Tampilkan postingan dengan label Cookie Stealing. Tampilkan semua postingan
Tampilkan postingan dengan label Cookie Stealing. Tampilkan semua postingan

Senin, 20 Juni 2016

What is a Internet Cookie(HTTP) and its Types






What are Different types of Cookies And their Uses: Today we will discuss about What are Different types of Cookies(HTTP) And their Uses. Before learning about types of cookies you have to learn what is a Cookie.


What are Cookies?

A cookie is information that a Website puts on your hard disk so that it can remember something about you at a later time. (More technically, it is information for future use that is stored by the server on the client side of a client/server communication.)  Using the Web's Hypertext Transfer Protocol (HTTP), each request for a Web page is independent of all other requests. For this reason, the Web page server has no memory of what pages it has sent to a user previously or anything about your previous visits. A cookie is a mechanism that allows the server to store its own information about a user on the user's own computer.




What are Different types of Cookies And their Uses



#1 Session cookie

A session cookie upto certain hours,depending on website. After the session hour, it will be destroyed.

#2 Persistent Cookie

A persistent cookie will outlast user sessions. If a persistent cookie has its Max-Age set to 1 year, then, within the year, the initial value set in that cookie would be sent back to the server every time the user visited the server. This could be used to record a vital piece of information such as how the user initially came to this website. For this reason, persistent cookies are also called tracking cookies or in-memory cookies.

#3 Secure cookie

Secure cookies are encrypted cookies. If you used HTTPS(secure Connection), then it will store the cookies in encrypted format. Even hackers steal the cookie, he is able to see only the encrypted data.
Example:
Bank websites always use Secure Cookies.

#4 HttpOnly cookie

The HttpOnly cookie is supported by most modern browsers. On a supported browser, an HttpOnly session cookie will be used only when transmitting HTTP (or HTTPS) requests, thus restricting access from other, non-HTTP APIs (such as JavaScript). This restriction mitigates but does not eliminate the threat of session cookie theft via Cross-site scripting.[15]. It is important to realize this feature applies only to session-management cookies, and not other browser cookies.

#5 Third-party cookie

Third-party cookies will store the cookies with another domain.
For Example:
http://www.example.com will store the cookies with ad.advertise12.com
At the same time, another website also set cookies with same domain.
http://www.othersite.com will store the cookies with ad.advertise12.com

#6 Supercookie

A "supercookie" is a cookie with a public suffix domain, like .com, .co.in,.in.
Most browsers, by default, allow first-party cookies—a cookie with domain to be the same or sub-domain of the requesting host. For example, a user visitinghttp://www.example.com can have a cookie set with domain http://www.example.com or .example.com, but not .com. A supercookie with domain .com would be blocked by browsers; otherwise, a malicious website, like attacker.com, could set a supercookie with domain .com and potentially disrupt or impersonate legitimate user requests to example.com.

#7 Zombie cookie

A zombie cookie is any cookie that is automatically recreated after a user has deleted it. This is accomplished by a script storing the content of the cookie in some other locations, such as the local storage available to Flash content, HTML5 storages and other client side mechanisms, and then recreating the cookie from backup stores when the cookie's absence is detected.

What is the use of Cookies?

  • Session management

    Cookies may be used to maintain data related to the user during navigation, possibly across multiple visits. Cookies were introduced to provide a way to implement a "shopping cart" (or "shopping basket"), a virtual device into which users can store items they want to purchase as they navigate throughout the site.

  • Personalization

    Cookies may be used to remember the information about the user who has visited a website in order to show relevant content in the future. For example a web server may send a cookie containing the username last used to log in to a web site so that it may be filled in for future visits.
  • Tracking

    Tracking cookies may be used to track internet users' web browsing habits. This can also be done in part by using the IP address of the computer requesting the page or the referrer field of the HTTP request header, but cookies allow for greater precision





Read more

Kamis, 16 Agustus 2012

How to Hack Facebook Accounts : Hijacking and Stealing Cookies Session 2012

Hello Everyone, I have recently posted many tutorials on facebook hacking like phishing and others. Today i am going to show you a quick and easy method for hijacking someones account for free or you can say a free access. In this method you will learn how to hack someones facebook account for free. As everyone wants their victim/enemy password but are tired from cheap hacking method so this is why i have posted this tutorial for newbies and for those who are crazy in hacking.
First of all let me explain you the word Cookie?
Cookie is a HTTP cookie or a web, which is used for admin sensitive information access.
There are many various and different Programs which are used for stealing cookies but the best and the easiest is Wireshark.

So Lets Start Facebook Cookies Stealing Method

1) Download and install the Program wireshark.

2) Now Run the Program and go to interfaces and push the button start.


3) Wait 10 minutes for finding out the cookies and sessions which are opened recently.

4) After 10 minutes all the cookies and sessions will open and display. Now You just have to enter the code in filter box  http.cookie contains “datr” and hit enter.


5) Next step click on facebook cookie and right click -Bytes -Printed text only.

6) Now Open firefox and install  Greasemonkey and  cookieinjector script. 

7) Run www.facebook.com from firefox, make sure your addons should remains enabled


8) You are done now paste the cookie inside the Wireshark cookie dump and hit Ok/enter.You will Be redirected to Facebook Home. Thats It!


This Method will be only done if your friend or victim is on a secure network like Http:// connection or more secure. Now Please Subscribe my site! Good bye & Thankyou.
Read more