HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 12 guests and 5 members online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow HELP: Cookie stealing support(me as a victim)
Ethical Hacker Community Forums
January 07, 2009, 10:39:04 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: HELP: Cookie stealing support(me as a victim)  (Read 1465 times)
0 Members and 1 Guest are viewing this topic.
distroyer
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: December 28, 2007, 10:29:16 AM »
Hi,

I was going through a hacked community on orkut which was originaly my frnd's community, in one of the links i found a javascript which if i put in the address bar and press enter, it wld add me as a moderator of any community. Sounds interesting!! But when i suddenly thought cant that be a mis-chief made by someone?Huh? So, i searched into google and found that type of cookie hacking does exist on orkut (pasting such javascript into address bar hacks account).

The js was like:

Code:
[b]

javascript:a=document.forms[1];a.action="CommMembers.aspx?cmm=34431350&Action.addModerator&memberId=11520216688680582958";a.submit();void(0) [/b]

Now, my question is, if i clear my cookies, for how long will my cookies be sent to the attacker?? or is there any file that is stored in my computer that keeps sending my cookies to the attacker??? how do i get free from if my cookies are hacked?? OR does it send only once

Thnx!!
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 883


View Profile
« Reply #1 on: December 28, 2007, 10:36:37 AM »
Just looking at the JS code you've supplied, it doesn't appear to be sending data to anyone (except maybe the 'CommMembers.aspx' file). It appears that it's adding a moderator of a specific account ID.

You can go delete your temporary files/cookies if you're that paranoid about it.

I could also be mis-understanding your question, please clarify if that's the case.
Logged
KrisTeason
Full Member
***
Offline Offline

Posts: 117


View Profile
« Reply #2 on: December 29, 2007, 02:15:08 AM »
I'm as confused as you are man, my guess is he's asking about Session Hijacking?
Logged
proudindian
Newbie
*
Offline Offline

Posts: 32


View Profile
« Reply #3 on: December 29, 2007, 06:17:15 AM »
actually if i am not wronge,the script is for managing members or appointing moderator to any community,this is not about any cookie stealing script if i am not wronge.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.034 seconds with 23 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
How many security events including conferences and training do you attend a year:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2009 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.