 04:29 PM.

  10. #10
    Join Date
    Jul 2006
    Posts
    1

    Talking i have recent cookies how do i get in

    i have this cookie.how do i get inside the email.\;

    emai me at [email]writhbr@**********[/email]
    here are the details i have


    [email]lidia_miron@**********[/email]4/7/2006B=cn*snjd2akj*q&b=*&s=nk; CP=v=60*02&br=i&sp=; Q=q*=AACAAAAAAAAAAA--&q2=RKpEog--; F=a=uDM0_xQsvbWCXnnXmbc_670phKE*MOPQa8PwuAo7*GVLYA4JnqlCjVjCHjuE&b=dBxW; U=mt=XBAtHZ2MhYqWMzifPYtZlNda*YdVNJBsRJL8mQ--&ux=nzkqEB&un=0d6mcj*2akj4o; Y=v=*&n=0d6mcj*2akj4o&l=b8*80_c8hed/o&p=m2l0a*lb**000700&jb=**|22|&r=ga&lg=us&intl=us&np=*; PH=fn=*V06P6iRJg0CznU-; T=z=mzkqEBm55qEBfDXK.uo/o25MjJPBjYyMU80TjUzMDc-&a=QAE&sk=DAAzAckfF*pneh&d=c2wBTlRVNEFURTFOamd6T*RJME56QS0BYQFRQUUBdGlwAUlSeEE2QQF6egFtemtxRUJnV0 E-; C=mg=*; YM.Gen=i=vaIa6Ur8iCzhU2jjLHpwZz0lUHD4a*.O_7c-&v=*

  11. #11
    Join Date
    Oct 2006
    Posts
    3

    i need help!

    I need a new message , to steal yahoo cookies,because Yahoo is secure now!
    Or another posibility , about how I can steal the cookie!

  12. #12
    Join Date
    Sep 2006
    Posts
    1,649

    um

    There's no way to steal a password using a cookie.

    (Gah, sorry mike, I promised I wouldn't post in a thread like this, but this was the only new post, and I was bored)

  13. #13
    Join Date
    Sep 2005
    Posts
    2,050
    Quote Originally Posted by Moonbat
    There's no way to steal a password using a cookie.

    (Gah, sorry mike, I promised I wouldn't post in a thread like this, but this was the only new post, and I was bored)
    Well actually having a cookie is equally as powerful as having a password in most cases. Webmail services for example include hashed strings of passwords in their cookies to keep users logged in, and if you obtain someone's cookie and use it as your own, you can usually get into their account for a period of time until their session expires. You can't decrypt the cookie, but you can use it.

    And also, most websites ARE vulnerable to cookie theft (through XSS). I have found XSS bugs in major websites such as subdomains of aol.com, verizon.com, ccbill.com and others - all of which would let me steal their users' cookies if I sent them an email containing the malicious link. And cookies = accounts.

    If you remember, I found a XSS vulnerability in this website itself - all-nettools.com. I created a script which exploits the bug and steals users' cookies and puts them in a file. If you want a demo of this in action without losing your cookies to a log file, try this link (cookie is displayed only to you):

    [url]http://a5e6sf5.netfast.org/newpage2.php[/url]

    Basically, anyone who clicks that link could theoretically lose their account to me if I had logged all cookies. And this is only a forum.

    I don't want to bait the people in this thread, but I estimate it would take me less than * hours to find a similar vulnerability in a subdomain of **********. But that would be pointless.
    Last edited by Ezekiel; 10-15-2006 at 03:31 PM.

  14. #14
    Join Date
    Sep 2006
    Posts
    1,649

    but..

    Doesn't Yahoo use MD5? I admit it can be broken, but takes a pretty powerful computer, lots of time, and is probably not going be be cracked by a skidde or a one shot hacker

  15. #15
    Join Date
    Sep 2005
    Posts
    2,050
    Quote Originally Posted by Moonbat
    Doesn't Yahoo use MD5? I admit it can be broken, but takes a pretty powerful computer, lots of time, and is probably not going be be cracked by a skidde or a one shot hacker
    Yes as a general rule, one way password hashes can not be reversed.

    But what I was saying is you don't even NEED the plaintext password - simply having the cookie and using it in your browser will log you in to the service because the hash is what they use to authenticate you.

+ Reply to Thread

Similar Threads

  1. How to steal someones msn cookie.
    By carlo in forum Internet Privacy
    Replies: 22
    Last Post: 02-14-2009, 06:19 AM
  2. Help! My roommate is trying to steal my identity!
    By millercandy70 in forum Internet Privacy
    Replies: 1
    Last Post: 01-25-2009, 10:00 AM
  3. Finding out Someones Yahoo ZipCode
    By ToksiQ in forum Internet Privacy
    Replies: 1
    Last Post: 01-17-2008, 06:15 PM
  4. Steal a yahoo cookie ?
    By letsgorun in forum Internet Privacy
    Replies: 1
    Last Post: 12-25-2005, 06:12 AM
  5. How to steal games account
    By franck_888 in forum Internet Privacy
    Replies: 1
    Last Post: 11-05-2005, 03:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts