TUCoPS :: Web :: Specific Sites :: hackva~1.txt

How to Hack Valise E-Mail Accounts, by kRoNiK

***************************************************************************** 
+===========================================================================+ 
-----------------------HOW TO HACK VALISE E-MAIL ACCOUNTS-------------------- 
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 

-----------------------------------------------------------------------------
By: 
kRoNiK(MEMBER OF HACKER INTELLIGENCE SOCIETY) H.I.S 
kRoNiKs Personal Hacking Page--> http://members.tripod.com/~Kronik1/index.html
HACKER INTELLIGENCE SOCIETY MAIN PAGE--> NONE YET
-----------------------------------------------------------------------------
 
*BASICS* 
__________  

Valise is a web-based e-mail account system which is overpriced and a total rip-off. 
Hotmail is FREE and is a lot better then Valise!!!In other words Valise sucks, and 
so does it security!The internet address for Valise is http://www.valise.com. 
Now on with the file... 

*The Exploit* 
______________ 

Valise allows you to bookmark your login, now when you bookmark your login your username and password 
is not in the bookmark url. So, i have discovered that when a user doesn't log out you can get into 
thier account very easily. To get into someone's account you need this *base* url(below)  

Http://www.valise.com/cgibin/chkmsgs.cgi?n= 

That(above url) is your key, sort of like a Super User pass to access accounts that haven't been logged out. 


*Getting In Someones Account* 
________________________________ 

*Remember-You can only access accounts that haven't been logged out* 
To get in you need to know the person's account number or guess one. 
Once you get an account number or if you want to guess one(I'm gonna guess 100) 
You type http://www.valise.com/cgibin/chkmsgs.cgi?n=100 
Then your in thier e-mail account!!The account number goes after the equal sign.IT'S THAT FUCKING EAZY!I told you Valise 
security sucks shit!!! 

*Tips for Hacking accounts* 
_____________________________ 

Try guessing in order like, 100,101,102 and so on. 
Example: 
http://www.valise.com/cgibin/chkmsgs.cgi?n=100 
http://www.valise.com/cgibin/chkmsgs.cgi?n=101 
http://www.valise.com/cgibin/chkmsgs.cgi?n=102 
...and so on...  
THE URL IS CASE SENSTIVE. 
THATS IT! 
_________________________________________________________________________________________________ 

By: 
kRoNiK 

HaVe PhUn!!! 
 
_________________________________________________________________________________________________ 
*EOF*
   
 
  

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH