Hi; I've been trying to do the DOM/any of the XSS attacks and none of them are able to return the cookie back. It's just a popup that says "security=low". It's weird since I had this downloaded a month ago on Kali Linux VM in a saved state and it worked the first time, successfully saying "security=low;PHPSESSID=5978.." in the popup. Exact thing I wrote was alert(document.cookie). When I completely closed and reopened this VM today, it will not show document.cookie on the pop-up anymore.
Ah, I found the solution which is...the HTTPOnly tag being set to true which means any of those cookies won't show. It has to be manually flipped (which can be done via Firefox).
Excellent Video, thank you, Sir. Hoping you do more contents like this you're a good teacher. Thank you.
REALLY HELPFUL TUTORIAL. SUBSCRIBED.. Hope you will continue!
Excellent. Thanks a lot ! great work!
Hi; I've been trying to do the DOM/any of the XSS attacks and none of them are able to return the cookie back. It's just a popup that says "security=low". It's weird since I had this downloaded a month ago on Kali Linux VM in a saved state and it worked the first time, successfully saying "security=low;PHPSESSID=5978.." in the popup. Exact thing I wrote was alert(document.cookie).
When I completely closed and reopened this VM today, it will not show document.cookie on the pop-up anymore.
Ah, I found the solution which is...the HTTPOnly tag being set to true which means any of those cookies won't show. It has to be manually flipped (which can be done via Firefox).
@@HwangPasta I have the same problem, but the solution doesn't work for me
@@HwangPastaI know that http only cookies cannot be reached by scripts such as JavaScript, do you know a way?
Brother for me when i try html scripts it dont pop up . The script i typed will be shown after the hello msg
It probably means you have the wrong security level. Try again and if you have problems raise a ticket in GitHub.
This is sooo slow.
Send me a link to the better video you've made.