This page has been robot translated, sorry for typos if any. Original content here.

How you can steal soap, or the saga of human stupidity.

There is no limit to human stupidity
Non limitus homius dibilus

Here in the forum, the conversation went, about hacking e-mail, everyone wants to spoil each other, learn passwords, such as joking .. So I decided to write an article on this topic .. Or rather, systematize the existing ones. Now they are just in bulk in the internet, all the same. Give, I think, I will gather everything in a handful ... And the questions about "breaking someone else's soap" will be diminished ...

So, the first method.
The most common way. Based on the following. We are all humans, right? We all have the same weaknesses, weaknesses, we all make purely human mistakes. This is where glorious social engineering is based. So, in short. A hacker can write to the victim a letter similar to the following: "The mail service @ mail.ru cleans accounts. If you do not want your account to be deleted, reply to this letter with your login and password in the Subject field in the following format: username ; password " . You ask why the topic in the field? I answer. Of course, this is not necessary. Simply, the victim will think that the robot will receive a letter for automatic processing, and there is more confidence in the robot. Instead of clearing accounts, you can come up with something else: they say, viruses / spam are being sent from your mailbox, send a password, otherwise your account will be deleted ... In short, you can think of everything ... Um, I almost forgot! A letter can be written from a plausible soap, such as admin@mail.ru, support@mail.ru, webmaster@mail.ru ... Also, a hacker can use some anonymizer or send a letter to a telnet client, specifying the address in the header answer "(reply-to) your soap. Thus, in the field "from whom" the victim sees, for example, admin@mail.ru, but when answering the letter, the answer will go to the specified e-mail.

Method 2nd.
An attacker can register a thread somewhere, for example, a page with a title like "We're breaking someone else's soap" and send a link to the victim allegedly on a hacker page ... On the page itself there may be a text like
"On mail.ru there are several MILLION users. There is a percentage that has poor memory and stupid brains to remember your password and often these peppers are faced with the problem of forgetting the password. So even a small percentage of more than a million crowd of soapbox owners is also a kind of crowd which requires your passwords.There are all sorts of systems called "Forgot password" in which you are asked the answer to the secret question, the data you entered during registration, etc. But the most interesting thing is that it is not a person who is involved, but a car, t. e. is common I am programmable !!!! And if there is a program - there is a hole in it. Now we proceed to the description of specific actions.
Everything is simple. A mail-robot sits at the address of pass_repair@mail.ru, which analyzes requests for password recovery and, depending on this, either specifies your data or sends the password immediately. The site has a form for filling with various parameters, which is then sent to a robot with a special Subject. The point is that if not one but two requests are crammed into the subject, then the last box will be checked, and the information will be sent for the second one! So we move our brains ... That's right! We send two requests: in one we inform the information about the victim's box, in the second information about ours (we all know about ours;))

So, we want to break vasya_pupkin@mail.ru
Our box hacker@mail.ru password qwerty
We write a letter to the robot on pass_repair@mail.ru
Subject: login = vasya_pupkin & pass = & answer =; login = hacker & pass = qwerty & answer =

Those. the first time we insert into the subject of the letter a request for the victim box - vasya_pupkin@mail.ru: login = vasya_pupkin & pass = & answer =
And then, through the semicolon, the second request, with your data, which the robot will check and make sure that they are correct!
login = hacker & pass = qwerty & answer =
Total: the subject of the message looks like this:
login = vasya_pupkin & pass = & answer =; login = hacker & pass = qwerty & answer =
All wait for a pass on your soap !!! "

Notice the catch? well done! for those who have not arrived, I will explain ... a hacker needs to create his own mailbox on the mail server with a name like pass_repair@mail.ru. Now passwords of a bunch of fly to him on the soap! Got it? Well, then the main thing for him is not to yawn .. just quickly change the secret password / reply, the forwarding address (and ~ 99%, that the pass is the same there!)

