Well I have posted lots of articles on Phishing and keylogging,
but today I would like to throw some light on a very useful method
which hackers use to hack gmail, facebook and other email accounts i.e. Stealing.
One of the reasons why I am writing this article as there are lots of
newbies having lots of misconceptions related to cookie stealing and
session hijacking, So I hope this tutorial cover all those misconception
and if not all most of them.
What is a Cookie?
A
cookie is a piece of code which is used to authenticate a user on a
website, In other words when ever you login to a website such as Facebook, Gmail, Orkut etc
your browser assigns you a cookie which basically tells the browser
that for how long the user should be logged it, Apart of authentication
purpose a cookie can be used for variety of different purposes, If you
would like to know more about cookie stealing kindly google it up.
What is a Session Token?
After
an authentication is completed , A webserver hands the browser a
session token which is used because a webserver needs a way to recognize
between different connections, If a hacker could capture your session
token then it's a cakewalk for the hacker to hack into yourgmail, facebook or any other account.
What is a Session Hijacking Attack?
A
session hijacking attack is basically an act of capturing session token
and injecting it into your own browser to gain acess to victims
account.
What is a Cookie Stealer?
A cookie stealer is
basically a script used to steal victims authentication cookies, Now
for a cookie stealing process to work the website or the webpage should
be vulnerable to an XSS attack, This is the most common and widely known
misconception among newbies.
1. The attacker creates a PHP script and uploades it to a webhosting site.
2. The attacker then asks the victim to visit that particular link containing the PHP code.
3. Once the victim visits it his/her authentication cookie is saved in a .txt file.
4. Next the attacker uses a cookieinjector or a cookie editor, There are lots of firefox addons, google chrome extensions to do the work for you. Personally I use Cookie manager v1.5.1 as it's quite user friendly.
You can also use the webdeveloper toolbar to do the work for you.
5. The attacker replaces his own cookies with the victims cookies as a result of which the victims session is hijacking
Why it does not work on a website which is not vulnerable to XSS?
It's due to the browser's same origin policy, and according to it the browsers don't allow the javascripts to acess the cookies.
Gmail GX Cookie
By
now I believe that I might have cleared lots of misconceptions related
to cookie stealing, but all of those information is only good for you if
you try to do it practically, So let's get to the main topic.
In
gmail the cookie which authenticates users is called a GX cookie, Now
as we cannot use a cookie stealer as by now we don't know any XSS
vulnerability in gmail, So if you are on a LAN you can use wireshark or
any other packet sniffer to steal gmail Unsecured GX cookie and use it
to gain acess.
Will this hack always work?
Well this trick won't work on all Gmail accounts and as Gmail now offers End to End https://encryption,
Which encrypts the session token so even if we could get our hands on
the GX cookie it's useless, but if a user has turned off the End to End https:// encryption in gmail it can work for sure.
I
hope you have liked the post uptill now, I will cover the method to
steal gmail gx cookies and using it to hack gmail accounts in the next
post, So stay tuned !.
Coins Hack
.jpg)
