“ Information security is our responsibility ”
<empty>
  Orkut Hacking

At the age of 19, Sunny found loopholes like "Session Hijacking" & "Cross Site Scripting" in popular Social Networking Website www.orkut.com. He also proved live on the HEADLINES TODAY & Other News channels of India Today group that anyone's orkut account can be hijacked using orkut's cookie exploit.

Orkut Hacking
Once user "sign out" from the orkut application,Orkut doesn't clear orkut_state cookie.As this cookie still remains active,anyone can reuse the cookie to sign into same account

Once the user logs into same account again,new orkut_state cookie will be generated but old cookie is not cleared from  server.so anyone can misuse the same cookie data to gain an access to the account with the help of old orkut_state cookie.

 
Home | About Me | Research | Media | Cases | Lectures | Contact Us Design by: Tarkar Design Studio