Main:
How to SE your way into a hotmail account.
How to 'Hack' Hotmail.
-----------------------
Hey, this is my first article, so its not brilliant, and, just to make things clear,
its not really a hack, its much more of a social engineer....
------------------------------------------------------------------------------------
Now, hotmail is known to have good securuity, and it does. But, there's a big flaw in it.
It's been said before, and i'll say it again, "There is no patch for human stupidity".
Its the people who choose the passwords, and more importantly, its them who choose their
secret quetion. Thats what we're going to exploit. Im going to set this out in 10 simple
steps that should be easy to follow.
1. Right, first things first, you'll need the email address of your victim (duh).
2. You're going to need to find out what your vitim's secret question is. This is pretty
easy, just got to the main hotmail page, click 'Forgot your password ?', then you'll
have to type in the victims email and some characters from a picture. Next, click the option
to "Provide account information and answer your secret question." The question is shown,
amongst other things.
3. The next step is, you have to put in all the information that is requested, which should
be,"Country/Region:", "State:" (if its america), "ZIP code:" (again,if its america), and
finally, "Secret Answer:".
4. Now for the hard part, you have to social engineer the information needed. Usually,
you're trying to get into the account of someone you know, so you'll have the country,
state (if applicable), and maybe zip code, im not sure because i dont know how that works
over there in America. If you dont have it, it'll also have to be social engineered, along
with the other two if you're social engineering a stranger. The main thing that
i'm going to focus on, is the answer to the secret question.
5. The secret question is likely to be one of these:
Favorite fictional character
Favorite person from history
Favorite book/story from childhood
Favorite movie from childhood
Food you've always liked
Two best childhood friends
Favorite TV show that isn't on anymore
Your first car
First company you worked for
If it is none of these then its a fairly old account, and the only two secret questions
I can think of are your first pet and your high school. I think that the best way of
getting the answer is creating a fake questionaire (if its a friend, you might get away
with asking the any of questions outright). For example, if your victims question is
one of the first 4 on the list, tell them you've just found a questionaire on the net, and
would they like to answer a few questions about their favorite things. Then, make up a few
questions like "Whats your favorite colour?" and "Whats your favorite number?". Then, slip
in the secret question in the middle, and you'll get your answer. For the last ones, start
a casual conversation, and when you think the time is right, directly ask the question. If
you're challenged, reply with something like "oh, i was just wondering because..." and make
up an apropriate excuse for the question.
6. Repeat step two and enter in the information you have gathered, then change the password
to anything of your liking :)
7. And you now have access to the account. Unfortunatly, the old password cannot be
recovered, so the victim will know they're account has been used because they will be unable
to log on.
8. Leave yourself a backdoor. Login with the password you set at http://login.passport.net,
choose "credentials", then click "Add or change your alternate e-mail address". Because
you've changed the password, they'll find out it's been changed, and most probably change
their secret question. Also, this way you wont have to social engineer that person again
(they probably wouldn't trust you anyway).
9. This is how to change the alternate email. Follow the above step, and fill in the
password you have. Now type in your own email as the alternate email address. You'll have
to do this twice to verify it. When thats done you get a message saying "You've updated
your alternate e-mail address. If you forget your password, you can reset it using this
alternate e-mail address. We will only use this address to send you password reset
messages." Click Done.
10. And you're finised. When you've done with whatever you have to do, if your victim was
someone you know, then i suggest telling them that you guessed the password, and changed
it as a prank, and tell them what their password is now. If this was done to a stranger,
if you still have an email address you can contact them with (usually, there is one already
typed in the alternate email before you change it), you can spoof an email to them from
"The Hotmail Team" telling the victim about how you had a problem with the server their
password was on. Then send them a seperate email giving the victim a replacement password
(which you will have to set, make it something difficult, e.g. your automatic replacement
password is : Hj73M0iu). Most people will forget that they registerd an alternative email,
and its not required, so alot of users never do. This is why its a good way of getting back
into their account, because the alternate email is rarely used and often forgot.
There you have it. The question thats been asked so many times "How do i hack Hotmail?"
has now been answered.
