+- Sinisterly (https://sinister.ly)
+-- Forum: General (https://sinister.ly/Forum-General)
+--- Forum: The Lounge (https://sinister.ly/Forum-The-Lounge)
+--- Thread: New to cookies[I need answers please] (/Thread-New-to-cookies-I-need-answers-please)
New to cookies[I need answers please] - dork.master.king - 05-21-2022
I'm a total noob in Cookies area and I have a couple of questions ,usually I would read non-stop till I have the needed answers but I'm short on time and have a lot projects on my schedule so any direct answers would be very much appreciated because I'm tight on time...
1-I've got a txt cookie file is there a way to to convert it to Json directly with no headache? Or is that a stupid question to begin with?
2-What does True/False mean? Why is it False/False sometimes and sometimes True/False ?
3-I want to copy paste values manually in EditThisCookie extension (in chrome specifically) but how do I specify true/false values because i don't see such an option.
4-What's the number written after True /False ?
5-Does Importing cookies work with Gmail?
6-For Gmail In a scenario where I have access to the same device do I need to enter all of SIDCC,__Secure-3PSIDCC,OGPC blah blah values to remake the cookie? What about in a scenario where I don't have access to the same device?
Thanks In Advance!
Raven Out.
RE: New to cookies[I need answers please] - sunjester - 05-24-2022
These are the answers you are looking for.
(05-21-2022, 04:16 AM)dork.master.king Wrote: I'm a total noob in Cookies area and I have a couple of questions ,usually I would read non-stop till I have the needed answers but I'm short on time and have a lot projects on my schedule so any direct answers would be very much appreciated because I'm tight on time...
1-I've got a txt cookie file is there a way to to convert it to Json directly with no headache? Or is that a stupid question to begin with?
2-What does True/False mean? Why is it False/False sometimes and sometimes True/False ?
3-I want to copy paste values manually in EditThisCookie extension (in chrome specifically) but how do I specify true/false values because i don't see such an option.
4-What's the number written after True /False ?
5-Does Importing cookies work with Gmail?
6-For Gmail In a scenario where I have access to the same device do I need to enter all of SIDCC,__Secure-3PSIDCC,OGPC blah blah values to remake the cookie? What about in a scenario where I don't have access to the same device?
Thanks In Advance!
Raven Out.
1. you dont need to convert a cookie file into json. you could for shits and giggles or if you just want a better look at the info I guess.
2. true/false is a boolean, it means on/off, light/dark. it could mean anything. i would need to know the variable that the true and false is being set for.
3. ive never used that extension before, i normally use curl to make a request if i need to use a specific cookie (or someone elses cookie).
4. again, i dont know what you are looking at so i couldnt begin to tell you.
5. cookie files are not magical and normally dont contain any kind of useful information. cookie files CAN be used to impersonate someone. snagging someone's gmail cookie doesnt help much. most of the time when someone logs out the cookie changes. cookies can also have set time to live (timeout). normally stealing cookies only works against weak websites. if i stole your facebook cookie i might be able to impersonate you if i had access to your computer. for example, if i stole your facebook cookie and tried to use it on my computer it definitely would not work. but, i could steal your facebook cookie and access your computer to access your facebook account without logging in... make sense? if not, i suggest learning a language like php and actually creating cookies yourself (https://www.php.net/manual/en/function.setcookie.php).
6. you dont have to create a cookie or alter it in anyway. once you steal the file with the cookie in it you would make the HTTP request with that specific cookie.
And if you don't know or are not aware not all cookies are the same. I can make my cookie file for my website (my software in general) any way I want. they dont all look the same and each is unique to that specific web service. most are encrypted (or should be) in some fashion or another. I use curl (like mentioned earlier) when i need to use a specific cookie or use a cookie ive stolen.
Code:
-b, --cookie STRING/FILE Read cookies from STRING/FILE (H)
-c, --cookie-jar FILE Write cookies to FILE after operation (H)
-j, --junk-session-cookies Ignore session cookies read from file (H)to look at some cookies I could make a request with curl and capture the cookie file...
