Home 0P3N Blog XSS Cookie Theft Is Not Working
Ready to Start Your Career?
Create Free Account
authors profile image
January 1, 2016

XSS Cookie Theft Is Not Working

January 1, 2016
authors profile image
January 1, 2016
I tried test the XSS cookie theft but not working for me! My IP is 192.168.56.101 and xss\_and\_mysql vm is 192.168.56.104 I have the listener running (netcat -lvp 80) here is my script: anything wrong! It seems to be case sensitive - try again with `````` (and yeah, its because the font he uses sucks) same problem as @haleid at first, so i followed the link and it worked but port 80 is not listening. Is something wrong!! See the following: https://www.popped.io/2014/02/hijacking-sessions-using-socat.html Using socat instead of Netcat has the advantage that socat does not stop after the first connection attempt like Netcat does. The function document.write is used in this example Please test both, socat and netcat. Please post if it works! or just use almost any webserver (apache, or lighttpd) and tail -f the access log :D The code above didn't work for me either. I googled around and found this: http://www.danscourses.com/Network-Penetration-Testing/xss-with-a-vulnerable-webapp.html
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry