Wednesday, November 17, 2010

HTTP SESSION HIJACKING (Cookie Stealing)

When you log in to your account at a website, your web browser sends your username and password to the website server. The password is first encrypted and then send over the network. Then the server checks the username and password against the database and if they both match then sends to the user's browser a "cookie" (a text which the browser uses for further requests to the web server) but unlike the password the cookies are not encrypted and are sent as it is over the network, this cookies can be easily captured as they travel through the network or a busy WI-FI. The newly released Firefox extension "FIRESHEEP" makes it more easy. Actually so easy that even a total nube can capture this cookies.
for more information and to download firesheep visit here FIRESHEEP

Tuesday, November 16, 2010

HACKING GMAIL AND FACEBOOK ACCOUNTS USING GMAIL SECURITY QUESTION


I like to check the password retrieval option of different sites and when i was checking out Gmail's option i found and interesting thing. Its not something ingenious or new thing but thought of sharing the observation with everybody so please forgive me if it seemed to you a time waste.
So first lets take a look at the Gmail's password retrieval option.
So when you click on the 'forgot password' option and provide the email id, in Gmail it gives you three password reseting options.
 
© 2009 BASIC HACK AND TECH FOR BEGINNERS. All Rights Reserved | Powered by Blogger
Design by psdvibe | Bloggerized By LawnyDesigns