Code:
curl -vL --cookie-jar cookies http://google.comand the "cookie jar" (cookies file) looks something like this (without all the asterisks of course):
Code:
# Netscape HTTP Cookie File
# http://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
.google.com TRUE / TRUE 1655979397 1P_JAR 2022-05-24-10
#HttpOnly_.google.com TRUE / TRUE 1668939397 AEC Aakni**********A1TnWU5X3iFVn***e8ZCxFRglvPoy_t089cKWIuW1rQ
#HttpOnly_.google.com TRUE / FALSE 1669198597 NID 511=dYC4Jcd11j8-jIrSbBKFbvWXl2jpVEexIEQGVrlzi2kKNit3xW8ZcEdfEFE66sdiR2*******_t4WiDp6IBbDXdhf6e6X0jrqBdxBu1HA_miCtKnxEIlr-1fJqzg4p3oNuQTN90bF**************77HxQM9AaCRefDtsu0qMhttps://policies.google.com/technologies/cookies?hl=en-US
RE: New to cookies[I need answers please] - dork.master.king - 05-25-2022
(05-24-2022, 11:13 AM)sunjester Wrote: These are the answers you are looking for.Thank You very much ,your reply was very thorough and detailed , I wasn't sure I'd even get a reply after sometime ,so
(05-21-2022, 04:16 AM)dork.master.king Wrote: I'm a total noob in Cookies area and I have a couple of questions ,usually I would read non-stop till I have the needed answers but I'm short on time and have a lot projects on my schedule so any direct answers would be very much appreciated because I'm tight on time...
1-I've got a txt cookie file is there a way to to convert it to Json directly with no headache? Or is that a stupid question to begin with?
2-What does True/False mean? Why is it False/False sometimes and sometimes True/False ?
3-I want to copy paste values manually in EditThisCookie extension (in chrome specifically) but how do I specify true/false values because i don't see such an option.
4-What's the number written after True /False ?
5-Does Importing cookies work with Gmail?
6-For Gmail In a scenario where I have access to the same device do I need to enter all of SIDCC,__Secure-3PSIDCC,OGPC blah blah values to remake the cookie? What about in a scenario where I don't have access to the same device?
Thanks In Advance!
Raven Out.
1. you dont need to convert a cookie file into json. you could for shits and giggles or if you just want a better look at the info I guess.
2. true/false is a boolean, it means on/off, light/dark. it could mean anything. i would need to know the variable that the true and false is being set for.
3. ive never used that extension before, i normally use curl to make a request if i need to use a specific cookie (or someone elses cookie).
4. again, i dont know what you are looking at so i couldnt begin to tell you.
5. cookie files are not magical and normally dont contain any kind of useful information. cookie files CAN be used to impersonate someone. snagging someone's gmail cookie doesnt help much. most of the time when someone logs out the cookie changes. cookies can also have set time to live (timeout). normally stealing cookies only works against weak websites. if i stole your facebook cookie i might be able to impersonate you if i had access to your computer. for example, if i stole your facebook cookie and tried to use it on my computer it definitely would not work. but, i could steal your facebook cookie and access your computer to access your facebook account without logging in... make sense? if not, i suggest learning a language like php and actually creating cookies yourself (https://php.net/manual/en/function.setcookie.php).
6. you dont have to create a cookie or alter it in anyway. once you steal the file with the cookie in it you would make the HTTP request with that specific cookie.
And if you don't know or are not aware not all cookies are the same. I can make my cookie file for my website (my software in general) any way I want. they dont all look the same and each is unique to that specific web service. most are encrypted (or should be) in some fashion or another. I use curl (like mentioned earlier) when i need to use a specific cookie or use a cookie ive stolen.
Code:-b, --cookie STRING/FILE Read cookies from STRING/FILE (H)
-c, --cookie-jar FILE Write cookies to FILE after operation (H)
-j, --junk-session-cookies Ignore session cookies read from file (H)
to look at some cookies I could make a request with curl and capture the cookie file...
