Skip to content

Using The Cookie Theft Module

Jump to bottom
Munir Njiru edited this page Apr 8, 2016 · 2 revisions

This module aims to make it easier to give potency to a stored XSS. The simple process followed in creating an attack is as below :

  • Visit a site identify stored XSS Vulnerability
  • Identify a page you would love to test access to e.g. http://victim.com/admin/index.php
  • Go back to your mth3l3m3nt framework & in the CTDB tab create campaign
  • Feed it the page you would love to test access to because this will determine whether the current cookie can be used to access that page , it will be downloaded for you so that when you view the html you will tell whether it was successfully in the page or not.
  • Once you create a campaign , you will get a link to your hooking script a simple example will be provided but feel free to hook your script differently it will still work.
  • Wait for the target to visit the page & the information will be sent back to you & stored in your db , pages that you targeted will also be downloaded to your server.
  • Open your browser & load the target site , replace the cookie you have with the one you got in your DB then try access the target page after that , if successful, you’re welcome.

Watch a video of this in action below:

OWASP Mth3l3m3nt Framework vs bWAPP

Developed by Munir Njiru

Developer Website

Project Site

Mailing List

Clone this wiki locally