Thursday, January 10, 2008

Fetching user's credential from other site: Hacking

Any subscriber/member may get hacked in following way:

1. Open site
2. Become a member
3. Add blogs with title “”Administrator Announcement”
content may be following

Dear User,

This blog is shown to randomly accessed users. If you have got it, means you are lucky. is offering a date with Anjelina Jolie. If interested. you may enroll for the contest here.

  1. User Name

Note: This contest closes on 15th Oct. 2007



4.Now when other member logsin, he may visit above posted blog.
5.When he may get fool if he enters is username/password & submits
6.his details/session id/cookie info. /username/password will be submitted to
7.coll.aspx will get his details
8.he will be hacked

No comments: