|
***************************************************************************** +===========================================================================+ -----------------------HOW TO HACK VALISE E-MAIL ACCOUNTS-------------------- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ----------------------------------------------------------------------------- By: kRoNiK(MEMBER OF HACKER INTELLIGENCE SOCIETY) H.I.S kRoNiKs Personal Hacking Page--> http://members.tripod.com/~Kronik1/index.html HACKER INTELLIGENCE SOCIETY MAIN PAGE--> NONE YET ----------------------------------------------------------------------------- *BASICS* __________ Valise is a web-based e-mail account system which is overpriced and a total rip-off. Hotmail is FREE and is a lot better then Valise!!!In other words Valise sucks, and so does it security!The internet address for Valise is http://www.valise.com. Now on with the file... *The Exploit* ______________ Valise allows you to bookmark your login, now when you bookmark your login your username and password is not in the bookmark url. So, i have discovered that when a user doesn't log out you can get into thier account very easily. To get into someone's account you need this *base* url(below) Http://www.valise.com/cgibin/chkmsgs.cgi?n= That(above url) is your key, sort of like a Super User pass to access accounts that haven't been logged out. *Getting In Someones Account* ________________________________ *Remember-You can only access accounts that haven't been logged out* To get in you need to know the person's account number or guess one. Once you get an account number or if you want to guess one(I'm gonna guess 100) You type http://www.valise.com/cgibin/chkmsgs.cgi?n=100 Then your in thier e-mail account!!The account number goes after the equal sign.IT'S THAT FUCKING EAZY!I told you Valise security sucks shit!!! *Tips for Hacking accounts* _____________________________ Try guessing in order like, 100,101,102 and so on. Example: http://www.valise.com/cgibin/chkmsgs.cgi?n=100 http://www.valise.com/cgibin/chkmsgs.cgi?n=101 http://www.valise.com/cgibin/chkmsgs.cgi?n=102 ...and so on... THE URL IS CASE SENSTIVE. THATS IT! _________________________________________________________________________________________________ By: kRoNiK HaVe PhUn!!! _________________________________________________________________________________________________ *EOF*