-1

I'm experimenting a bit - I've set up an very simple server and different domains.

I've logged into one of my user accounts and want to try to copy an active session cookie from one user to another or from Internet Explorer to Firefox.

I tried to find them under: ../apps/roaming/windows/cookies

but didn't get the right result.

I used Greasemonkey with a cookie injection script for according to an previous Wireshark capture.

Let's say, for example, I want to clone my Facebook account session - I assume it didn't work because of the HTTP connection.

Can somebody help me out?

The clean way - simply copying it would be my preferred method - as I have complete access to all of the hardware because it's my test setup - but I can't figure it out :(

The 2nd way would also be nice if somebody could explain and help me

Spooky
  • 2,966
  • 8
  • 27
  • 41
VanceAnce
  • 11
  • 3
  • which windows-version? – Dr.Molle Feb 10 '15 at 20:08
  • sry - didnt mention: the domain user where i use ie8 runs on a win7 machine – VanceAnce Feb 11 '15 at 21:19
  • i found a solution for IE11, didnt manage it for IE8 but with IE11 it works like it is described here: http://stackoverflow.com/questions/19941029/how-do-i-view-cookies-in-internet-explorer-11-using-developer-tools with the comment that you´ve to doubleclick the cookie with the datr value and then copy and paste it into an text editor (e.g. word ) then trim the cookie and paste it into a cookie injection prepared firefox (greasmonkey+script) – VanceAnce Feb 12 '15 at 07:31
  • Just a question: Why don't you simply login to facebook in Firefox(should be much easier than copying a cookie)? Currently I don't see any other purpose than getting access to an account that's not your own. – Dr.Molle Feb 12 '15 at 11:06
  • @dr molle i know - but i am testing it on the one hand for seeing if cookie higjacking is realy that simple (and yes sadly it is if you have local acces) and then testing if seasson logout on fb prevents it realy and my 3rd step is to test if my network is attackable with arp pois. + wireshark but it seems as its an https with that simple duo its not attackable "easy" maybe if i put a proxy before so that i can handly the https stuff and then look how i can prevent that also ^^ – VanceAnce Feb 13 '15 at 11:12

1 Answers1

0

When you didn't need to find the cookie programmatically(it's doesn't seem so when I read the comments) you may use the developer-tools in IE8 too.

My IE8 is in german, so ic can't tell you the exact name of the menu-items you must navigate through, but I guess you'll find it.

  1. Navigate to facebook.com
  2. Hit F12 to open the devtools
  3. In the menubar of the devtools is an item Cache(name may differ in english)
  4. the last item of the Cache-menu should be something like show cookie details, select it
  5. you should find the datr-cookie in the following page(at least for me it's there when I'm logged in)
Dr.Molle
  • 116,463
  • 16
  • 195
  • 201