More details on how the hacker managed to break in VP candidate Sarah Palin emerged. The hacker who calls himself “rubico” posted on a blog on the methods he used to break into the account.

He says he used a loop hole in simple password reset module in Yahoo mail. He managed to answer the secret question which Palin used while registering at yahoo. Usually websites ask for pets name, fathers middle name etc. For a vice president candidate these details are available online at the click of the mouse.

The hacker managed to answer

  1. Sarah’s birthday by looking at Wikipedia
  2. Where she met her spouse. Took a while to answer but eventually ‘Wasilla High School’ allowed him him
  3. Zip code : Alaska had only two
  4. Alternative email address : Still unclear on how he managed to read the password reset link email
  5. Hacker reset the password to ‘popcorn’

Both account used Sarah Plain were hacked ([email protected] ; [email protected]) and now deleted.

20-year-old University of Tennessee student has been questioned in connection to the federal investigation of the break-in while the online community accuses Palin of using webmail services such as yahoo to do the official business.

Wikileaks has earlier published the screenshot of sarah’s email account and contacts and is available for download in zip format here

http://wikileaks.org/wiki/Sarah_Palin_Yahoo_account_2008

Sarah Palins email

Sarah Palin’s email

Sarah Palins Inbox

Sarah Palin’s Inbox

Explore More

What is a cookie?

A cookie is a small bit of text that accompanies requests and pages as they move between Web servers and browsers. It contains information that is read by a Web

Hack Tools, Utilities and Exploits

Packetstorm Last 10 Files glsa-200901-13.txt – Gentoo Linux Security Advisory GLSA 200901-13 – Multiple vulnerabilities have been discovered in Pidgin, allowing for remote arbitrary code execution, denial of service and

Critical SQL injection (vulnerability) on SITAGU :: Sitagu International Buddhist Missionary Centre

Security researcher Dr@GoN 3y3 reported another Critical SQL injection (vulnerability) on SITAGU :: Sitagu International Buddhist Missionary Centre http://www.sitaguacademy.com/ SQL injection is a code injection technique that exploits a security