COOKIE STEALING – HOW IT WORKS? - Tips N TRIKS

    • Friday 14 February 2014

    COOKIE STEALING – HOW IT WORKS?

    February 14, 2014 0

    COOKIE STEALING – HOW IT WORKS?



    Cookie Stealing



    Hey guys I am back! In one of previous  article I have discussed about methods of hacking which hackers usually employ to get into an email account. As I mentioned that I will describe each method, today I will be talking about cookie stealing and commonly known as session hijacking. Cookie stealing it a great technique used by many beginners hackers. I will start with the basics of “cookie stealing” so read on…
    What is a Cookie?
    A cookie is a small piece of text that is saved in your computer by a server of the website you visit. The server saves the cookie into your computer to identify your details. That is, if you log in into your Facebook ID and closed the window/tab  forgetting to sign out. And when you open facebook.com again, you can see your ID already opened. So here the Facebook server identifies your account with the help of the cookie that is saved in your computer.
    You can do the same again but this time after closing window you have to delete your cookies and try accessing facebook.com, this time you have to sign in again. This gives the structure of a cookie and how it works. So basically, Cookie is a piece of text stored on user computer by websites visited by the user. This stored cookie is used by web server to identify and authenticate the user.
    Requirements for cookie stealing:
    1. Cookie stealing / capturing tool
    2. Cookie editing/injection
    1. Cookie stealing / capturing tool:
    If you are running your computer on Local Area Network (LAN) and even the victim is running on the same network then you can use packet sniffer to steal the text (cookie). There are many packet sniffer available on internet which are useful to the attacker for performing cookie stealing. WireShark is an example of a free packet sniffer available at http://www.wireshark.org. Similarly WebCookieSniffer is also such packet sniffer (For more visit http://www.nirsoft.net/utils/web_cookies_sniffer.html ).
    2. Cookie editing / injection:
    After capturing the victim’s cookies you have to  inject them in to your browser. This can be done by a simple JavaScript code or by a simple cookie injection tool! If you are using Mozilla Firefox then you can inject using a Mozilla addons. Below are few addons which are most commonly used for cookie editing/ injection.
    There are few plugins for Google chrome also I will talk about them in my upcoming articles!
    Note: I will be getting further information on WireSharkCookie editing tools,Cookie stealing with an example and Cookie stealing using XSS (Cross Site Scripting).
    Please share your views below…
    Author Image

    About Unknown
    Templatesyard is a blogger resources site is a provider of high quality blogger template with premium looking layout and robust design. The main mission of templatesyard is to provide the best quality blogger templates.

    Posted by at
    Labels: , , , , ,

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)