Hey people,

Kind of a strange question, I know it seems a bit suspicious. Besides swearing it's true, I can only say that I've posted questions for months, so I don't come out of nowhere. Hope you can help me.

The msn account of a friend of mine is hacked. She created a new one, so normally it wouldn't be a problem, but whoever has hacked it, is now sending emails and contacting people etc. She is actually getting in trouble because of it. Now, I thought that maybe, just maybe, someone here knows something of hacking (I mean, of course, cracking), for example because a job that has to do with security, and could help me hack her account back...

If someone can and wants to help me, send me a PM or respond here. I would really appreciate it.

Why not just email MSN and report the stolen account? They can close it for her and prevent the IP of the cracker from further access.

did you change the passwords, secret answers, emails, personal info?

Try http://hackforums.net, someone would probably have a tool there to help you

The only way it is possible, other than Duoas' method, is if you know who has hacked the account and can gain access to their machine.

Although nothing is impossible, the chances of you being able to crack hotmail are slim to none, and the chances of you finding someone who can actually do it and are willing to do it for you are even slimmer. Sorry.

@demosthenes2k8
While in this case it is probably a legitimate use of the tool; to be perfectly honest I doubt microsoft would see it that way. Given that they are providing a £250,000 reward for whoever started Conficker/Downadup/Kido/Whatever, which has had no effect on them (other than minimally, in sales of windows machines; which to be honest in my opinion is only a good thing); I think that if you target their software you're looking for trouble...

@mcleano
Furthermore if you can't crack a program on your own machine; I really wouldn't fancy your chances against someone elses.

Your friend will just have to learn to not be so stupid with her passwords/"secret questions" next time, and e-mail everyone she knows to ignore any e-mails coming from that address.
In a way, I like it when this sort of thing happens. Some people only learn the hard way.

mcleano:

you know who has hacked the account and can gain access to their machine.

How would that help?

In a way, I like it when this sort of thing happens. Some people only learn the hard way.

I have to agree there. Some people can be extremely stupid when it comes to things like this. For example, those websites which ask you to type in your email address and password to get something like a list of people who have blocked you. You type in your email and password, click "submit" and then every time you log out, it logs in as you, sends all your friends a link to the website and then logs out immediately so they can't send you a message saying "For god's sake! You're an idiot!" Loads of people I know have been tricked into that. How stupid do you have to be? It doesn't have "https" so you should know that means it isn't secure or encrypted; and the Live program even tells you not to necessarily trust all links! How far do Microsoft have to go to stop their users from being idiots?!

Wow. That was a rant and a half...

It doesn't have "https" so you should know that means it isn't secure or encrypted

Hoo boy. You're a 5 on the scale of phishibility.
HTTPS just means that the channel between you and the server is secure. Even if those kinds of sites used HTTPS, it would just mean "no untrustworthy third party will be able to hear that you're giving your password to an untrustworthy third party".

@chrisname... what?

@helios... I meant keylogging.

I understand that it doesn't necessarily mean it's safe, but you should at least look at it to check!

What is the scale out of? (a fish, LOL)

@mcleano,

gain access to their machine.

@helios... I meant keylogging.

Why would that help though? How do you get the logger on their machine?
Here's a simple flowchart:
http://i33.tinypic.com/biidh.jpg

mcleano:

I meant keylogging.

That assumes the person actually types the password. Besides, if I had physical access to the computer of someone I knew hacked one of my accounts, I wouldn't waste time on stuff like that. I'd grab a magnet and rub it against their hard drive for a few minutes, then maybe pop a few capacitors off their motherboard.
That'll teach'em.

chrisname:
That flowchart doesn't make any sense, and the fork isn't labeled. And you're forgetting about hardware keyloggers.

I never did like flowcharts anyway... :(

Thanks for the replies!

What Douas suggested is probably the best. I already expected my chances on actually hacking the account back would be next to nothing, but well, it would have been fun if it succeeded ;)

@wachtn
You prob meant 'he'. Yes, he did.

@demosthenes2k8
The page doesn't load :S I'll give it another try tomorrow...

@helios

Some people only learn the hard way.

I agree, it's of course her own fault. But I hope she has learned her lesson by now, so I'll help her out if I can ;)

helios:

That assumes the person actually types the password.

Thats true. Personally I think that someone like that probably would type it, and not have something like a "remember me" checkbox checked. But this is not based on anything factual only feeling so I guess there is no point in even saying it... ah well.

chrisname:
Are we forgetting about how keyloggers operate? They send emails remotely to you email address. And regarding how you get it onto their machine, that comes back to whether you know the person. You could send it to them with it bound to something else.

My point was that unless you use social engineering, or have access (physical OR via something like ssh), you aren't going to get a keylogger on their system. So its fairly redundant to suggest a keylogger.

helios, coolface.jpg

I like the idea of magnet + hard disk. Thats how I screwed up my calculator, that and cutting the LCD off.