/Private

XSS cookie stealer using JavaScript and PHP

Primary LanguageHTML

How to use

  1. Upload cookiestealer.php to your server
  2. Edit cookie.html to replace YOURWEBSITE.COM with your server's URL or IP
    • The script part can be used to attack a vulnerable website
  3. Do some XSS attacks
  4. Visit log.txt to see the collected cookies

Source

This code is based on what can be seen here: Write an XSS Cookie Stealer in JavaScript to Steal Passwords

It explains in details what it's doing.