Admin
8th April 2006, 05:49 PM
Subject: Network Security Update: Password Sniffing Busted
Following is the screenshot of a fake Yahoo Login screen fabricated by a hacker who sent me the file to steal my password:
http://www.bhavsarsamaj.com/forum/uploads/dhayfule/2006-03-29_095732_yahoo.gif
When I opened the file it struck to my mind that it seemed to be a malicious page, so opened it in front page, to view the form properties, what I saw really shocked me.
http://www.bhavsarsamaj.com/forum/uploads/dhayfule/2006-03-29_100053_yahooformtarget.gif
I found a non Yahoo ID in Action (now those who are'nt aware of HTML just simply understand that action is the target location where the values entered in the form would be transfered for processing) field. That path lead to a malicious script that mails data to an id found in the hidden fields as seen below:
http://www.bhavsarsamaj.com/forum/uploads/dhayfule/2006-03-29_100533_tovalue.gif
As seen in the above screenshot the above values predict the victim and the hacker. The action that would have been taken place is as follows:
1) First my password would have been grabbed from the text box and been sent to the link seen above for processing.
2) The subject line would contain "Password Received"
3) The victim's Email/Messenger id is provided here is dhayfule@yahoo.com (http://us.f503.mail.yahoo.com/ym/Compose?To=dhayfule@yahoo.com)
4)Then the page gets redirected to a "Page Not Found" Error
5)But in background the mail is sent to the hacker's id, which is here provided as angel4shashi@yahoo.com (http://us.f503.mail.yahoo.com/ym/Compose?To=angel4shashi@yahoo.com)
This is how users are fooled and complain that their ids are hacked.
Things to remember:
1) Never ever accept files through Messenger, it reveals ur IP Address to the opposir person.
2) Before entering passwords in the forms received in mail or through URLs, view the source for the information provided above i.e. "Action" and hidden fields.
3) Never disclose your password, to any one.
4) Never surf pronographic or any other sites that may contain illicit materials, since they are a good source for password sniffers.
5) Frequently change your passwords.
Take care while you are online. Since this is just Yahoo, hackers can try hands on your NetBanking, PayPal, EBay and other such accounts!!!
Also educate your corncerned ones with this information.
Finally, never ever try this trick on others!!!!!
Edit : Posted By Pravin Dhayfule on Bhavsarsamaj.com
Following is the screenshot of a fake Yahoo Login screen fabricated by a hacker who sent me the file to steal my password:
http://www.bhavsarsamaj.com/forum/uploads/dhayfule/2006-03-29_095732_yahoo.gif
When I opened the file it struck to my mind that it seemed to be a malicious page, so opened it in front page, to view the form properties, what I saw really shocked me.
http://www.bhavsarsamaj.com/forum/uploads/dhayfule/2006-03-29_100053_yahooformtarget.gif
I found a non Yahoo ID in Action (now those who are'nt aware of HTML just simply understand that action is the target location where the values entered in the form would be transfered for processing) field. That path lead to a malicious script that mails data to an id found in the hidden fields as seen below:
http://www.bhavsarsamaj.com/forum/uploads/dhayfule/2006-03-29_100533_tovalue.gif
As seen in the above screenshot the above values predict the victim and the hacker. The action that would have been taken place is as follows:
1) First my password would have been grabbed from the text box and been sent to the link seen above for processing.
2) The subject line would contain "Password Received"
3) The victim's Email/Messenger id is provided here is dhayfule@yahoo.com (http://us.f503.mail.yahoo.com/ym/Compose?To=dhayfule@yahoo.com)
4)Then the page gets redirected to a "Page Not Found" Error
5)But in background the mail is sent to the hacker's id, which is here provided as angel4shashi@yahoo.com (http://us.f503.mail.yahoo.com/ym/Compose?To=angel4shashi@yahoo.com)
This is how users are fooled and complain that their ids are hacked.
Things to remember:
1) Never ever accept files through Messenger, it reveals ur IP Address to the opposir person.
2) Before entering passwords in the forms received in mail or through URLs, view the source for the information provided above i.e. "Action" and hidden fields.
3) Never disclose your password, to any one.
4) Never surf pronographic or any other sites that may contain illicit materials, since they are a good source for password sniffers.
5) Frequently change your passwords.
Take care while you are online. Since this is just Yahoo, hackers can try hands on your NetBanking, PayPal, EBay and other such accounts!!!
Also educate your corncerned ones with this information.
Finally, never ever try this trick on others!!!!!
Edit : Posted By Pravin Dhayfule on Bhavsarsamaj.com