Can come handy in case you are able to access only DOM/javascript of a website and want to get naughty.

• change url variable in keylogger.js to url address where keylogger.php is located
• load keylogger.js in the DOM of the attacked application
• put keylogger.php and data.txt to your server where you have data write access (don't forget to set pertinent file priviliges.
• you're done, just let the victim come to attacked website with javascript allowed in the browser and type something

@blackout314