The following errors occurred when this message was submitted:
---MAD--- has chosen not to receive private messages or may not be allowed to receive private messages. Therefore you may not send your message to him/her.

I think your PM box is full Mr MAD!

I was just going to PM MAD about people posting session stealers.

Habbox should post an announcement warning people to be wary of these kind of posts saying "MODS PASSES LEAKED" or "NEW RARE FOUND" if images are not put directly in the threads :_

Agreed. They should also filter tinyurl

Agreed, make it they have to post a Photobucket or Imageshack link or summet?

I think your PM box is full Mr MAD!

I was just going to PM MAD about people posting session stealers.

Habbox should post an announcement warning people to be wary of these kind of posts saying "MODS PASSES LEAKED" or "NEW RARE FOUND" if images are not put directly in the threads :_


hes away for a couple of weeks doing exams, he may have disabled messages or his pm box is full:)

He has disabled his PM's all staff were told.

PM Jimi for anything you would normally PM Mad about :D

He has disabled his PM's all staff were told.

PM Jimi for anything you would normally PM Mad about :D

I would say this thread will be sufficient enough.

But yeah something needs doing x)

Report the post :P

They should filter the url that it is coming from, just a word or something

ie: "get.cookie" or something like that.

Then the URL won't work.

Not filter tinyurl or whatever cos people use that site and like to upload stuff on it, it's not a scam site etc.

Report the post :P

Thats not going to save some people from clicking the link, it does take a while for a reported post to be dealt with.

He's disabled them mate.

He's disabled them mate.
point out the blatently obv, even though its already been posted :rolleyes:

Sorry didn't see it was posted.

I'm not too bothered that I can't contact ---MAD--- i'll sure live, i just wondered if it was anything interesting xD

The main topic of this thread is the buggars posting Session Stealers.

Is there a way of filtering certain codes though :s
Anyway if they post a direct link to the session stealer you can tell as the url will be generaly long and have ''cookie'' repeated several times

Is there a way of filtering certain codes though :s
Anyway if they post a direct link to the session stealer you can tell as the url will be generaly long and have ''cookie'' repeated several times
I say just filter Tinyurl until its over

Sorry didn't see it was posted.
So you didn't read the first post of the thread?


Is there a way of filtering certain codes though :s
Anyway if they post a direct link to the session stealer you can tell as the url will be generaly long and have ''cookie'' repeated several times

If you filter a code in the url such as "session.cookie" etc then it won't let you click it, the url will have stars in it.

Is there a way of filtering certain codes though :s
Anyway if they post a direct link to the session stealer you can tell as the url will be generaly long and have ''cookie'' repeated several times

Some people are too naive to notice.


I say just filter Tinyurl until its over

There are other hosts people could use.

I also agree, we should just post pictures.

The code doesn't have to be in the url , they can hide it in their website's coding.
Is there a way of blocking sites witch certain words / codes in other than parental control?
if there is a way then just simply block of ripway.com so their code won't work

The best we can do for the time being is to move the post out of the view of the public and permanently ban the user.

If you see these threads please report them as soon as possible.

Thanks.

what do session stealers actually do? because i think i clicked on one :(

They get onto your habbo account

what do session stealers actually do? because i think i clicked on one :(
Not sure exactly how they work but they steal your session id from you cookies and logs in the person who set the stealer on

i wasn't on habbo, but can they still find out what i type ect. now?

to fansite owners/forum owners - you can filter certain things to make these exploits not work directly from links on your forum.

filter these terms: ********* - *********


There you go admins. Don't know if it'll work or not.

Hover your mouse over the link and in the bottom left hand corner you can see the link, if you don't trust it don't click it.

There you go admins. Don't know if it'll work or not.

Thanks Kardan, i'll look into this. :)

You will be 100% fine if you werent logged into Habbo and you will be 100% fine if you had logged in for more than 10 minutes. Each 'Session' on Habbo lasts exactly 10 minutes, they do not get your password, they just "steal your session" and just get the rest of the time on that session so it is VERY unlikely they can steal your stuff, because they will have to RE-AUTHENICATE after 10 mins, and they need a password to do that. Plus if your still on the hotel after 10 mins then the sessions has expired and is TOTALLY USELESS. To avoid this if you think youve clicked one, log out and then log in again, as this starts a NEW session, meaning the session code they are on will become invalid.

Hope that helps =]

There you go admins. Don't know if it'll work or not.

They won't work, because people are posting them as TinyURL links. TinyURL masks the URL, so none of the actual URL can be seen. Therefore, the only way to stop it is by filtering tinyurl.

They won't work, because people are posting them as TinyURL links. TinyURL masks the URL, so none of the actual URL can be seen. Therefore, the only way to stop it is by filtering tinyurl.

There's your solution then.

And the instructions I gave above are to stop it happening directly on the forum I believe, not to stop masking the URL.

I think an announcement should be made as a warning, and explaining exactly what it is, how it works and how to avoid it. Because I have no idea, and judging from this thread most other people dont either ;)

There's a lot of 'session stealer' sites around this second and they are VERY VERY dangerous.

basically they encode something into the habbo credits page (via a variable exploit) which sends the information about your habbo account (typically the session id) which can be used to gain control of your account.

So don't click any links that you aren't 100% secure with clicking at all. If you find yourself maliciously redirected to one of these sites you might not even realise. If you've got doubts right click and see if there's anything to do with a habbo credits page in the source. If there is; leave it and change your pass and email and email pass IMMEDIATELY.

This exploit is active on ALL hotels currently.

Habbox has to
filter these terms: ********* - *********

so it doesnt happen to Habbox

just filter them words as shown above & the most common host till the whole tihng gets boring [:

=]

I've put an announcement up: http://www.habboxforum.com/showthread.php?p=3565207#post3565207

Tell me if you think anything should be added, preferrably by PM as I'll see it first :)

We are also looking into filtering *********, *********, and www.tinyurl.com (only the whole site so people can warn others about the site itself).

Thanks!

Im slightly confused what people are on about? If its on the habbo page then the problem is probably XSS vunrabilty? and thats habbos fault for designing there webpage crapily, not habboxs or another fan site.

i was lucky. i went on a session stealer, that was posted in the advertise my site here, but i was not on Habbo and did not log in to it ect.
i don't realy understand what they do, someone explain?

TO REMOVE:

Internet Explorer:

1. LOG OUT of Habbo
2. Tools
3. Internet Options
4. Delete Cookies

Mozilla Firefox

1. Tools (Edit on a Mac)
2. Options
3. Privacy icon
4. Show Cookies
5. Remove All Cookies

Good Luck! :)