-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
37 lines (36 loc) · 1.07 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<!DOCTYPE html>
<html>
<title>Proviesec XSS Test Site</title>
<body>
<script type="text/javascript">
function findGetParameter(parameterName) {
var result = null,
tmp = [];
location.search
.substr(1)
.split("&")
.forEach(function (item) {
tmp = item.split("=");
if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);
});
return result;
}
if(findGetParameter('cookie')) {
console.log(findGetParameter('cookie'));
console.log(atob(findGetParameter('cookie')));
document.open();
var allcookies = atob(findGetParameter('cookie'));
// Get all the cookies pairs in an array
cookiearray = allcookies.split(';');
// Now take key value pair out of this array
document.write("<table><tr><td>Key</td><td>Value</td></tr>")
for(var i=0; i<cookiearray.length; i++) {
name = cookiearray[i].split('=')[0];
value = cookiearray[i].split('=')[1];
document.write ("<tr><td>" + name + "</td><td>" + value + "</td></tr>");
}
document.close();
}
</script>
</body>
</html>