Yahoo cookie capture exploit

[Dirty Red]

Someone recently stole the account of a friend of mine. These goons travel in packs and are regs in my room. What i have gotten so far is that a cookie exploit was used, where no cracking was necessary. ANyone got any ideas about this exploit and a possible solution? This guy poses as my friend a lot but he kind of came after me tonite. Any help would be great. thanks guys/gals

[miGs]

Quote:

Originally Posted by Dirty Red

Someone recently stole the account of a friend of mine. These goons travel in packs and are regs in my room. What i have gotten so far is that a cookie exploit was used, where no cracking was necessary. ANyone got any ideas about this exploit and a possible solution? This guy poses as my friend a lot but he kind of came after me tonite. Any help would be great. thanks guys/gals

For cookie related news, issues and articles, check this.
I think the exploit is more about decoding the cookie.

As for solution, having a clean system, make sure there are no trojans hiding in your system and have decent firewall. Avoid clicking links too.

[Dirty Red]

That site was basically useless for answering my question, but thanks anyway. Im just at a loss because if these guys are capturing my info from my cookie, changing my password isnt going to help.

[miGs]

Quote:

Originally Posted by Dirty Red

That site was basically useless for answering my question, but thanks anyway. Im just at a loss because if these guys are capturing my info from my cookie, changing my password isnt going to help.

Oh I am sorry if that didnt help.

[UnSaKreD]

Quote:

Originally Posted by Dirty Red

Someone recently stole the account of a friend of mine. These goons travel in packs and are regs in my room. What i have gotten so far is that a cookie exploit was used, where no cracking was necessary. ANyone got any ideas about this exploit and a possible solution? This guy poses as my friend a lot but he kind of came after me tonite. Any help would be great. thanks guys/gals

Interesting, having dealt alot with cookies, especially in decoding them.
I am intregued as to how your name was *stolen* from the cookie.
Considering, the password is not stored in the cookie.
Your account can be info cracked by the information that is decoded.
But you would still have to get the secret question correct.

Any more info?

[Dirty Red]

it actually wasn't my name, it was a friend of mine's, but i'm concerned because the people responsible are very unpredictable, using basically any excuse they can to wreak havoc and cause trouble. obviously Yahoo abuse reporting is automated, so theyre not going to do anything about it, but all the information i have is that the guys who did this were bragging in the room about using the cookie to gain access to the person's account. regarding the secret question(s), they also bragged that they had changed those as well. at any rate, I'm sure everything will eventually work out, but messenger services being predominantly used for advertising purposes, they may not be too quick to patch this exploit. thanks for the help, i think i have given the basic outline of the information i have.

[markking68]

it is possable that you have a keyloger on your computer like back orafice,the only way to get to your cookies is to have access to your system files, if you are useing windows xp it can't be done with a trojen.look for a file that is installing back orafice. forgot what file it it but you can get the info on it by doing a search for back orafice..don't confuse it with back office witch windows uses if you have office..
might not help but its in that area where your problem is at..btw it can be downloaded to your computer through a pcture..heres a link to check out
http://www.bo2k.com/news.shtml

[Dirty Red]

For The last time people, it isn't my name, my computer, or my account, however i need to say it. I cant get in touch with the guy it happened to right now to share all this with him, the reason i posted the topic was to be able to secure my own computer. Thanks for all the info it is helpful having new sites and learning new info, even if it isnt what i was looking for.

[Nessa]

Quote:

Originally Posted by Dirty Red

For The last time people, it isn't my name, my computer, or my account...

We get that, just that it's a habit and people always think it's the one asking the question that needs help.

Quote:

Originally Posted by Dirty Red

...i have is that the guys who did this were bragging in the room about using the cookie to gain access to the person's account. regarding the secret question(s), they also bragged that they had changed those as well...

You say it's them and accuse them and know they are bad people, so why believe every word they type? They could be lying just to brag. They could have spent several days trying to steal your friends account through cracking or some other method. Yet when they go brag they aren't going to say they tried so hard just to get one name. They will say "oh we know this magical way of using cookies and i can do this and i can do that, FEAR ME!"

Well that's all i got to say, and i'm sorry you feel this site didn't offer much help, but people honestly try their best to answer any questions posted.

[Dermot]

How do you know a cookie exploit was used?

Word of mouth?

guess?

I highly doubt it was...

However if the person lost his/her account im sure he knows by now and should have tried the Forget password option on the yahoo login page.

If they do not know their own info or it has been fully changed then its tough luck on that front.

I'm sure he can make a new id to let his friends know it has happened to him.