how to hack an email account with cookies stealing

[Flexy]

How to Hack Email Account with
Cookie stealing [For
Newbies]
Today I am writing about a new
topic on Techotoys - Cookie
Stealing. I observed that
cookie stealing is neglected by
some
fellow hackers (even I was one
of them). But, recently, I
discovered that cookie
stealing can be pretty handy
to hack
anEmail account. In the
following article, I have
covered basics of
how to hack an Email account
using Cookie Stealing.
How to hack Email account:
If you are a newbie and don't
know about cookie, then for
your
information, Cookie is a piece
of text stored on user
computer by
websites visited by the user.
This stored cookie is used by
webserver to identify and
authenticate the user. So, if
you steal
this cookie (which is stored in
victim browser) and inject this
stealed cookie in your
browser, you can imitate victim
identity to
webserver and enter hisEmail
account easily. This is called
Session
Hijacking. Thus, you can easily
hack Email account using such
Cookie stealing hacks.
Tools needed for Cookie
stealing attack:
Cookie stealing attack requires
two types of tools:
1. Cookie capturing tool
2. Cookie injecting/editing tool
1. Cookie capturing tool:
Suppose, you are running
your computer on a LAN. The
victim
too runs on same LAN. Then,
you can use Cookie capturing
tool
to sniff all the packets to and
from victim computer. Some of
the
packets contain cookie
information. These packets can
be decoded
using Cookie capturing tool
and you can easily obtain
cookie
information necessary to
hackEmail account. Wireshark
and HTTP
Debugger Pro softwares can
be used to capture cookies.
Update: Check out my
Wireshark tutorial for more
information
on cookie capturing tool.
2. Cookie injecting/editing tool:
Now, once you have
successfully captured your
victim cookies,
you have inject those cookies
in your browser. This job is
done
using Cookie injecting tool.
Also, in certain cases after
injection,
you need to edit cookies which
can be done by Cookie editing
tool. This cookie injection/
editing can be done using
simple Firefox
addons Add N Edit Cookies and
Greasemonkey scripts. I will
write
more on these two tools in my
future articles.
Drawbacks of Cookie Stealing:
Cookie Stealing is neglected
because it has some serious
drawbacks:
1. Cookie has an expiry time
i.e. after certain trigger cookie
expires
and you cannot use it to hijack
victim session. Cookie expiry
is
implemented in two ways:
a. By assigning specific
timestamp(helpful for us).
b. By checking for triggers like
user exiting from webbrowser.
So, in
such cases, whenever user
exits from his browser, his
cookie
expires and our captured
cookie becomes ^.
2. Cookie stealing becomes ^ in
SSL encrypted environment
i.e. for https (Secure HTTP)
links. But, most Email accounts
and
social networking sites rarely
use https unless vicitm has
manually
set https as mandatory
connection type.
3. Also, most cookies expire
once victim hits on LogOut
button. So,
you have to implement this
Cookie stealing hack while
user is
logged in. But, I think this is
not such a serious drawback
because
most of us have the habit of
checking "Remember Me". So,
very
few people actually log out of
their accounts on their PCs.
So friends, this was a short
tutorial on basics of how to
hack
Email account using Cookie
Stealing. As I have stated,
Cookie
stealing has some
disadvantages. But, I think
Cookie stealing is a
handy way to hack an Email
account. In my next articles, I
will
post detailed tutorial to hack
Facebook and Gmail accounts
using
Cookie stealing. If you have
any problem in this tutorial on
how to
hack Email account using
Cookie stealing, please
mention it in
comments.
Enjoy Cookie stealing trick to
hack Email account...