Gmail Security Exploit

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • OzMan
    Confirmed User
    • Sep 2003
    • 9162

    #1

    Gmail Security Exploit

    Be careful what you are clicking on if you have a Gmail account.


    "So you?ve got a Gmail mail account? Or maybe you?ve just received an invitation? Well, we have some bad news for you: Your mail box is exposed. A major security hole in Google's mail service, allows full access to user accounts, without the need of a password"... FULL STORY


    Please limit your replies to either:

    A) Ha! I told all you dumb fuckers before that Gmail was no good but nobody wanted to hear it.

    or

    B) This fucking sucks as I like Gmail but I am sure it will be fixed real soon.

  • Chris
    Too lazy to set a custom title
    • May 2003
    • 27880

    #2
    all your gmail are belong to us.


    Hmm

    Proxys

    Pay per email program

    haxed gmails



    [email protected]

    Comment

    • Dagwolf
      President of Canada
      • Sep 2003
      • 23141

      #3
      Originally posted by OzMan

      A) Ha! I told all you dumb fuckers before that Gmail was no good but nobody wanted to hear it.

      or

      B) This fucking sucks as I like Gmail but I am sure it will be fixed real soon.

      Ha! My Gmail account is EMPTY! Go get it, hackers!
      Sleep well, and dream of large women.

      Comment

      • V_RocKs
        Damn Right I Kiss Ass!
        • Nov 2003
        • 32449

        #4
        Sweet, but you need to give up your cookie first, click here!

        Comment

        • Adultnet
          Confirmed User
          • Sep 2003
          • 8713

          #5
          Be care full on what links you click


          TrafficCashGold Paying Webmasters Since 1996!

          Awesome Conversions! Fast Weekly Payments! Over 125 Tours!

          Comment

          • Myst
            Confirmed User
            • Feb 2004
            • 4708

            #6
            youre all fucking stupid

            just as stupid as the retards who use firefox instead of programs like myie2 which are clearly better and faster but arent "secure". you paranoid stupid idiots

            can you even read the article? you need the persons cookie to do it. if you can get the persons cookie, youre gonna have to either hack into the computer, or just go grab it if its like your roomates computer. but why not just install a keylogger or something. this exploit is stupid, and it means nothing. carry on with your ignorant lives
            ICQ: 298-523-037

            Comment

            • OzMan
              Confirmed User
              • Sep 2003
              • 9162

              #7
              Originally posted by Myst
              youre all fucking stupid

              just as stupid as the retards who use firefox instead of programs like myie2 which are clearly better and faster but arent "secure". you paranoid stupid idiots

              can you even read the article? you need the persons cookie to do it. if you can get the persons cookie, youre gonna have to either hack into the computer, or just go grab it if its like your roomates computer. but why not just install a keylogger or something. this exploit is stupid, and it means nothing. carry on with your ignorant lives
              Apparently you DIDN'T read the article

              ...It allows the hacker to "snatch" the victims cookie file (a file planted in the victim's computer used to identify him) using a seemingly innocent link (which directs to Gmail's site itself). Once stolen, this cookie file allows the hacker to identify himself as the victim, without the need of a password...."

              Please change your sig to "Apparently not so experienced Windows Programmer on crack"

              Comment

              • Calvinguy
                Confirmed User
                • Oct 2002
                • 1752

                #8
                It's a general exploit then for all systems that don't encrypt the passwords stored in a cookie

                Comment

                • xclusive
                  Too lazy to set a custom title
                  • Apr 2004
                  • 35218

                  #9
                  It's amazing how the simple exploits are always looked over by software companies...

                  I support MediumPimpin.com / Shemp's Outlawtgp.com /


                  Comment

                  • Fake Nick
                    So Fucking Banned
                    • Jul 2004
                    • 7708

                    #10
                    hmm, that is old new my friend , the latest news is that google made a statement there was a slight problem but has been fixed already......

                    Comment

                    • Basic_man
                      Programming King Pin
                      • Oct 2003
                      • 27360

                      #11
                      A) Ha! I told all you dumb fuckers before that Gmail was no good but nobody wanted to hear it.
                      UUGallery Builder - automated photo/video gallery plugin for Wordpress!
                      Stop looking! Checkout Naked Hosting, online since 1999 !

