Protecting against Neopets Cookie Grabber (CGer) Guide

Submitted by saudor on Sun, 17/05/2009 - 8:13am

Welcome to the in-depth guide to avoiding cookie grabbers. This page has been generated from background information of how it works, reverse engineering of various neo CGs and 1st hand research. (plus losing 800k + trades along the way, but hey, it's priceless!!)

[SHORT VERSION]

For the in-depth version, please see http://www.neopets.com/~punchback_bob
Remember that Internet Explorer is vulnerable to on-site cookie grabbers (on neopets)
Opera users should use the userjs file called BlockScript. It's sorta complicated but it's here

Get firefox here: http://www.mozilla.com/en-US/firefox/firefox.html?from=getfirefox

Recommended Firefox Add-ons
"NOSCRIPT" This helps block malicious scripts from running. 
Don't forget to whitelist neopets.com and any other sites that you trust (like hotmail.com) (see attachment)

FLASHBLOCK This allows you to selectively load adobe flash player objects. If you need flash to play games, simply click the arrow to enable that object. This is allowed since most browsers don't even come with flash. Do not whitelist neopets as one type of CG uses a redirection of http://images.neopets.com/flash_version_check_v1.swf? to steal cookies.

KEYSCRAMBLER ADD-ON. For protection against key loggers (programs that record everything you type) It's no use changing your password if every key you press is being sent to the "hacker"

ADBLOCK. It allows you to block ads... and other things (like CGs) See attachment for more info

REQUESTPOLICY. RequestPolicy is an extension that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit.

 

Think you got CG'd?

If you THINK you were CG'd, the first you should do is LOG OUT. Why? Because this invalidates the cookie that the "idiot" took. Try it yourself. Log into neo in another browser. You will see that you can browse neopets for a bit on both web browsers. Now click the log out button of one browser and see what happens. Contrary to popular belief, clearing cookies will do nothing for you. Just log out, get the keyscrambler add-on (if you can get it), and then log back in and THEN change your password

 

AttachmentSize
Image icon whitelist-neopets.gif74.73 KB
Image icon ablock-instructions.gif43.8 KB
Forums: 
Neopets Misc
  • 230789 reads

Wow CGers are on the move again. Now they do it on their user lookups and galleries. _______________________________________________ Bugsy's GUIDE to Effective SHOPKEEPING and MALLING: Version 3: Learn More About Hut Positioning http://www.neopets.com/~bugsy_lenny
. _______________________________________________ Bugsy's GUIDE to Effective SHOPKEEPING and MALLING: Version 3: Learn More About Hut Positioning http://www.neopets.com/~bugsy_lenny
bugsybogis | Sun, 08/08/2010 - 7:10pm |

Posted on Charter & Mallers of Neopia: [quote] Well, someone is attempting to CG me, I believe. I received two neomails from two separate people saying "I heard you might be interested" with a link to their gallery. I naturally did not visit said links, but did go on my empty side account to peek and one was empty, the other had a codestone. Something is amiss.. be aware and careful.. [/quote] Let it also be said that I'm rarely ever seeking anything. I have only 1 NC item on my wishlist and people mention it by name via neomail usually. - Kara
- Kara
supre_drake | Sun, 08/08/2010 - 7:24pm |

[quote=zixianna]2o7.net is a tracking cookie site used by Adobe. You don't have to worry about your Neo cookie being stolen by them, but block it anyway :)[/quote] Thanks, I was not 100% sure. I had a feeling it was something like that, but wanted to make sure. I stayed up all night restocking and what not, and rumaging the BD Chat, and lets just say it has been a rather crazy night. Have been pointing people to the punchback_bob page. I also thought about making a page listing common sense strategies, such as using FF for your main activities and IE to look at Userlookups and Pet lookups, pins, and etc, just because of the number of people I had to tell it to last night... but I'm too lazy for that, and I dont feel like creating another pet :o [font=Courier New] -------------------------------------------------------------- The STUFF - Mainly Codestones @ reasonable prices http://www.neopets.com/browseshop.phtml?owner=whispering_acara&misc [/font]
whispering_acara | Sun, 08/08/2010 - 8:39pm |

[quote] From: [fetus_] Jamie Sent: 8/8/2010 09:04pm Folder: Inbox Subject: Heyyy Message: I heard you may be interested in this..? It's in my gallery.. Link: http://www.neopets.com/gallery/index.phtml?gu=fetus_ [/quote] Yay, I feel special I've been targeted too! *lol*
zixianna | Sun, 08/08/2010 - 9:14pm |

[quote=zixianna][quote] From: [fetus_] Jamie Sent: 8/8/2010 09:04pm Folder: Inbox Subject: Heyyy Message: I heard you may be interested in this..? It's in my gallery.. Link: http://www.neopets.com/gallery/index.phtml?gu=fetus_ [/quote] Yay, I feel special I've been targeted too! *lol*[/quote] Nice username to boot! lol. My trades are still too cheap to be worth targeting :( I need to restock or snipe something better.
jfrog5982 | Mon, 09/08/2010 - 5:06pm |

CGs are being worked on i think ----------------------------- [color=purple]Contrary to popular belief, the Irish and I are not married[/color]
----------------------------- [color=purple]Protect your account[/color] http://www.neopets.com/~punchback_bob CG information & more
saudor | Thu, 12/08/2010 - 10:11am |

[quote=saudor]CGs are being worked on i think[/quote] Don't you like how we have to speculate and guess what they're doing by watching what code breaks, etc? *sigh* That's one thing that annoyed me during the whole CG scare, I kept WANTING to bump into a CG shop so I could play around with it, but I never got a link to someone's shop that was obviously broken, and that made me sad :( Always tempt Fate, she's a fickle one :)
zixianna | Thu, 12/08/2010 - 10:16am |

[center] [font=verdana] I'm glad there is SOME progress. *unsure* -------------------- http://www.neopets.com/browseshop.phtml?owner=leelo513&misc [/font] [/center]
-------------------- http://www.neopets.com/browseshop.phtml?owner=leelo513&misc
Leelo513 | Thu, 12/08/2010 - 10:44am |

Ahaa, I ran into 1 CG store this whole time. But luckily nothing got stolen :P ~Abrar http://www.neopets.com/browseshop.phtml?owner=abrar1646&misc
abrar13 | Thu, 12/08/2010 - 11:04am |

As far as I know, I haven't hit one at all. Lucky me I guess *unsure*
Artemis | Thu, 12/08/2010 - 1:50pm |

Pages