Method 3 rd.
Most people cannot keep in their heads a password huddle, so they often use the same ones. Hoo-hy, thoughts are there? I hope so, and for the rest I explain. Hacker writes a letter to the victim with a proposal to join a thread of society, a club, to participate in a lottery. The letter asks you to specify a nickname for joining the ranks, chat hackers, for example;) and a password to confirm his identity. If the victim is stupid enough, and the hacker knows enough about her / his interests and can guess where he wants to enter, then the probability that an answer to the letter will come ~ 90%. The probability that it will coincide with the pass from the box is ~ 50-70%. The odds are pretty good.
Well, the basics of the method of social. I told you about engineering. Think! .. We are all potential victims with you! We go further.

4th Method. Brute force method
From the title, everything is clear and understandable.
First, the hacker can try to sort out the manual passes, standard ones. Type qwerty, pass, gfhjklm, 123, etc. The method is rather stupid and the chances of success are endlessly zero to zero. Would you do that? That's right, and the hacker would also not! .. A hacker can use a prog to iterate through passwords, bruteo for example. After setting up, it just starts it and goes to bed;) But if the user doesn’t enter the standard pass, it will take a lot of time! And on the dial-up it is better not to try ...;)
Further.

Method 5th. Getting a pass through the forgotten password recovery service.
Know about the existence of such things? Made for sclerotic, well, used .. you know. ;)
The attacker learns about the victim as much as possible. Via ICQ (in the infe), if there is time, and most importantly desire (and if the victim is male), you can correspond with him under his woman’s name ... In a word, the ways are ... uh ... much shorter! ;) After he goes to the recovery page, drives in all the information received and waits, waits, waits ...;) This method is most suitable for mail.ru, they are well there, they really care about all sorts of senile people who cannot keep the pass in their head ! ..

6th method. Not hacking like getting a pass, but hacking like getting access to a box.
Long and steaming. But more or less effective.
So, after choosing the victim, the hacker starts sending spam emails on his behalf. If someone complains about it, there is a possibility that his account will be deleted. But perhaps the hacker will not want to wait until someone rolls the complaint. In this case, he can take any anonymizer or a list of proxies and start sending complaints to various people from various people. Here, like, this bad man spammed my box / sends porn / calls for violence, etc. In the end, the box banged. And the main thing for him is not to miss this moment. Once removed, the hacker is registered under the victim's username. All mail will be referenced there, but the hacker will not read it, but a hacker ...;)

A couple more ways:
1. A victim can be backed up. After that, she is completely in the hands of a hacker, greedy for someone else's property.
2. A hacker may write a letter to which the victim cannot fail to respond. Mats there are some thread .. And how to get an answer, in the title looks at the un, checks for balls. If there is, then tyrit files in which the mailer stores passwords, if the victim checks through the browser, tyrit the necessary cookies.

In addition to everything else, you can break the box (like the provider or the site) well knowing the holes - through which you can drag off passwords or something else. To do this, the hacker must try to get through to where it should be. This, of course, is difficult, so social engineering (struggle) is a very great way! Recommending the best dogs @

We draw conclusions, gentlemen ...
Do not communicate with dubious fans on ICQ! ;)
Before answering a dubious letter, look in the heading, whether the address vasya@pupkin.ru is indicated there in the "Reply-To" field, instead of president@whitehouse.gov, from which you allegedly received a letter.
How to view the title? Everything is very simple ... If you read mail directly on the server, from a browser, for example, on @ mail.ru, then all you need to do is click on the "header" link. A page similar to the one in which you usually read mail will be loaded, but instead of the letter its heading will be indicated. In the mail client "The Bat!", To read the title you need to press a key combination + + . In Outlook, this can be done by selecting the letter in the folder and selecting Properties-Details from the right-click menu. I myself have never used it, and I do not advise you, there are many holes, and by opportunities and frills it is inferior to many clients.
Another tip: do not use the same passwords everywhere. The best password is a dg # Kn $ or Y # $ hGJ password. Such that it was impossible to pick up a banal bust. To generate random passwords, I can advise the Password Generator program. Everything is very simple there. You choose the length of the password, the characters you want to use in it, the randomness of the characters (the more, the more real the word, for example gerosvaxa instead of mpwkmscxv), click on the "Generate" pimp and choose any one you like from the list! And for those with memory problems, I would advise you not to write down passwords on your computer, but to get a notebook so that no one can stop them.

