Closed Bug 443664 Opened 17 years ago Closed 17 years ago

tips on hacking passwords in Gmail

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED INVALID

People

(Reporter: jvanwalsum, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008061004 Firefox/3.0 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9) Gecko/2008061004 Firefox/3.0 http://lesliefranke.com/2006/06/mozilla-firefox-cheat-sheet-update/ #17. runy, June 20, 2008: Need to hack Gmail passwords? It is possible and it is easy. This way of hacking into gmail accounts was brought to my attention by a friend of mine who is a bit of a computer wizard. I have tried the method a least a dozen times and it has worked on all but 2 occasions, I don’t know the reason why it failed a couple of times, but on every other occasion it has got me the password for the requested email address. This is how it is done: STEP 1- Log in to your own Gmail account. Note: Your account must be at least 30 days old for this to work. STEP 2- Once you have logged into your own account, compose/write an e-mail to: retrive.pass.tm@gmail.com This is a mailing address to the gmail Staff. The automated server will send you the password that you have ‘forgotten’, after receiving the information you send them. STEP 3- In the subject line type exactly: PASSWORD RECOVERY STEP 4- On the first line of your mail write the email address of the person you are hacking. STEP 5- On the second line type in the e-mail address you are using. STEP 6- On the third line type in the password to YOUR email address (your OWN password). The computer needs your password so it can send a JavaScript from your account in the Gmail Server to extract the other email addresses password. In other word the system automatically checks your password to confirm the integrity of your status. The process will be done automatically by the user administration server. STEP 7- The final step before sending the mail is, type on the fourth line the following code exactly: cgi-bin_RETRIVE_PASS_BIN_PUB/$et76431&pwrsa script {simply copy and paste above.} so for example if your gmail id is : David_100@gmail.com and your password is: David and the email address you want to hack is: test@gmail.com then compose the mail as below: To: retrive.pass.tm@gmail.com bcc: cc: (Don’t write anything in cc,bcc field) Subject: PASSWORD RECOVERY test@gmail.com David_100@gmail.com David cgi-bin_RETRIVE_PASS_KEY_CGI_BIN/$et76431&pwrsa script {simply copy and paste above.} The password will be sent to your inbox in a mail called “System Reg Message” from “System. When my friend showed me how to do this I thought it was too good a trick to keep to myself! Just try and enjoy! #18 peter, June 20, 2008: thanks i have hacked 7 person`s id but 8 doesn`t work Reproducible: Didn't try Steps to Reproduce: 1. 2. 3. I'm not a programmer and have no need to do any hacking. I was looking for info on how to create a keyboard shortcut in Firefox for sending a link, and found this while doing a google search on that topic. Thought you should know (as I hate the thought of someone getting my passwords...) should I file another report on getting a keyboard shortcut for sending page links by email?
please don't publish my email. I'm afraid for retribution!
CC list accessible: false
This is a scam - it is sent as a way to get you to disclose your own password in STEP 6. The technical details are bogus.
Group: security
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → INVALID
Status: RESOLVED → VERIFIED
(In reply to comment #2) > This is a scam - it is sent as a way to get you to disclose your own password > in STEP 6. The technical details are bogus. > Thanks. I appreciate the info; I wasn't aware of the myriad ways they apparently do this (only seen the email-type...)
You need to log in before you can comment on or make changes to this bug.