Cookie Theft with Cross-site Scripting (XSS)

Simple proof on concept stealing cookies on a page vulnerable to XSS. Using Mutillidae as a vulnerable application, I’ll perform reflective cross-site scripting against myself and steal my own session cookie.

First, I’ll set up a listener using Netcat:

C:\Tools>nc -nlvp 4321

I’ll navigate to the vulnerable page:


In the input field of the vulnerable page I’ll enter my demo JavaScript to capture the cookie header:



When I click the “Lookup DNS” button, the JavaScript executes, and writes my cookie value to my Netcat listener:


Leave a Reply

Your email address will not be published. Required fields are marked *