method
With javascript commands redirects you to a link and gives you user cookies.
Well, now let's go to our work. (It can only be done on sites that have xss bugs)
Step 1:
For example, there is a chat room where you see a message, you send this text instead of the message:
If the time you enter the page in the form of an error shows you an error (as a warning, for example), it means that the site has a bug.
Step 2:
Create a file called xss.php on a site you own and put this php code in it:
Step 3:
Send another message in the message field with this javascript code:
Step 4:
Enter this address:
And when users see your message, they will be redirected to site.com/xss.php and their cookies in a file
It will be saved for you as cookie.html.
With javascript commands redirects you to a link and gives you user cookies.
Well, now let's go to our work. (It can only be done on sites that have xss bugs)
Step 1:
For example, there is a chat room where you see a message, you send this text instead of the message:
If the time you enter the page in the form of an error shows you an error (as a warning, for example), it means that the site has a bug.
Step 2:
Create a file called xss.php on a site you own and put this php code in it:
Step 3:
Send another message in the message field with this javascript code:
Instead of site.com, give the address of your site where you put the xss.php file.
Step 4:
Enter this address:
And when users see your message, they will be redirected to site.com/xss.php and their cookies in a file
It will be saved for you as cookie.html.