Skip to content

msyco666

Forum Replies Created

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #185343
    msyco666
    Member

    Posted: Thu Jun 29, 2006 11:17 am Post subject: Stealing Paltalk Accounts



    Paltalk is a chat program, where you can talk, hear and see other people.
    Mos of users enable the option save password. You can easily steal passwords from the people
    which enable such thing. These technique also works with the brazilian version of the program, Tivejo!
    Paltalk program stores the encrypted password in the system registry, in the key pwd, which can
    be found at HKEY_CURRENT_USERSoftwarePaltalk foollowed by the username of the person. If you
    can acess someone’s registry and copy the encryted password sequence you will be able to steal
    the users password’s without decompress it.
    With the encrypted sequence, start you paltalk program try to log onm with the victim account,
    and in the password field type anything longer then five character, click in the save password
    dialog box, and try to log in. After the message saying that you missed the password, close the
    paltalk program and go to the system registry in HKEY_CURRENT_USERSoftwarePaltalk’user’ where
    the word user in quotes is the username of the person. Change the content of the pwd entry to
    theencrypted sequence of the victim. In the next time you start your paltalk program, the paltalk
    program will decrypt the sequence for you and put in the password’s field. But the password is
    shadowed. You can see the password with the program Snadboy’s reveletion which can be easily
    found in the web.
    If you want steals someone’s password, but you dont have physical access to get the encrypted
    sequence, but you have remote acces to it, do the fallowing:
    1- Copy the files user.dat and system.dat from the victim
    2- Back-up your registry
    3- Substitue your system.dat and user.dat by the victims system.dat and user.dat
    4- Go in the HKEY_CURRENT_USERSoftwarePaltalk’user’ (whre the word user in quotes is the
    victim’s username).
    5- Copy the exat encrypted sequence to a safe place.
    6- Bring back your registry, or you windows will be in trouble.
    7- Try to log into paltalk with the victim’s account, typing any worng password, and enabling
    save password.
    8- Go to your registry and substitute the sequence of the wrong password by the right sequence.
    9- Now, you can use his/her account.

    PROTECT YOURSELF!

    If you are a paltalk user, disable the save password option.

Viewing 1 post (of 1 total)