Code:curl -vL --cookie-jar cookies http://google.com
and the "cookie jar" (cookies file) looks something like this (without all the asterisks of course):
Code:# Netscape HTTP Cookie File
# http://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
.google.com TRUE / TRUE 1655979397 1P_JAR 2022-05-24-10
#HttpOnly_.google.com TRUE / TRUE 1668939397 AEC Aakni**********A1TnWU5X3iFVn***e8ZCxFRglvPoy_t089cKWIuW1rQ
#HttpOnly_.google.com TRUE / FALSE 1669198597 NID 511=dYC4Jcd11j8-jIrSbBKFbvWXl2jpVEexIEQGVrlzi2kKNit3xW8ZcEdfEFE66sdiR2*******_t4WiDp6IBbDXdhf6e6X0jrqBdxBu1HA_miCtKnxEIlr-1fJqzg4p3oNuQTN90bF**************77HxQM9AaCRefDtsu0qM
https://policies.google.com/technologies/cookies?hl=en-US
Shortly after posting my question I started digging a bit more and found out about the Curl and Wget but I wasn't sure if it would work with Google cookies or services with good security and whether I could be able to read inbox in them or if I could connect the services to a browser and continue from there so I didn't spend time learning them but I found out I could simply use a Netscape to Json converter to Import the cookies to Chrome but as you said it yourself ''if i stole your facebook cookie and tried to use it on my computer it definitely would not work'' and It didn't for the websites I was trying to gain access to.
-Now ,I'm working on VMs to exactly replicate the original system where these cookies are from based on user and hardware info but you mentioned logging out would making the cookies useless what if the cookies are fresh and the person never logged out?
I'm very interested in learning languages in general whether they're based in computers or societies but after a long battle with family over what I'll be studying I curved away from any PC related stuff which lasted years but I dropped out, I decided this is the area where I wanna grow specially after I received a gift as PC , It's been boiling my blood but I also lost family support and the reason I'm tight on time is to make money for the upcoming months' rent then find a job and continue my journey of learning, and go on with my life goals.
If you're thinking cut the shit ,I'm on the same page, so here's another question...
-If I have a Meta... vault value what can I decode from it seed?or private key?and how?(I extracted it with a tool)and since I can't find any .dat files from meta extension files what file do I need to use python scripts to crack with hashcat?
Keep in mind my intention is to make dough without the flour so I'm not in a situation to purchase any tools...
RE: New to cookies[I need answers please] - sunjester - 05-26-2022
Most private keys wont be sent over the internet, they are compared to public keys that the user transmits. It is also very highly unlikely that a password hash will be inside a cookie or in the HTTP headers. I will give a demo in PHP on how some websites use cookies. The script can be run on any server with PHP enabled.
Code:
<?php
$date = date('l jS \of F Y h:i:s A');
setcookie("last_visit", $date);
setcookie("last_visit_b64", base64_encode($date));
setcookie("referer", $_SERVER['HTTP_REFERER']);
//the following cookie info will expire after 3 seconds
setcookie("ip", $_SERVER['REMOTE_ADDR'], time()+3);
die(var_dump($_COOKIE));
?>which will give something like the results below, after the second visit to the page.
Code:
array(14) {
["ip"]=>
string(3) "::1"
["last_visit"]=>
string(37) "Thursday 26th of May 2022 02:30:22 PM"
["last_visit_b64"]=>
string(52) "VGh1cnNkYXkgMjZ0aCBvZiBNYXkgMjAyMiAwMjozMDoyMiBQTQ=="
["j_cookie_profiles_compare"]=>
string(2) "{}"
["j_cookie_profiles_saved"]=>
string(2) "{}"
["_ga"]=>
string(27) "GA1.1.1427591545.1649703117"
["_ga_XMKHC12ZFL"]=>
string(33) "GS1.1.1649703115.1.1.1649703580.0"
["ai_user"]=>
string(30) "WUFgp|2022-04-12T04:08:05.611Z"
["_gcl_au"]=>
string(24) "1.1.266660117.1649736486"
["v2CookieBannerSeen"]=>
string(4) "true"
["_uetvid"]=>
string(32) "2c7e2fd0ba1611ec98dad38a5b3217ae"
["_clck"]=>
string(14) "mxjzty|1|f0k|0"
["_ga_NSZ09KDSQS"]=>
string(34) "GS1.1.1649736493.1.1.1649736740.38"
["g_state"]=>
string(9) "{"i_l":0}"
}if you visit the page, wait more than 3 seconds, and then hit refresh, you will notice that the IP address will not be visible. If you then hit refresh the IP will be back in the cookies. So if someone were to store the authentication mechanism inside the cookie that would present a huge security risk. If we modify the code a bit and add a new cookie called "password" and then put a password hash in it, we can check that against our server side password and authenticate the user. Below is an example of user authentication using a cookie value.
