Friday, 7 February 2014

How to Steal Session , Cookies

Cookie is a small amount of data which is stored on the client browser as well as on the server. and this stored data remember that user wherever he come back to same website and the website gives access to the user account without using his password.

Here is trick how to use Cookie and session to Login into other user account without using any password.
(for educational purpose only)

Step 1:
Download and install Mozilla Firefox browser.(only works with Mozilla Firefox)

Step 2:
Open Mozilla Firefox and press "Ctrl+Shift+A" and search for Add-ons "greasemonkey" . Install the "greasemonkey" to the browser.

Step 3:
After adding "greasemonkey" to browser restart the browser and goto this URL http://userscripts.org/scripts/show/119798 and Click on "Install" Button.

Step 4:
Open the website in which you want to inject that cookie. Now press "Alt+c" key you will see on Text box on the browser paste Cookie into the blank Textbox and refresh the page.


How to get Cookie?
Whenever the user login into website the cookie is created and stored on his browser.
To see Cookie paste this code into your browser(opera browser only) URL
"  javascript:alert(document.cookie);  "
and there are many way to find cookies http://www.w3schools.com/js/js_cookies.asp ,

Note : This trick may not work on "https" protocol.

No comments:

Post a Comment