ANTICHAT — форум по информационной безопасности, OSINT и технологиям

To steal cookies you should use this codes (try them all):


Enjoy

this <a href="http://myhost/s.jpg?it is test">click me</a> and this
<img src="http:/myhost/s.jpg">

is not a cookie stealing codes. because cookie stealers use JAVA scripts. The Cookies cames to haker in QUERY STRING.
in http://bbs.com/news.php?news_id=6&print=on query string is "news_id=6&print=on".
The cookie sniffer SAVE all query strings that connect to him.

IF user's cookie is user=Mike;password=xxx
JAVA script replace +document.cookie in for real cookies from user's browser and connect to http://www.gfdfdgdfg.com/sniffer.php?user=Mike;password=xxx browser think that it is a image, but don't display it.

YOU SEE. QUERY_STRING is ?user=Mike;password=xxx it will be saved by your SNIFFER http://www.gfdfdgdfg.com/sniffer.php

Sorry for bad, bad English.

Where should I write these codes if ı post them as an answer for a topic, they work like a text ,cookies do not reach to my sniffer??

What forum?

http://www.forum.antichat.ru/thread20140.html

Read this text and if you have any questions just write them here.

You must know the version of that forum. Those codes won't work. You should find a ready-made exploit for the version of that forum, edit it and write the address of your sniffer. Or learn to find some bugs to by-pass different filters.

Forum ı am trying to steal cookie is vBulletin Version 3.0.7
I tried some exploits in general but do you suggest any special and there is no filters for codes , ı just think ı make something wrong in somewhere but where

Are you trying to steal cookies from the users of our forum?=)))
That forum may be patched =\

I agree with NeMiNeM .
Maybe the forum be patched by someone.