Code:
<?php
$password = "password1";
$pwhash = md5($password);
$date = date('l jS \of F Y h:i:s A');
setcookie("last_visit", $date);
setcookie("referer", $_SERVER['HTTP_REFERER']);
setcookie("password", "password1");
if(md5($_COOKIE['password']) == $pwhash)
{
die("you have the correct password!");
} else {
die("the password in the cookie file is incorrect");
}
?>![[Image: Screenshot-2022-05-26-1-46-42-PM.png]](https://i.ibb.co/CKYY5mx/Screenshot-2022-05-26-1-46-42-PM.png)
As an exercise I will upload this script to my website and you can change values in the cookie file to try and "hack" the authntication by changing the values in your cookie file. Ultimately giving you access to the so-called user account. You can try to hack this page: http://sunjester.rf.gd/cookies.php
RE: New to cookies[I need answers please] - dork.master.king - 05-26-2022
(05-26-2022, 09:47 PM)sunjester Wrote: Most private keys wont be sent over the internet, they are compared to public keys that the user transmits. It is also very highly unlikely that a password hash will be inside a cookie or in the HTTP headers. I will give a demo in PHP on how some websites use cookies. The script can be run on any server with PHP enabled.Thank you I will check the exercise asap , and sorry for not being specific , my question was about logs in the second post not cookies ...
Code:<?php
$date = date('l jS \of F Y h:i:s A');
setcookie("last_visit", $date);
setcookie("last_visit_b64", base64_encode($date));
setcookie("referer", $_SERVER['HTTP_REFERER']);
//the following cookie info will expire after 3 seconds
setcookie("ip", $_SERVER['REMOTE_ADDR'], time()+3);
die(var_dump($_COOKIE));
?>
which will give something like the results below, after the second visit to the page.
Code:array(14) {
["ip"]=>
string(3) "::1"
["last_visit"]=>
string(37) "Thursday 26th of May 2022 02:30:22 PM"
["last_visit_b64"]=>
string(52) "VGh1cnNkYXkgMjZ0aCBvZiBNYXkgMjAyMiAwMjozMDoyMiBQTQ=="
["j_cookie_profiles_compare"]=>
string(2) "{}"
["j_cookie_profiles_saved"]=>
string(2) "{}"
["_ga"]=>
string(27) "GA1.1.1427591545.1649703117"
["_ga_XMKHC12ZFL"]=>
string(33) "GS1.1.1649703115.1.1.1649703580.0"
["ai_user"]=>
string(30) "WUFgp|2022-04-12T04:08:05.611Z"
["_gcl_au"]=>
string(24) "1.1.266660117.1649736486"
["v2CookieBannerSeen"]=>
string(4) "true"
["_uetvid"]=>
string(32) "2c7e2fd0ba1611ec98dad38a5b3217ae"
["_clck"]=>
string(14) "mxjzty|1|f0k|0"
["_ga_NSZ09KDSQS"]=>
string(34) "GS1.1.1649736493.1.1.1649736740.38"
["g_state"]=>
string(9) "{"i_l":0}"
}
if you visit the page, wait more than 3 seconds, and then hit refresh, you will notice that the IP address will not be visible. If you then hit refresh the IP will be back in the cookies. So if someone were to store the authentication mechanism inside the cookie that would present a huge security risk. If we modify the code a bit and add a new cookie called "password" and then put a password hash in it, we can check that against our server side password and authenticate the user. Below is an example of user authentication using a cookie value.
Code:<?php
$password = "password1";
$pwhash = md5($password);
$date = date('l jS \of F Y h:i:s A');
setcookie("last_visit", $date);
setcookie("referer", $_SERVER['HTTP_REFERER']);
setcookie("password", "password1");
if(md5($_COOKIE['password']) == $pwhash)
{
die("you have the correct password!");
} else {
die("the password in the cookie file is incorrect");
}
?>
As an exercise I will upload this script to my website and you can change values in the cookie file to try and "hack" the authntication by changing the values in your cookie file. Ultimately giving you access to the so-called user account. You can try to hack this page: http://sunjester.rf.gd/cookies.php