Follow us on Twitter!
It is the path of least resistance that makes rivers and men crooked. - Bj Palmer
Saturday, June 25, 2016
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 17
Guests Online: 16
Members Online: 1

Registered Members: 94262
Newest Member: fall3n1
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Cookie stealer


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-05-06 12:36
I was wondering...
I have a sub-domain on a site and i was wondering i the cookies on the domain would still be active when visiting the sub-domain.
Would it be possible to make a cookie stealer script(PHP?) so that when a member visits my sub-domain it would fetch their cookie info?


Author

RE: Cookie stealer


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-05-06 02:46
the PHP session information is actually stored in a temporary file on the server, so if you can locate that folder, you should have all the cookie information for that server there- assuming the subdomain points to a place on the same server as the doemain.

The answer to your question would be a yes more than likely.
Author

RE: Cookie stealer


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-05-06 02:48
Sessions are stored on the server, Cookies are stored on the client's computer. And to answer your question, it depends on the security of the cookie and the domain it was set, just try something simple like:

Go to one subdomain and make sure a cookie is set
Go to your subdomain with this file:

<? print_r($_COOKIE); ?>

If the cookies from the other domain are there, you can easily log them.