Cookie stealing is when you insert a script into the page so that everyone that views the modified page inadvertently sends you their session cookie. By modifying your session cookie , you can impersonate any user who viewed the modified page. So how do you use XSS to steal cookies?
The easiest way is to use a three-step process consisting of the injected script, the cookie recorder, and the log file.
First you'll need to get an account on a server and create two files, log.txt and whateveryouwant.php. You can leave log.txt empty. This is the file your cookie stealer will write to. Now paste this php code into your cookie stealer script (whateveryouwant.php):
This script will record the cookies of every user that views it.
Now we need to get …show more content…
Open up firebug and add/modify all your cookie's fields to match the data from the cookie in your log file and refresh the page. The server thinks you're the user you stole the cookie from. This way you can log into accounts and many other things without even needing to know the passwords or usernames.
1 upload the cookie stealer php file and log file to your server.
2 Insert the injection into the page via the url or text box.
3. Grab the link of that page with your exploited search query (if injection is not stored on the server's copy of the page).
4. Get someone to use that link if necessary.
5. Check your log file for their cookie.
6. Modify your own cookie to match the captured one and refresh the …show more content…
This attack is generally used where the web application is supposed to redirected to error pages or it shows error messages.
Blind sql injection is harder to exploit because:
The attacker needs to ask true or false to database and needs to use that results and based on the results he needs to exploit the vulnerability.This takes lot of time and hard work.He needs to analyze the results and find the vulnerability. So ,Blind sql injection is harder to
The easiest way is to use a three-step process consisting of the injected script, the cookie recorder, and the log file.
First you'll need to get an account on a server and create two files, log.txt and whateveryouwant.php. You can leave log.txt empty. This is the file your cookie stealer will write to. Now paste this php code into your cookie stealer script (whateveryouwant.php):
This script will record the cookies of every user that views it.
Now we need to get …show more content…
Open up firebug and add/modify all your cookie's fields to match the data from the cookie in your log file and refresh the page. The server thinks you're the user you stole the cookie from. This way you can log into accounts and many other things without even needing to know the passwords or usernames.
1 upload the cookie stealer php file and log file to your server.
2 Insert the injection into the page via the url or text box.
3. Grab the link of that page with your exploited search query (if injection is not stored on the server's copy of the page).
4. Get someone to use that link if necessary.
5. Check your log file for their cookie.
6. Modify your own cookie to match the captured one and refresh the …show more content…
This attack is generally used where the web application is supposed to redirected to error pages or it shows error messages.
Blind sql injection is harder to exploit because:
The attacker needs to ask true or false to database and needs to use that results and based on the results he needs to exploit the vulnerability.This takes lot of time and hard work.He needs to analyze the results and find the vulnerability. So ,Blind sql injection is harder to