Hope you liked it :)
By,
AbSoRb
-----------------------
Hey, this is my first article, so its not brilliant, and, just to make things clear,
its not really a hack, its much more of a social engineer....
------------------------------------------------------------------------------------
Now, hotmail is known to have good securuity, and it does. But, there's a big flaw in it.
It's been said before, and i'll say it again, "There is no patch for human stupidity".
Its the people who choose the passwords, and more importantly, its them who choose their
secret quetion. Thats what we're going to exploit. Im going to set this out in 10 simple
steps that should be easy to follow.
1. Right, first things first, you'll need the email address of your victim (duh).
2. You're going to need to find out what your vitim's secret question is. This is pretty
easy, just got to the main hotmail page, click 'Forgot your password ?', then you'll
have to type in the victims email and some characters from a picture. Next, click the option
to "Provide account information and answer your secret question." The question is shown,
amongst other things.
3. The next step is, you have to put in all the information that is requested, which should
be,"Country/Region:", "State:" (if its america), "ZIP code:" (again,if its america), and
finally, "Secret Answer:".
4. Now for the hard part, you have to social engineer the information needed. Usually,
you're trying to get into the account of someone you know, so you'll have the country,
state (if applicable), and maybe zip code, im not sure because i dont know how that works
over there in America. If you dont have it, it'll also have to be social engineered, along
with the other two if you're social engineering a stranger. The main thing that
i'm going to focus on, is the answer to the secret question.
5. The secret question is likely to be one of these:
Favorite fictional character
Favorite person from history
Favorite book/story from childhood
Favorite movie from childhood
Food you've always liked
Two best childhood friends
Favorite TV show that isn't on anymore
Your first car
First company you worked for
If it is none of these then its a fairly old account, and the only two secret questions
I can think of are your first pet and your high school. I think that the best way of
getting the answer is creating a fake questionaire (if its a friend, you might get away
with asking the any of questions outright). For example, if your victims question is
one of the first 4 on the list, tell them you've just found a questionaire on the net, and
would they like to answer a few questions about their favorite things. Then, make up a few
questions like "Whats your favorite colour?" and "Whats your favorite number?". Then, slip
in the secret question in the middle, and you'll get your answer. For the last ones, start
a casual conversation, and when you think the time is right, directly ask the question. If
you're challenged, reply with something like "oh, i was just wondering because..." and make
up an apropriate excuse for the question.
6. Repeat step two and enter in the information you have gathered, then change the password
to anything of your liking :)
7. And you now have access to the account. Unfortunatly, the old password cannot be
recovered, so the victim will know they're account has been used because they will be unable
to log on.
8. Leave yourself a backdoor. Login with the password you set at http://login.passport.net,
choose "credentials", then click "Add or change your alternate e-mail address". Because
you've changed the password, they'll find out it's been changed, and most probably change
their secret question. Also, this way you wont have to social engineer that person again
(they probably wouldn't trust you anyway).
9. This is how to change the alternate email. Follow the above step, and fill in the
password you have. Now type in your own email as the alternate email address. You'll have
to do this twice to verify it. When thats done you get a message saying "You've updated
your alternate e-mail address. If you forget your password, you can reset it using this
alternate e-mail address. We will only use this address to send you password reset
messages." Click Done.
10. And you're finised. When you've done with whatever you have to do, if your victim was
someone you know, then i suggest telling them that you guessed the password, and changed
it as a prank, and tell them what their password is now. If this was done to a stranger,
if you still have an email address you can contact them with (usually, there is one already
typed in the alternate email before you change it), you can spoof an email to them from
"The Hotmail Team" telling the victim about how you had a problem with the server their
password was on. Then send them a seperate email giving the victim a replacement password
(which you will have to set, make it something difficult, e.g. your automatic replacement
password is : Hj73M0iu). Most people will forget that they registerd an alternative email,
and its not required, so alot of users never do. This is why its a good way of getting back
into their account, because the alternate email is rarely used and often forgot.
There you have it. The question thats been asked so many times "How do i hack Hotmail?"
has now been answered.
Hope you liked it :)
By,
AbSoRb
Posted by 
Thanks man!