What does the heading consist of?
Consider this example:
Received: from mail.bieberdorf.edu (mail.bieberdorf.edu [124.211.3.78]) by mailhost.immense-isp.com (8.8.5 / 8.7.2) with ESMTP id LAA20869 for; Tue, 18 Mar 1997 14:39:24 -0800 (PST)
Received: from alpha.bieberdorf.edu (alpha.bieberdorf.edu [124.211.3.11]) by mail.bieberdorf.edu (8.8.5) id 004A21; Tue, Mar 18 1997 14:36:17 -0800 (PST)
From: rth@bieberdorf.edu (RT Hood)
To: tmh@immense-isp.com
Date: Tue, Mar 18 1997 14:36:14 PST
Message-Id:
X-Mailer: Loris v2.32
Subject: Lunch today?

We will carry out a line-by-line analysis of these headers and find out exactly what each of them means:

Received: from mail.bieberdorf.edu
This email was received from a computer called mail.bieberdorf.edu ...

(mail.bieberdorf.edu [124.211.3.78])
... and which is really called mail.bieberdorf.edu (i.e., he identified himself correctly) and his IP address is 124.211.3.78.

by mailhost.immense-isp.com (8.8.5 / 8.7.2)
Received the message computer mailhost.immense-isp.com; The sendmail version 8.8.5 / 8.7.2 program worked on it (if you don’t know what these numbers mean, don’t pay attention to them).

with ESMTP id LAA20869
The receiving computer assigned the message the identification number LAA20869. (This information will only be used on this computer if its administrator needs to find this message in the logs; for all others, it usually does not matter.)

for ;
The message is addressed to tmh@immense-isp.com. Note that this title is not associated with the string "To:".

Tue, 18 Mar 1997 14:39:24 -0800 (PST)
The letter was transmitted on Tuesday, March 18, 1997 at 14:39:24 Pacific Standard Time (PST - Pacific Standard Time), which is 8 hours behind the Greenwich time zone, from where it was taken to "-0800".

Received: from alpha.bieberdorf.edu (alpha.bieberdorf.edu [124.211.3.11]) by mail.bieberdorf.edu (8.8.5) id 004A21; Tue, Mar 18 1997 14:36:17 -0800 (PST)
This line indicates the transfer of a letter from alpha.bieberdorf.edu (rth computer) to mail.bieberdorf.edu; This program took place at 2:36:17 PM Pacific Standard Time. The sending machine was called alpha.bieberdorf.edu, its real name is also alpha.bieberdorf.edu and its IP address is 124.211.3.11. The Bmaildorf mail server is running sendmail version 8.8.5, and it assigned the identification number 004A21 to the letter for its internal needs.

From: rth@bieberdorf.edu (RT Hood)
The letter was sent from rth@bieberdorf.edu, who named his real name: RT Hood.

To: tmh@immense-isp.com
The letter was addressed to tmh@immense-isp.com.

Date: Tue, Mar 18 1997 14:36:14 PST
The post was created on Tuesday, March 18, 1997 at 14:36:14 Pacific Standard Time.

Message-Id:
The message was assigned this identification number (by mail.bieberdorf.edu). This number is different from the SMTP and ESMTP ID numbers in the "Received:" headers because it is assigned to the letter "for life", while the remaining numbers are associated with a specific message transfer operation on a particular machine, so these numbers do not have no point for the rest of the machines. Sometimes (as in this example) the Message-Id number contains the address of the sender, but more often it does not carry any visible meaning.

X-Mailer: Loris v2.32
A message was sent by Loris version 2.32.

Subject: Lunch today?
Speaks for itself.