zabbix
+ Reply to Thread
Results 1 to 8 of 8

Thread: View cookies that you stole?

  1. #1
    Join Date
    Apr 2007
    Posts
    109

    View cookies that you stole?

    ok i am curious on how you can view cookies that you stole and how can you use other peoples cookies that you have stole as your own?

  2. #2
    Join Date
    Sep 2005
    Posts
    2,050
    how you can view cookies that you stole
    Attackers usually would make the victim send the cookies off to their own server after the victim has clicked the link. This might be by requesting a script in an image tag with the cookie included in a get variable, or by Javascript redirecting the victim to his server.

    Once the victim clicks the link and their browser has sent the cookie details back to the attacker's server, the attacker can view the cookies using whatever method the script used to get them to him; for example putting them all in a text file or emailing them to him. Cookies are just text after all.

    Enter this in your address bar to see your own cookie for this domain:

    javascript:alert(document.cookie);

    That is what a cookie-thief wants. When someone does a XSS attack, they inject malicious code into a victim's page with the goal of accessing objects like cookies and getting them back to their own server.

    how can you use other peoples cookies that you have stole as your own?
    I use the Add 'n' Edit Cookies extension for Firefox.

    Try reading these:

    [url]http://en.wikipedia.org/wiki/Form_(web[/url])
    [url]http://en.wikipedia.org/wiki/HTTP_cookie[/url]
    [url]http://www.w*schools.com/[/url]
    [url]http://www.php.net/manual/en/[/url]

  3. #3
    Join Date
    Apr 2007
    Posts
    109
    thanks alot man but i have one more question I made the php script that steels cookies and it just came out like[URL="http://dipman44.78*mb.com/log.txt"]this[/URL]

    my cookie steeler is[URL="http://dipman44.78*mb.com/funnyvideo.php"]here[/URL]

  4. #4
    Join Date
    Sep 2005
    Posts
    2,050
    Could be many reasons it didn't work. It's impossible for me to know without the PHP source and other info.

  5. #5
    Join Date
    Apr 2007
    Posts
    109
    Quote Originally Posted by mike*5* View Post
    Could be many reasons it didn't work. It's impossible for me to know without the PHP source and other info.
    i gave you the php source: 78*mb.com

  6. #6
    Join Date
    Sep 2005
    Posts
    2,050
    Quote Originally Posted by dipman44 View Post
    i gave you the php source: 78*mb.com
    You didn't. Web servers don't give out the source to server-side scripts, so I can't just access it at its URL and click 'view source'. That only works for browser scripts.

    You'll have to post the source here.

  7. #7
    Join Date
    Apr 2007
    Posts
    109
    Quote Originally Posted by mike*5* View Post
    You didn't. Web servers don't give out the source to server-side scripts, so I can't just access it at its URL and click 'view source'. That only works for browser scripts.

    You'll have to post the source here.
    wait so how do i get it?

  8. #8
    Join Date
    Sep 2005
    Posts
    2,050
    Open it in a text editor.

+ Reply to Thread

Similar Threads

  1. Cookies
    By DMP in forum Internet Privacy
    Replies: 1
    Last Post: 07-20-2008, 09:35 AM
  2. Replies: 4
    Last Post: 02-05-2008, 07:48 AM
  3. how to decrypt cookies?
    By dendang in forum Security & Encryption
    Replies: 0
    Last Post: 01-29-2007, 09:23 PM
  4. someone has stole copyright material from me
    By damselindistres in forum Viruses and Trojans
    Replies: 1
    Last Post: 12-11-2005, 09:20 AM
  5. Cookies
    By Unregistered69 in forum Proxies and Firewalls
    Replies: 1
    Last Post: 01-07-2003, 09:44 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts