This forum is in archive mode. You will not be able to post new content.

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ekevjn

Pages: [1]
1
Hacking and Security / Re: [ASK] About Uploading Shell VIA JPG Tamper Data
« on: April 18, 2015, 04:09:45 AM »
Try "ImageID=1011/whateveryouwant.php" 
       "ImageID=1011?whateveryouwant.php" 
      "ImageID=1011&whateveryouwant.php"
 Goodluck

2
Hacking and Security / Re: [Needhelp] Can i embed .asp page in php page???
« on: April 17, 2015, 10:04:13 AM »
Quote from: TheWormKill on April 16, 2015, 12:14:36 PM
It would be better to google first, before asking such a question.
http://lmgtfy.com/?q=php+cookie+stealer
How hard was that?


Thank for your reply.


The main method when i googling php cookie stealer that they exploit stored XSS but my hacked website isn't vulnerability with XSS so i thinking about insert some code to index.php about how the host handle user cookie and send it to me. That mean when user login ( over hybrid mode using google account) the host will check for user cookie and send it to me. (actualy the host using seesion for control and store them in uer cookie)

3
Hacking and Security / Re: [Needhelp] Can i embed .asp page in php page???
« on: April 16, 2015, 09:17:38 AM »
Quote from: Kulverstukas on April 16, 2015, 07:24:06 AM
I don't think you can combine the two - they are very different technologies and requires separate interpreters. Why are you using an ASP shell if the host is using PHP? just port the ASP shell to PHP, how hard can that be...


Thank for your reply, combine the two is impossible so there are other way can help me get logging user cookie?  i thinking about read user cookie by the way insert some code to index.php like:
=============================
Code: (php) [Select]
<?php 
echo $_COOKIE["your cookie name"];
?>=============================
But i don't know how to save the cookie or send cookie to my host

4
Hacking and Security / [Needhelp] Can i embed .asp page in php page???
« on: April 16, 2015, 02:23:49 AM »
I have uploaded php shell to a host. Now i want get user cookie so i think about xssshell and i have found 1 xssshell.asp in the internet that get people cookie through Cross-site scripting method. But i want to change the contant of index.php in the host that i hacked and put some code to get user cookie and send to my xssshell.asp. Is that impossible, any help?


Or any suggestion about different techniques can get user cookies with phpshell uploaded?

ps: i know that if host run .asp page as default so i can embed php and let them run together but my host run php


Thank for reply

Pages: [1]


Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.