Home >Web Front-end >JS Tutorial >Methods to crack session cookies_javascript techniques

Methods to crack session cookies_javascript techniques

WBOY
WBOYOriginal
2016-05-16 19:27:381546browse
How to crack the session cookie

The so-called session cookie means that after you log in successfully, the website
sends a cookie to indicate that you have Passed the verification, but unlike the general cookie
, it will not be stored on your hard drive, which means:
will disappear after you leave the browser, which means: next time you Reopen
your browser and enter this site again. This cookie is gone.

So, how to make this cookie valid forever? Saying forever is too long
Let’s keep it unchanged for 50 years...

set win=external.menuArguments
s = win.document.cookie
for each i in split (s,"; ")
document.cookie = i & "; expires=Thu, 1 Jan 2099 0:0:0 UTC"
next
The principle is very simple: just read out the session cookie. Then set his expire date
to more than ten years later. It’s that simple..

What are the benefits of using this?
1. Some websites use session cookies, so you can only use IE to download them, but cannot use flashget to capture them
(because flashget cannot capture session cookies), use this program to break these websites
Directly use flashget, nettransport to capture.
2. For sites such as Holio, after logging in, run it once, and then you can log in without needing to verify.
Directly enter the web page, (the time limit depends on the asp session. Usually about 1 day)
3. Crack some simple websites, such as softking (if there are unregistered users, you can only query three times, otherwise you have to close it
Unreasonable restrictions on restarting the browser) In softking, run After one time, the cookie record will always be
check,softview=1.. In other words, no matter how many times you query, the cookie value sent will always be 1
causing the browsing restriction to be cancelled.
4. Log in to the forum. Do you think the cookie saving time limit given by the forum is not long enough? Add it to 50 years yourself...
5. To crack the front door, you need to manually enter the gif number you see on the screen (only manually enter it once, save the cookie, and brute force it)

Okay, how do you run this? What about the program?
#################
[General usage: Applicable: IE, Sleipnir, MyIE2, all browsers]
Add to the right mouse button of IE (That is, when you want to run FlashGET to grab files, right-click the mouse and then select download, which is the right-click of IE)
Save the following program in c:winntwebpcookie.htm
------ ----------------------------------


-------- ----------------------------------
Then save the following REG file in c:winntwebpcookie.reg
---------------------------------------
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt(&P)cookie]
@="c:/winnt/web/pcookie.htm"
"Contexts"=dword:000000ff
--------- ----------------------------------
Execute the reg file, then restart IE, you can right-click on IE , using

#################

[Sleipnir only]
The top address bar, there is a green on the right Arrow, that is AddrMenu, press it and select "Edit Extended Menu"
In AddrMenu.INI, add this line at the bottom line (the following 3 lines need to be connected into 1 line)
------ --------------------------------
(&P)cookie|javascript:var ar = document.cookie.split ("; "); for (i=0; i "; expires=Thu, 1 Jan 2099 0:0:0 UTC"; } ; eval()
------------------------------------------
Modification After saving, select "Reload Extended Menu" and you can use it..
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn