Protecting against Neopets Cookie Grabber (CGer) Guide

Submitted by saudor on Sun, 17/05/2009 - 8:13am

Welcome to the in-depth guide to avoiding cookie grabbers. This page has been generated from background information of how it works, reverse engineering of various neo CGs and 1st hand research. (plus losing 800k + trades along the way, but hey, it's priceless!!)

[SHORT VERSION]

For the in-depth version, please see http://www.neopets.com/~punchback_bob
Remember that Internet Explorer is vulnerable to on-site cookie grabbers (on neopets)
Opera users should use the userjs file called BlockScript. It's sorta complicated but it's here

Get firefox here: http://www.mozilla.com/en-US/firefox/firefox.html?from=getfirefox

Recommended Firefox Add-ons
"NOSCRIPT" This helps block malicious scripts from running. 
Don't forget to whitelist neopets.com and any other sites that you trust (like hotmail.com) (see attachment)

FLASHBLOCK This allows you to selectively load adobe flash player objects. If you need flash to play games, simply click the arrow to enable that object. This is allowed since most browsers don't even come with flash. Do not whitelist neopets as one type of CG uses a redirection of http://images.neopets.com/flash_version_check_v1.swf? to steal cookies.

KEYSCRAMBLER ADD-ON. For protection against key loggers (programs that record everything you type) It's no use changing your password if every key you press is being sent to the "hacker"

ADBLOCK. It allows you to block ads... and other things (like CGs) See attachment for more info

REQUESTPOLICY. RequestPolicy is an extension that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit.

 

Think you got CG'd?

If you THINK you were CG'd, the first you should do is LOG OUT. Why? Because this invalidates the cookie that the "idiot" took. Try it yourself. Log into neo in another browser. You will see that you can browse neopets for a bit on both web browsers. Now click the log out button of one browser and see what happens. Contrary to popular belief, clearing cookies will do nothing for you. Just log out, get the keyscrambler add-on (if you can get it), and then log back in and THEN change your password

 

AttachmentSize
Image icon whitelist-neopets.gif74.73 KB
Image icon ablock-instructions.gif43.8 KB
Forums: 
Neopets Misc
  • 230777 reads

[quote=Artemis]As far as I know, I haven't hit one at all. Lucky me I guess *unsure*[/quote] [color=gray]same with me :)[/color] --- [color=blue] From the land where Funny is a smell and Peachy is an emotion... [/color]
[color=Gray]Good Idea: Feeding stray kittens in the park. Bad Idea: Feeding stray kittens in the park... to a bear.[/color]
davymuncher | Thu, 12/08/2010 - 8:23pm |

I'm not sure this is anything important, but just a few minutes ago I got this message: Hang On! There's a new rule! You can only embed src files that end in: .jpg .jpeg .gif .bmp .png .midi .wav .mp3 .mid You cannot use any variation of the tags to embed files that end in .wavloop=-1 from this url: http://www. funofun. com/images/cupcake/aww.wavloop=-1 I got it in a couple shops after trying to buy a Terror Trove Scratchcard from each. *unsure* Don't go to the URL just in case. [center] [color=#74BE04]» Luck «[/color] [color=#C4928C]» http://www.neopets.com/browseshop.phtml?owner=twilight51492 «[/color] [/center]
[center] [color=#74BE04]» Luck «[/color] [color=#C4928C]» http://www.neopets.com/browseshop.phtml?owner=twilight51492 «[/color] [/center]
twilight51492 | Thu, 12/08/2010 - 9:17pm |

Ughh, seriously, I don't get why people CG. There's better ways to hack, and those methods don't directly damage a Neopets user -_- CG is a mean way to hack :( ~Abrar http://www.neopets.com/browseshop.phtml?owner=abrar1646&misc
abrar13 | Thu, 12/08/2010 - 9:24pm |

Yes, I've been seeing that a lot today (and yesterday too). All the URLs in the broken shops are ones where there is a space missing between the filename (blablabla.wav) and the arguments (autoloop=1). I'm wondering if it is coding errors on the part of the users, or if the filters are doing something to peoples tags. Don't have time to try it out though, Meteor shower to go watch, it's already 12:30AM and I need to go buy some drinks and get to the beach *lol*
zixianna | Thu, 12/08/2010 - 9:29pm |

I don't think they are a cookie grabber because I've seen them on general things like Can of Neocola or Ultimate Burger or unlikely stuff like Chocolate Cake or Raspberry Neocola

Come to Novi Pier Imports

http://www.neopets.com/browseshop.phtml?owner=cornstarch678&misc

Where Everyday is A Sale

Come to Novi Pier Imports

http://www.neopets.com/browseshop.phtml?owner=cornstarch678&misc

Where Everyday is A Sale

cornstarch876 | Thu, 12/08/2010 - 9:48pm |

Ok. I wasn't sure so I thought I'd post it. I don't know much about CG codes and stuff. lol [center] [color=#74BE04]» Luck «[/color] [color=#C4928C]» http://www.neopets.com/browseshop.phtml?owner=twilight51492 «[/color] [/center]
[center] [color=#74BE04]» Luck «[/color] [color=#C4928C]» http://www.neopets.com/browseshop.phtml?owner=twilight51492 «[/color] [/center]
twilight51492 | Thu, 12/08/2010 - 10:27pm |

Sorry, must have misinterpreted what you were asking, important yes, because it's TNT making some code enforcement changes, so that's good, but I'm sure those shops are quite safe (or else I would be in big trouble with how many I've seen *lol* ) My question, for those who know how - is it bad form to buy from these shops? I've found some deals that were worth the extra effort, and I figure the item IS for sale, so it isn't cheating to buy it from the shop, any opinions (obviously, only TNTs matters, but still ;) )
zixianna | Fri, 13/08/2010 - 1:51am |

[quote=abrar13]Ughh, seriously, I don't get why people CG. There's better ways to hack, and those methods don't directly damage a Neopets user -_- CG is a mean way to hack :( ~Abrar http://www.neopets.com/browseshop.phtml?owner=abrar1646&misc[/quote] [color=gray]I don't get what they find enjoying about taking accounts just to get iced. [/color] --- [color=blue] From the land where Funny is a smell and Peachy is an emotion... [/color]
[color=Gray]Good Idea: Feeding stray kittens in the park. Bad Idea: Feeding stray kittens in the park... to a bear.[/color]
davymuncher | Fri, 13/08/2010 - 10:02am |

[quote=davymuncher]I don't get what they find enjoying about taking accounts just to get iced. [/quote] 1) Some people do it to steal whats there, pass it around to other accounts, and maybe even sell the NP for real life cash. As you can see, they hit a LOT of accounts, so if they only stole the NP from 1/4 of them, that's still a LOT of goods to abscond with. 2) To prove they can, the challenge of it. 3) Because they have small penises.
zixianna | Fri, 13/08/2010 - 10:14am |

[quote=zixianna][quote=davymuncher]I don't get what they find enjoying about taking accounts just to get iced. [/quote] 1) Some people do it to steal whats there, pass it around to other accounts, and maybe even sell the NP for real life cash. As you can see, they hit a LOT of accounts, so if they only stole the NP from 1/4 of them, that's still a LOT of goods to abscond with. 2) To prove they can, the challenge of it. 3) Because they have small penises.[/quote] [center] [font=verdana] *lol* I like number 3 -------------------- http://www.neopets.com/browseshop.phtml?owner=leelo513&misc [/font] [/center]
-------------------- http://www.neopets.com/browseshop.phtml?owner=leelo513&misc
Leelo513 | Fri, 13/08/2010 - 10:25am |

Pages