Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Cookie stealer

  1. Home
  2. Forum
  3. Web hacking
  4. Cookie stealer

ghost's Avatar

ghost

0 0

I was wondering… I have a sub-domain on a site and i was wondering i the cookies on the domain would still be active when visiting the sub-domain. Would it be possible to make a cookie stealer script(PHP?) so that when a member visits my sub-domain it would fetch their cookie info?


ghost's Avatar

ghost

0 0

the PHP session information is actually stored in a temporary file on the server, so if you can locate that folder, you should have all the cookie information for that server there- assuming the subdomain points to a place on the same server as the doemain.

The answer to your question would be a yes more than likely.


ghost's Avatar

ghost

0 0

Sessions are stored on the server, Cookies are stored on the client's computer. And to answer your question, it depends on the security of the cookie and the domain it was set, just try something simple like:

Go to one subdomain and make sure a cookie is set Go to your subdomain with this file:

<? print_r($_COOKIE); ?>

If the cookies from the other domain are there, you can easily log them.