                      Comment

                      • loverboy
                        When it rains, it pours
                        • May 2003
                        • 20609

                        #12
                        Originally posted by Basic_man
                        A) Ha! I told all you dumb fuckers before that Gmail was no good but nobody wanted to hear it.
                        good for me as well, haven't installed my 2 gmail invites

                        Comment

                        • swedguy
                          Confirmed User
                          • Jan 2002
                          • 7981

                          #13
                          "reveals Nir Goldshlagger, an Israeli hacker"

                          Are those Israelis ever up to anything good?

                          Comment

                          • More Booze
                            Confirmed User
                            • Mar 2004
                            • 5116

                            #14
                            This fucking sucks as I like Gmail but I am sure it will be fixed real soon.

                            Comment

                            • Fake Nick
                              So Fucking Banned
                              • Jul 2004
                              • 7708

                              #15
                              Originally posted by More Booze
                              This fucking sucks as I like Gmail but I am sure it will be fixed real soon.

                              read the thread then reply ;) not just the topic title and the first post , this is old news and the exploit was already fixed before this topic was posted

                              Comment

                              • MrJackMeHoff
                                Confirmed User
                                • Mar 2004
                                • 4569

                                #16
                                Originally posted by More Booze
                                This fucking sucks as I like Gmail but I am sure it will be fixed real soon.
                                This is about as worrysome as a cloudy day..

                                Comment

                                • ytcracker
                                  stc is the greatest
                                  • Dec 2002
                                  • 12403

                                  #17
                                  Originally posted by Fake Nick
                                  read the thread then reply ;) not just the topic title and the first post , this is old news and the exploit was already fixed before this topic was posted
                                  yep old hat
                                  www.ytcracker.com | www.digitalgangster.com
                                  i love you

                                  Comment

                                  • OzMan
                                    Confirmed User
                                    • Sep 2003
                                    • 9162

                                    #18
                                    Originally posted by Fake Nick
                                    hmm, that is old new my friend , the latest news is that google made a statement there was a slight problem but has been fixed already......
                                    It's only old news if you have heard it before and most people don't read obscure Israeli sites.


                                    Hmm Israeli... Fake Nick..... hmmmm I wonder

                                    Anyhow the original Exploit was posted like 3 days ago. Several news services picked it up in the last day.

                                    But you are correct that Google has patched it already

                                    Found this from yesterday, sorry it is almost 24 hours old

                                    "SAN FRANCISCO - Google (Profile, Products, Articles) Inc. has fixed a security flaw in its Gmail Web-based e-mail service that allowed attackers to hijack users' e-mail accounts...."

                                    FULL STORY

                                    Comment

                                    • foolio
                                      ICQ: 178725656
                                      • Nov 2002
                                      • 12366

                                      #19
                                      WOW! You would think they were still in BETA or something!

                                      Comment

                                      • Antonio
                                        Too lazy to set a custom title
                                        • Oct 2001
                                        • 14136

                                        #20
                                        Originally posted by Myst
                                        youre all fucking stupid

                                        just as stupid as the retards who use firefox instead of programs like myie2 which a.......etc
                                        Just looked at the stats in your sig.
                                        33 signups - $ 2126.00
                                        Does AAC pay 64.42 per signup?

                                        Comment

                                        • SmokeyTheBear
                                          ►SouthOfHeaven
                                          • Jun 2004
                                          • 28609

                                          #21
                                          Originally posted by Myst
                                          youre all fucking stupid

                                          just as stupid as the retards who use firefox instead of programs like myie2 which are clearly better and faster but arent "secure". you paranoid stupid idiots

                                          can you even read the article? you need the persons cookie to do it. if you can get the persons cookie, youre gonna have to either hack into the computer, or just go grab it if its like your roomates computer. but why not just install a keylogger or something. this exploit is stupid, and it means nothing. carry on with your ignorant lives
                                          And you call yourself a programmer

                                          Nope sorry. Your just plain wrong here. Getting a users gmail cookie is very very easy, Like i could have yours now if i wanted ;) It does require some user interaction. ( like opening this thread )
                                          hatisblack at yahoo.com

                                          Comment

                                          • SmokeyTheBear
                                            ►SouthOfHeaven
                                            • Jun 2004
                                            • 28609

                                            #22
                                            Originally posted by Calvinguy
                                            It's a general exploit then for all systems that don't encrypt the passwords stored in a cookie
                                            no, they do use encryption, but its usually some rotational format that is easily spotted.

                                            Either way you dont need the password anyways , just the cookie
                                            hatisblack at yahoo.com

                                            Comment

                                            Working...