Hacking with the Browsers.

Posted on 27/10/2009 by

0



Cookies are a way that a browser stores important and unimportant data. They store anything from user names and passwords to the last time you were at a site to what pages you visted. There are many expolits you can do with this if the page is not properly coded. Many forums can be hacked if they have html enabled and a password harvesting script could be easy implemented.

 

Now how does it work?… I thought you could not see other cookies from other domains on your own site.  Well that is the truth, but it is easy to get around and I will let you figure that part out,  I will show you the tricks of the trade.
Okay… now the address bar is your friend if you want to see what the cookie is holding on any site. You access the cookie through the document object. For all the examples I will be using an alert to show the cookie instead of document.write.
This way you do not have to keep reloading the page.

 

The first step is to see that the cookie code is stored on your computer.  Go to any site that has cookies, I ran all of my code at hotmail to see what they had going on there. I would post screenshots, but I would not want to give away any of my hotmail info.

 

Examples:

 

javascript:alert(document.cookie)
javascript:alert(unescape(document.cookie))
javascript:alert(unescape(document.cookie).replace(/;/gi,”\n\n”))
javascript:alert(unescape(unescape(document.cookie)).replace(/;/gi,”\n\n”))

 

Monster Cookie Screenshots:

 

Cookie-Monster-Firefox-Extension_1

 

 

 

 

 

 

 

 

 

Cheers! 🙂

 

EllaHax

 


 

Advertisements