GBATemp Account Exploit

Status
Not open for further replies.

DavidRO99

Average Ryzen user.
OP
Member
Joined
Jun 11, 2016
Messages
1,018
Trophies
0
Age
26
Location
your back-door
XP
948
Country
Korea, North
I think the admins should look into this so for debugging I made a tutorial!
I hope this is possible to fix by using some type of blocker as I dont want to see somebodys account get stolen by them not knowing what they are doing with their cookies.
This is possible using cookies so... here is how to do it!
  • Step 1. Install EditThisCookie for Chrome
  • Step 2. Go to GBATemp and click on the cookie
  • Step 3. Click export and sign out of your account
  • Step 4. Click back on the cookie and then on the Trash until there is no cookie left
  • Step 5. Click on the Import icon
  • Step 6. Paste the cookie you just copied and click on the checkmark
  • Step 7. Refresh the page.
  • Step 8. Be amazed at how this works on netflix aswell
 

VinsCool

Persona Secretiva Felineus
Global Moderator
Joined
Jan 7, 2014
Messages
14,600
Trophies
4
Location
Another World
Website
www.gbatemp.net
XP
25,204
Country
Canada
Show how somebody can steal somebody elses cookie and log into their account with it
Seriously? I think this is a serious technical issue admins should know about.
 

Boogieboo6

@realDonaldTrump
Member
Joined
Jul 30, 2015
Messages
965
Trophies
1
Age
23
XP
807
Country
United States
I think the admins should look into this so for debugging I made a tutorial!
I hope this is possible to fix by using some type of blocker as I dont want to see somebodys account get stolen by them not knowing what they are doing with their cookies.
This is possible using cookies so... here is how to do it!
  • Step 1. Install EditThisCookie for Chrome
  • Step 2. Go to GBATemp and click on the cookie
  • Step 3. Click export and sign out of your account
  • Step 4. Click back on the cookie and then on the Trash until there is no cookie left
  • Step 5. Click on the Import icon
  • Step 6. Paste the cookie you just copied and click on the checkmark
  • Step 7. Refresh the page.
  • Step 8. Be amazed at how this works on netflix aswell
But how'd you find this? Were you trying to hack GBATemp?? :creep:
 

DavidRO99

Average Ryzen user.
OP
Member
Joined
Jun 11, 2016
Messages
1,018
Trophies
0
Age
26
Location
your back-door
XP
948
Country
Korea, North
Someone will have to get access to your cookies/computer first.
Really easy with SQL Injection/Phising

--------------------- MERGED ---------------------------

But how'd you find this? Were you trying to hack GBATemp?? :creep:
Nah, just trying to get into netflix without owning a account(and I succeded xD) so I decided to try this with GBATemp
 
  • Like
Reactions: ThePanchamBros

Tenshi_Okami

Well-Known Member
Member
Joined
Nov 3, 2015
Messages
1,490
Trophies
0
Age
25
XP
1,616
Country
Puerto Rico
Why post the proccess tho, now people can use it to rob the accounts ;-;

you should had just sent it in a PM to mods...
 

astronautlevel

Well-Known Member
Member
Joined
Jan 26, 2016
Messages
4,128
Trophies
2
Location
Maryland
Website
ataber.pw
XP
4,998
Country
United States
It is easy.... there are plenty of tutorials about doing it with just an image for example. All you need is a vulnerable site.
I highly doubt Temp is vulnerable to SQL injection. Phising could also be used to get a password directly, there's no reason people would go out of the way to get the cookie instead.

Also, basically what @UniqueGeek said. There's no easy way around this because of how cookies work.
 
Status
Not open for further replies.

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    LeoTCK @ LeoTCK: hmm