For everyone out there that keeps commenting on “How To Hack Gmail, Hotmail, Yahoo, etc etc” (MOM), here’s a great article on hacking into a gmail account WITHOUT using fake login screens or any of that pesky hard work. TG Daily has this great article, “Point and click Gmail hacking at Black Hat” that gives you a peek into the latest and greatest way to get into someone else’s email account.
Here’s an excerpt:
[…] The attack is actually quite simple. First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser – in easy point-and-click fashion – with a home-grown tool called Hamster.
[…] But if that wasn’t scary enough, Graham told us that he can even log in the next day or possibly several days later into the Gmail account. “I can just copy the data to a file and replay it later. I’ve been able to log into Gmail accounts one day later,” said Graham.
Since the attack relies on sniffing traffic, using SSL or some type of encryption (like a VPN tunnel) would stop Graham in his tracks. However, many people browsing at public wireless hotspots don’t use such protections.
“You’re an idiot if you use T-Mobile hotspot,” said Graham.
I personally love the last comment there from Graham… just sayin.
One last note, read the friggin article. CLICK THE SOURCE – PLZ kthx.
There, let’s hug it out bitches!!!