Follow us on Twitter!
I'd prefer to die standing, than to live on my knees - Che Guevara
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 25
Members Online: 1

Registered Members: 82851
Newest Member: darthvador
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Cookie stealer


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-05-06 12:36
I was wondering...
I have a sub-domain on a site and i was wondering i the cookies on the domain would still be active when visiting the sub-domain.
Would it be possible to make a cookie stealer script(PHP?) so that when a member visits my sub-domain it would fetch their cookie info?


Author

RE: Cookie stealer


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-05-06 02:46
the PHP session information is actually stored in a temporary file on the server, so if you can locate that folder, you should have all the cookie information for that server there- assuming the subdomain points to a place on the same server as the doemain.

The answer to your question would be a yes more than likely.
Author

RE: Cookie stealer


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-05-06 02:48
Sessions are stored on the server, Cookies are stored on the client's computer. And to answer your question, it depends on the security of the cookie and the domain it was set, just try something simple like:

Go to one subdomain and make sure a cookie is set
Go to your subdomain with this file:

<? print_r($_COOKIE); ?>

If the cookies from the other domain are there, you can easily log them.