Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking (http://www.go4expert.com/forums/ethical-hacking-forum/)
-   -   HELP: Cookie stealing support (http://www.go4expert.com/forums/help-cookie-stealing-support-t8020/)

distroyer 28Dec2007 21:54

HELP: Cookie stealing support
 
Hi,

I was going through a hacked community on orkut which was originaly my frnd's community, in one of the links i found a javascript which if i put in the address bar and press enter, it wld add me as a moderator of any community. Sounds interesting!! But when i suddenly thought cant that be a mis-chief made by someone????? So, i searched into google and found that type of cookie hacking does exist on orkut (pasting such javascript into address bar hacks account).

The js was like:

Code:



javascript:a=document.forms[1];a.action="CommMembers.aspx?cmm=34431350&Action.addModerator&

memberId=11520216688680582958";a.submit(); void(0)

Now, my question is, if i clear my cookies, for how long will my cookies be sent to the attacker?? or is there any file that is stored in my computer that keeps sending my cookies to the attacker??? how do i get free from if my cookies are hacked?? OR does it send only once

pradeep 29Dec2007 12:16

Re: HELP: Cookie stealing support
 
Cookies are not sent just like that, the browser has to post them, i.e. there has to be some actions from the user's side. The best safeguard against these kinds of attacks is to use NoScript plugin in firefox, I am unsure of any such plugin for Internet Explorer, try googling in case you are a IE user.


All times are GMT +5.5. The time now is 11:31.