How to hack Email account:
Tools needed for Cookie stealing attack:
Cookie stealing attack requires two types of tools:
1. Cookie capturing tool
2. Cookie injecting/editing tool
1. Cookie capturing tool:
Suppose, you are running your computer on a LAN. The victim too runs on same LAN. Then, you can use Cookie capturing tool to sniff all the packets to and from victim computer. Some of the packets contain cookie information. These packets can be decoded using Cookie capturing tool and you can easily obtain cookie information necessary to hack Email account. Wireshark and HTTP Debugger Pro softwares can be used to capture cookies.
2. Cookie injecting/editing tool:
Drawbacks of Cookie Stealing:
Cookie Stealing is neglected because it has some serious drawbacks:
1. Cookie has an expiry time i.e. after certain trigger cookie expires and you cannot use it to hijack victim session. Cookie expiry is implemented in two ways:
a. By assigning specific timestamp(helpful for us).
b. By checking for triggers like user exiting from webbrowser. So, in such cases, whenever user exits from his browser, his cookie expires and our captured cookie becomes useless.
2. Cookie stealing becomes useless in SSL encrypted environment i.e. for https (Secure HTTP) links. But, most Email accounts and social networking sites rarely use https unless vicitm has manually set https as mandatory connection type.
3. Also, most cookies expire once victim hits on LogOut button. So, you have to implement this Cookie stealing hack while user is logged in. But, I think this is not such a serious drawback because most of us have the habit of checking "Remember Me". So, very few people actually log out of their accounts on their PCs.
So friends, this was a short tutorial on basics of how to hack Email account using Cookie Stealing. As I have stated, Cookie stealing has some disadvantages. But, I think Cookie stealing is a handy way to hack an Email account. In my next articles, I will post a detailed tutorial to hack Facebook and Gmail accounts using Cookie stealing. If you have any problem in this tutorial on how to hack Email account using Cookie stealing, please mention it in comments.
![[Image: 800_adminn.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sOnQjIxstjyThYbPbBveAXGp2meu3984HSPyT8LyHholuno_hA7LWUAmIeEhcCRQjNvrgVZsI8CCuFti6eiA0u1byP8nuUvzpZrs44TLveqJ4PnWmAXDbFkII=s0-d)
Tools needed for Cookie stealing attack:
Cookie stealing attack requires two types of tools:
1. Cookie capturing tool
2. Cookie injecting/editing tool
1. Cookie capturing tool:
Suppose, you are running your computer on a LAN. The victim too runs on same LAN. Then, you can use Cookie capturing tool to sniff all the packets to and from victim computer. Some of the packets contain cookie information. These packets can be decoded using Cookie capturing tool and you can easily obtain cookie information necessary to hack Email account. Wireshark and HTTP Debugger Pro softwares can be used to capture cookies.
2. Cookie injecting/editing tool:
Drawbacks of Cookie Stealing:
Cookie Stealing is neglected because it has some serious drawbacks:
1. Cookie has an expiry time i.e. after certain trigger cookie expires and you cannot use it to hijack victim session. Cookie expiry is implemented in two ways:
a. By assigning specific timestamp(helpful for us).
b. By checking for triggers like user exiting from webbrowser. So, in such cases, whenever user exits from his browser, his cookie expires and our captured cookie becomes useless.
2. Cookie stealing becomes useless in SSL encrypted environment i.e. for https (Secure HTTP) links. But, most Email accounts and social networking sites rarely use https unless vicitm has manually set https as mandatory connection type.
3. Also, most cookies expire once victim hits on LogOut button. So, you have to implement this Cookie stealing hack while user is logged in. But, I think this is not such a serious drawback because most of us have the habit of checking "Remember Me". So, very few people actually log out of their accounts on their PCs.
So friends, this was a short tutorial on basics of how to hack Email account using Cookie Stealing. As I have stated, Cookie stealing has some disadvantages. But, I think Cookie stealing is a handy way to hack an Email account. In my next articles, I will post a detailed tutorial to hack Facebook and Gmail accounts using Cookie stealing. If you have any problem in this tutorial on how to hack Email account using Cookie stealing, please mention it in comments.
No comments:
Post a Comment