How to Hack a Website

Method 1:

Search for an open website that allows users to post content. A forum is a nice example. However, be sure that the site is vulnerable to a cross-site scripting attack, or else this won't be successful.

Head to the post creator. You will need to add some specific code to the post which tracks details of anyone that clicks it. Try entering ; if a popup alert appears when you click on the post, then this site is at risk of being hacked.

Step 3

To carry out a cookie catcher attack, you need to create and upload your own cookie catcher to a website that supports PHP and is vulnerable to remote code execution via upload. The purpose of this is to capture a user's cookies and gain access to their accounts on websites with weak logins. For code to help with this, you can refer to the example cookie catcher code in the sample section.

Post something with a code that can capture the cookies and forward them to your site. For example: