It was 7/02/2010:06:30 PM.
As a part of my routine life, I logged into my CSE account to check if any unexpected holidays or any unusual lecture postpones are declared.As expected there are no such wanted mails.But there was one mail which I felt interesting.Have a look at it
Subject: Hacking
From: "bhanu prakash"
Date: Sun, February 7, 2010 5:48 pm
To: prakashb@cse.iitb.ac.in
Priority: Normal
Options: View Full Header | View Printable Version | Download this as a file
Hi, I have hacked into your gmail account. I now have your info. Cheers
mate!
As U guessed, the FROM address is my gmail account.I was little worried as this gmail account is very important for so many reasons.So I immediately tried logging into my gmail account.Thank god!! I was able to log in.I was wondering why that person who got access to my account(through my password) dint change the password.Whatever, I decided to change the password and done so.
After that I was thinking of the possibilities for my account being hacked.One possibility is that the mail i got might be a spoofed mail.I had actually done these spoofing mails in my 3rd year btech for some testing purpose.In this case the attacker uses a third party website like this to send a spoof mail.So i want to check whether the mail i got is a spoofed one or not.So i sent two mails,one a genuine mail from gmail account and another a spoofed mail with from address as my gmail account, to my cse account.
My plan was to compare the headers of these mails with the header of the original "Hacking" mail I got.Surprisingly the header of the genuine mail and the original "hacking" mail is same.In other comparison the headers differ(particularly the "X-Envelope-From" field) a lot. So i concluded that the mail i got is not a spoofed one.So i was worried about the info i got in my gmail account.I discussed this with my roommates for some advise.Senthil suggested to check the login details.To do so, I scrolled my gmail page till the end where i found a link to know the details which looks like this "Last account activity: 18 minutes ago on this computer. Details".
In the "details" page there is a list which contains ip address and the corresponding time at which the account is accessed.Surprisingly all those Ip addresses are the public IPs of IIT bombay. So it is very clear that the attacker is inside IIT(I felt he is in my room).The possibility of the attacker being one of my room-mates is very high as they can see my password while i am entering it.So i took Omair's little(it is less than little) laptop and checked the history.There it is!!! an entry containing these words "Compose mail--prakash.1729@gmail.com" and exactly at time 5:48 pm.Omair was laughing as i was finally able to catch him.So we are done finding the attacker.Next qstn, Do he know my password???..Fortunately NO.So what exactly happened??Here it goes as explained by me in the style of Sherlock Holmes..:P
I was saying this to omair and senthil with some bond music as a background in my mind..
"Hey man how did u access my account".Omair continued smiling."Say it man, wait!!! I got it.I remember accesing my gmail account form your lappy before we went to tiffin.As we are in hurry I might not have logged out from my account.Once we returned from evening tiffin, may be at 5:45 pm, U observed that i dint logged out and calmly sent a mail to my cse account from the gmail account and logged out..that's it na!!"
Omair replied smiling "Yes".
Every one is clear that he did it just for fun and just laughed.I was more relaxed as my account is not actually hacked..:)
As a part of my routine life, I logged into my CSE account to check if any unexpected holidays or any unusual lecture postpones are declared.As expected there are no such wanted mails.But there was one mail which I felt interesting.Have a look at it
Subject: Hacking
From: "bhanu prakash"
.JPG)
Posts
