2002-06-22, 00:13
#1
:arrow: Nu orkar jag inte höra alla newbies som frågar hela tiden hur man hackar hotmail.
Ni ska fan få svaret.
Men lätt blir det inte för er som är newbiez och jobbigt är det.
Man gör det med UNIX timestamps.
***************************
Hotmail bug- Read any Email
***************************
do the following:
1. Login normally to Hotmail with your ID (any id)
2. Use this type of link to view specific message from specific user:
http://pv2fd.pav2.hotmail.msn.com/cgi-bin/saferd?_lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e 36%2e250%2fcgi%2dbin%2fgetmsg&hm___qs=%26msg%3 dMSG9980 47250%2e22%26start%3d9702%26len%3d9687%26raw%3d0%2 6disk%3d64%2e4%2e36%2e68_d1577%26login%3dusername% 26domain%3dhotmail%2ecom&hm___fl=attrd&dom ain=hotmail.com
or
http://lw14fd.law14.hotmail.msn.com/cgi-bin/saferd?_lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e 36%2e250%2fcgi%2dbin%2fgetmsg&hm___qs=%26msg%3 dMSG9980 47250%2e22%26start%3d9702%26len%3d9687%26raw%3d0%2 6disk%3d64%2e4%2e36%2e68_d1577%26login%3dusername% 26domain%3dhotmail%2ecom&hm___fl=attrd&dom ain=hotmail.com
From that link change values: MSG943322803%2e16 (Message id number, its simply a counter. %2e=.) username (Hotmail account name to view) (remove "%26raw%3d0" if you want to view email as 'emailbox view', instead of full raw view.)
(remove "&hm___fl=attrd&domain=hotmail.com" if you dont like the hotmail frame on top.)
3. Done. If you entered correct message number & that user has it you will see it. (Test it with your own other hotmail account messages first to get the idea working.)
Now typing those message numbers manually is too much work, you could create a small utility to automatically scan given range of messages from specific user name. (You need to build it to work with IE, as you must be logged in hotmail when you want to view messages..)
It also helps to know that from the message numbers, in you own hotmail inbox,you can see about what time is what message number been used. eg:
- MSG997936971.27 arrived on 16.08.2001.
- MSG996698372.27 arrived on 01.08.2001.
- MSG975960863.0 arrived on 04.12.2000.
So you dont need to scan as many message addresses when you know from which range you are looking at.
The numbers after MSG and before the dot (ie. 997936971, 996698372 and 975960863) seem to be a UNIX timestamp which means, if we understood this correctly, that you have to know exactly when a message has arrived. The standard UNIX timestamp only has a resolution of 1 second. If that is indeed what they're using,
there would only be 60 messages to scan if you knew what minute the message came in, 3600 if you knew what hour, and 86400 if you knew what day. If the part after the dot is hundredths-of-second instead of a counter of messages received in the same second, it's trickier; multiply all of the numbers above by 100.
From the above example, though, it looks more likely that it represents some kind of status. Odds of there being 27 messages received in the same second on two different occasions are slim, and are odds that two messages were both received at 27/100ths of a second are 1/100, which isn't all that likely either. How that affected the time required for scans depends on how many statuses there are, and how common each is.
Så inga mer frågor OK tack och hej kom ihåg John__Doe det namnet ska ni alltid komma ihåg
Ni ska fan få svaret.
Men lätt blir det inte för er som är newbiez och jobbigt är det.
Man gör det med UNIX timestamps.
***************************
Hotmail bug- Read any Email
***************************
do the following:
1. Login normally to Hotmail with your ID (any id)
2. Use this type of link to view specific message from specific user:
http://pv2fd.pav2.hotmail.msn.com/cgi-bin/saferd?_lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e 36%2e250%2fcgi%2dbin%2fgetmsg&hm___qs=%26msg%3 dMSG9980 47250%2e22%26start%3d9702%26len%3d9687%26raw%3d0%2 6disk%3d64%2e4%2e36%2e68_d1577%26login%3dusername% 26domain%3dhotmail%2ecom&hm___fl=attrd&dom ain=hotmail.com
or
http://lw14fd.law14.hotmail.msn.com/cgi-bin/saferd?_lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e 36%2e250%2fcgi%2dbin%2fgetmsg&hm___qs=%26msg%3 dMSG9980 47250%2e22%26start%3d9702%26len%3d9687%26raw%3d0%2 6disk%3d64%2e4%2e36%2e68_d1577%26login%3dusername% 26domain%3dhotmail%2ecom&hm___fl=attrd&dom ain=hotmail.com
From that link change values: MSG943322803%2e16 (Message id number, its simply a counter. %2e=.) username (Hotmail account name to view) (remove "%26raw%3d0" if you want to view email as 'emailbox view', instead of full raw view.)
(remove "&hm___fl=attrd&domain=hotmail.com" if you dont like the hotmail frame on top.)
3. Done. If you entered correct message number & that user has it you will see it. (Test it with your own other hotmail account messages first to get the idea working.)
Now typing those message numbers manually is too much work, you could create a small utility to automatically scan given range of messages from specific user name. (You need to build it to work with IE, as you must be logged in hotmail when you want to view messages..)
It also helps to know that from the message numbers, in you own hotmail inbox,you can see about what time is what message number been used. eg:
- MSG997936971.27 arrived on 16.08.2001.
- MSG996698372.27 arrived on 01.08.2001.
- MSG975960863.0 arrived on 04.12.2000.
So you dont need to scan as many message addresses when you know from which range you are looking at.
The numbers after MSG and before the dot (ie. 997936971, 996698372 and 975960863) seem to be a UNIX timestamp which means, if we understood this correctly, that you have to know exactly when a message has arrived. The standard UNIX timestamp only has a resolution of 1 second. If that is indeed what they're using,
there would only be 60 messages to scan if you knew what minute the message came in, 3600 if you knew what hour, and 86400 if you knew what day. If the part after the dot is hundredths-of-second instead of a counter of messages received in the same second, it's trickier; multiply all of the numbers above by 100.
From the above example, though, it looks more likely that it represents some kind of status. Odds of there being 27 messages received in the same second on two different occasions are slim, and are odds that two messages were both received at 27/100ths of a second are 1/100, which isn't all that likely either. How that affected the time required for scans depends on how many statuses there are, and how common each is.
Så inga mer frågor OK tack och hej kom ihåg John__Doe det namnet ska ni alltid komma ihåg
