Description: This short tutorial shows you how to create a simple cookie catcher when cross-site scripting(XSS) and unsecure cookies exists on a web application.
Penetration testers can use this to show clients how easy it is to grab cookies from a web application if it is vulnerable to cross-site scripting.
Cookie Catcher Script: http://pastebin.com/j9KMDFRi
Follow me on Twitter: @jlshaw87
Tags: XSS , Cross-site Scripting , Cookies , Cookie Catcher , OWASP ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.