|
_|_|_| _| _| _| _| _| _| _| _|_|_| _| _|_|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_| _| _|_|_| _| _| _| _| _|_|_| _|_|_| _| _|_| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _| _|_|_| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _|_|_| _| _| _|_|_| _|_|_| _|_|_| _|_|_| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_| _| _|_| _|_|_| _| _| _| _| _| _| _| _| _| _| _|_|_| _|_|_| _|_|_| _|_|_| http://www.pheces.org Another one bites the crust öööööööööööööööööööööööööööööööö Title: |||| "Hacking" Hotmail |||| Date: April 30, 1998 {Rev. 2, 11-19-98) Author: rootwurm öööööööööööööööööööööööööööööööö ***YAAAAAAAAAAWWWWWWWWWWWWWWWWWWWNNNNNNNNNNNNNNNN*** they've fixed it. this text is obsolete. quit reading it. i don't know another way (yet). don't email me about hotmail. thanks :-) [][][][][][][][][][][][][][][][][][][][][][][][] THE MOST IMPORTANT THING TO REMEMBER IS THIS: Please verify that the following information is correct BEFORE emailing me and telling me you can't get it to work. *!*! YOU MUST HAVE THE SAME IP ADDRESS AS THE PERSON YOU WANT TO HACK!! *!*! *!*! THE PERSON MUST EITHER STILL BE LOGGED IN, OR LEFT WITHOUT LOGGING OUT *!*! [][][][][][][][][][][][][][][][][][][][][][][][] Now, lemme 'splain what i mean... An IP address is just a numerical identification for any computer on the internet. Everyone has one though it's not always unique. If you don't have a basic understanding of how the net works, you don't deserve to hack anyway, but some of us need motivation to learn, so i'll let you read this anyway :-P Most intranets that allow internet access do this either through a proxy server, or some form of 'all-in-one' net access. for instance, at my school we have 7 fiber optic T1 lines that allow access to the internet from different workstations in the district. whenever someone at my school logs onto the internet, they get the ip address of 170.182.110.169 Anytime anyone at my school logs into their hotmail account, they leave themselves wide open. The other circumstance that must be met is that they must either be still logged into their hotmail account, or they must have less than 10 minutes of idle time. Hotmail automatically logs people out who have not done anything for 10 minutes (this makes the hack a bit more difficult, and i think the 10 minute limit was done for this reason) Ok, lets say all circumstances are met and you see that hackmyaccount@hotmail.com is logged in next to you on an intranet computer. You know they have the same ip address, and they're sending a letter to their grandma telling her that the opiate shipment is here from florida so you know they're still active. simply goto the url: http://www.hotmail.com/cgi-bin//start/hackmyaccount that's it, other methods are explained below, but i think people just wanted a program that would automagically hack someone's account. get real. there are plenty of methods of hacking hotmail, i just don't have time to explain them to dumbasses who are too lame to even read the fact that you have to have the same ip address and they have to be logged in. i apologize if i've offended you, but please, think twice before you go off being a complete moron and making yourself look bad. if you've emailed me saying 'this doesn't work' only to find out you didn't read everything then please, do me a favor (Now, this may be a new concept for you, and it may be painful at first, but lots of people do it everyday and i hear it's quite enjoyable.) just THINK about shit for a second. I know, i know, i'm asking too much, but please...if ignorance was painful, 80% of the population would live on valium. (not that i'm a genius, but at least i can tie my own shoes) quoth the rootwurm, nevermore. ++++++++++++++++The old text++++++++++++++++ Hotmail is a very great thing. And i kinda dislike telling people how to hack such a great system, but hey, we're the flammable pheces. (nuff said :-) as you know, when you try to login to hotmail with a username, it doesn't check to see if it exsists or not. if you want to know whether or not a username really exsists, then just goto http://www.hotmail.com/cgi-bin//start/theirusername/. if the username exsists, then it will say "Logged out, try loggin back in" but if it doesn't, it will give you some weird server error. now for the hack- in order for this to work, two things must happen. 1. The user must be logged in. 2. You must have the same IP address as them. there is no getting around this, sorry. let me lay down a scenerio for you, so you can get an idea when this might be useful. You're sitting in class, browsing the net. You're on a schoolwide network that lets you get on the net. the person next to you is reading their hotmail, and you can see that their usename is ilovetohunt@hotmail.com. now is your chance to load up the same page they're looking at to read their mail, delete their mail, etc. here's the easy way: just look at their username and goto: http://www.hotmail.com/cgi-bin//start/theirusername/ where "theirusername" is their username (how about THAT logic, huh!) or goto www.hotmail.com and login with YOUR account as usual. right click in the main frame (the one that says "you have 0 new messages in your INBOX" and add it to your bookmarks (this is only temporary). then click LogOut. It will ask you if you want to login as another user, and you do. put their login name (in the example above, their login name is ilovetohunt, not ilovetohunt@hotmail.com) and press login. now it asks you for a password, just click the ENTER button and it will say "sorry invalid username/password combination." the ip address in the top should be something like this: http://207.82.250.251/cgi-bin//start/ilovetohunt/207.82.250.174_d103 now, the thing that interests us is the numbers right after their username (e.g. 207.82.250.174_d103) now just goto the bookmark you just set. replace your username with their username, and replace the DISK=number with their number. before: http://207.82.250.251/cgi-bin/welcome?disk=202.83.260.175_d48&login=struct99&f=1411&curmbox=ACTIVE&noad=1 after: http://207.82.250.251/cgi-bin/welcome?disk=207.82.250.174_d103&login=ilovetohunt&f=1411&curmbox=ACTIVE&noad=1 now hit enter, and you will see their page. you can now browse their folders, read any of their mail, and delete anything you wish (don't delete their shit, though...it's not nice) ======How it works====== when a person logs into hotmail, it grabs their page from a different server and posts it so they can see it. it also puts on there something like "don't show this to anybody unless they are from the same ip" after the person logs out, it puts the page back on that server which can only be retrieved by a password (their hotmail password) when you goto http://www.hotmail.com/cgi-bin/start/theirusername/ or http://207.82.250.251/cgi-bin/welcome?disk=207.82.250.174_d103&login=ilovetohunt&f=1411&curmbox=ACTIVE&noad=1 while they're logged on, you're just retrieveing the page because it's now open to the "public" if you have the same ip address as them. that's it, if you have any questions, pray. if that fails, email me (rootwurm@pheces.org) later, rootwurm (rootwurm@pheces.org) (((((((((((((((((((((((((((((((((((((((((((((#yep)))))))))))))))))))))))))))))))))))))))))))))