I'm looking for a script (may have to be written in PHP) that can utilize cross site tracing to successfully steal HttpOnly cookies on the vulnerable website and log them to a .txt file on the site hosting the script.
The script will be utilizing a non-persistent XSS vulnerability on my website. To steal HttpOnly cookies, requires a more sophisticated form of XSS attack. It involves XST Cross site tracing, using the HTTP Trace function.
Example of the vulnerablity:
[url removed, login to view];script>alert("xss")</script>
I'm going to be using this to make a proof of concept for sophisticated cookie stealing for my security blog. I will not be giving out the site or location of the vulnerability. I will be testing out your script on my site to make sure that it works.