Just thought of a neet website password catcher.

[stanni]

Hey guys,

I just thought of a neat way to capture passwords of people from websites here is how it goes...

Ok so in this example we will get passwords of people on a forum. First off register a domain that is similar of that of the website you won’t to attack.

Create a post on the website we won’t to attack telling people to go to "www.something-interesting.com"

Then create a page to go onto your website you just registered that is an iFrame at 100% x 100% with a little bit of php code that does this:

******************

If the user is coming from the domain "www.website-we-are-attacking.com" then send them to www.something-interesting.com

OR

If the user is coming from www.something-interesting.com do nothing and let the iFrame load.

******************

Ok so here is how it works:

1. The user clicks the link to your website and it redirects them to the other website with something of interest on it.

2. The user then clicks the back button thinking they will get sent back to the forum website.

3. The user is now on our website, also what we do is make them logout by making the iFrame load www.website-we-are-attacking.com/logout.php" or whatever it is for that particular website.

4. This is the clever part. What we need to do it capture their password when they log back in. First off find out what the password input box's name is most probably "password" then capture it with a bit of php and store it in a sql database, also you will won’t to capture the username as well so you know who the password belongs too :P

Please give your feedback on this, I hope it hasn’t been thought of before or I’m going to look stupid lol.

P.S. I have a perfect website in mind also that this would work on as links don’t open up in a new page and to logout on their website its www.their-domain.com/logout.php

[Sparda]

Clicking the back button on a browser doesn't make a request to any web server. Also, the back button would navigate the user away from your page with the iframe on it. It is possible (with javascript) to create a page that prevents the back button from working, and could adjust the content of the iframe accordingly.

Wouldn't work on this forum though, a mod or a user would spot it immediately and act accordingly, this happening would be very obvious to an experienced web user.

[stanni]

Clicking the back button on a browser doesn't make a request to any web server. Also, the back button would navigate the user away from your page with the iframe on it. It is possible (with javascript) to create a page that prevents the back button from working, and could adjust the content of the iframe accordingly.

Wouldn't work on this forum though, a mod or a user would spot it immediately and act accordingly, this happening would be very obvious to an experienced web user.

Hmm, I’m not sure you quite read it correctly, there are 3 web sites on total, firstly the link takes the user to my website which quickly redirects him to the "something interesting" website when the php script sees the page viewer has come from the website we are attacking. Then when the user clicks the back button he comes back to our website but instead of being redirected again to the website he just came from the php code she’s he come from the "something interesting" website and does nothing so then the next thing is the iframe loads.

Ok so how does the password get captured? because the iframe sent him to the logout page of the website we are attacking he has to log back in. (ok this might look a bit suspicious that he got logged out, buy oh well it will work on most numptys). So he guys to the top of the page and types in his credentials and clicks login.

What happens now is that his credentials are taken to the login page within the iframe with the method "post". so we put some php code in out page to capture that, like so.

*****

$password = $_GET['password'];

$username = $_GET['username'];

*****

then we save these variables to a sql database.

Simples :)

[stingwray]

The iFrame isn't going to receive any information though, definitely not with PHP.

Also, few browsers actually specify referrals in reality, when I've been dealing with this I get very poor results.

Finally, most people now don't click on links, they open them in new tabs, which don't have a back button and they simply close them when wanting to return.

[Webhostbudd]

why not just make something like fifox.com that just uses a frame or iframe to display the page, but it takes up the whole screen. Then use onkeydown javascript events to capture keystrokes and send them using httprequests to a php script on the server. You could also make it log them out in an invisible frame before the main one loads. You can really get creative. The hardest part would probably be the keypress event. Seems rather plausible with javascript though.

EDIT: Although you can't do it through a frame or iframe, you can still get the file contents with php and embed them in the body of the page. Then you could have a script with the document.onkeypress handler that monitors the page for keystrokes.

[DingleBerries]

Edit: Sorry, going to do a tutorial on/about this subject.