Hi, question for the wise
htmlspecialchars($_COOKIE["name"]) - PHP
$_COOKIE["name"] - PHP
document.cookie - Javascript
Currently i have these commands to grab the cookie. However, the victim has javascript disabled and PHP is currently being sanitised with the addition of comment tags between < and ?, so output is <!--? ......PHP CODE ...... ?-->.
I am attempting to XSS a forum, where the victim posts his own cookie, using HTML as the XSS (this may be the wrong way but its an attempt i am trying in the name of learning and education ^^)
My current code (if it helps with context) is:
<form action="comment.py" method="POST">
<input type="hidden" name="comment" value="$_COOKIE['auth']"/>
<input type="submit" value=" "/>
</form>
This successfully posts $_COOKIE['auth'] to the forum, when clicked. (i know the PHP tags are missing but they are just commented out.
My Question: Is there any other languages that i could use within HTML value field to grab the value of a cookie?
P.S. this is part of a CTF game =)
