Security/Web 웹사이트에 구워진 전체 쿠키보기 bslime 2008. 5. 31. 15:57 script language="javascript"; // 쿠키 읽기 function GetCookie(name){ var arg = name + "="; var alen = arg.length; var clen = document.cookie.length; var i = 0; while(i < clen){ var j = i + alen; if(document.cookie.substring(i, j) == arg) return getCookieVal(j); i = document.cookie.indexOf(" ", i) + 1; if(i == 0) break; } return null; } // 쿠키 읽기 function getCookieVal(offset){ var endstr = document.cookie.indexOf(";", offset); if(endstr == -1) endstr = document.cookie.length; return unescape(document.cookie.substring(offset, endstr)); } // 쿠키 읽기2 - 2중 쿠키에서 사용 function GetCookie2(key1, key2) { var tmp = GetCookie(key1); if(tmp == null) return null; tmp = tmp.split("~"); for(var i = 0; i<tmp.length; i++) { var tmp2 = tmp[i].split("="); if(tmp2.length == 2 && tmp2[0] == key2) { return tmp2[1]; } } return null; } //--> </script> <script language="javascript"> <!-- document.write("cookie : " + document.cookie + "<br>"); document.write("<br>username : " + GetCookie("username") ); document.write("<br>ecid : " + GetCookie("ecid")); document.write("<br>login : " + GetCookie("login")); document.write("<br>adult : " + GetCookie("adult")); document.write("<br>evaluation : " + GetCookie("evaluation")); document.write("<br>========ecid정보=========="); document.write("<br>ecuser : " + GetCookie2("ecid", "ecuser")); document.write("<br>eclname : " + GetCookie2("ecid", "eclname")); document.write("<br>ecfamily : " + GetCookie2("ecid", "ecfamily")); document.write("<br>catvid : " + GetCookie2("ecid", "catvid")); document.write("<br>ectype : " + GetCookie2("ecid", "ectype")); document.write("<br>rowid : " + GetCookie2("ecid", "rowid")); document.write("<br>ecfamily : " + GetCookie2("ecid", "ecfamily")); document.write("<br>ecf : " + GetCookie2("ecid", "ecf")); document.write("<br>mediatype : " + GetCookie2("ecid", "mediatype")); document.write("<br>cusType : " + GetCookie2("ecid", "cusType")); document.write("<br>cbmDomain : " + GetCookie2("ecid", "cbmDomain")); document.write("<br>credate : " + GetCookie2("ecid", "credate")); //--> </script> XSS