Users login

Create an account »


Users login

Home » Hacking News » Hotmail users vulnerable

Hotmail users vulnerable

by Nikola Strahija on August 20th, 2001 If you click on "Read More", you will find out how to see other people's hotmail messages. This is for educational purpose only.


The following explanation has been contributed by wAwAsAn4 from
The explanation posted is provided "as is".


---=[ Three Steps To View Someones Emails In Hotmail ]=---

(Tested with Internet Explorer 5)

To view full email from some elses account do the following:

1. Login normally to Hotmail with your ID (any id)

2. Use this type of link to view specific message from specific user:


From that link change values:

MSG943322803%2e16 (Message id number, its simply a counter. %2e=.)

username (Hotmail account name to view)

(remove "%26raw%3d0" if you want to view email as 'emailbox view', instead of full raw view.)

(remove "&hm___fl=attrd&" if you dont like the hotmail frame on top.)

3. Done. If you entered correct message number & that user has it you will see it. :)

(Test it with your own other hotmail account messages first to get the idea working.)

---=[ ideas and comments for improved viewing / scan ]=---

Now typing those message numbers manually is too much

work, you could create a small utility to automatically

scan given range of messages from specific user name.

(You need to build it to work with IE, as you must be

logged in hotmail when you want to view messages..)

It also helps to know that from the message numbers,

in you own hotmail inbox,you can see about what time

is what message number been used. eg:

MSG997936971.27 arrived on 16.08.2001.

MSG996698372.27 arrived on 01.08.2001.

MSG975960863.0 arrived on 04.12.2000.

So you dont need to scan as many message addresses

when you know from which range you are looking at.

(Check out Hotmail Scanner Bot aka. hobo for automatic scanning.)

Test messages: (Login to hotmail,then use links to view message from my test account)

raw format view: (can copy base64 encoded files too:)

email box view: (can see any attached images directly etc.:)

---=[............ Research by wAwAsAn4 ..............]=---

---=[........... [email protected] .............]=---

---=[................. 17.08.2001 ...................]=---


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »