Using cookies sniffed in Wireshark

[davywavy]

Hello

I would like to know how to save cookies obtained using Wireshark.

I use Firefox and have added Cookies Manager+ but cannot work out how to use it.

Using Wireshark on my laptop, I obtained cookies set on a second PC on my WLAN and would like to be abe to use them on my laptop.

A step by step guide would be much appreciated.

Thanks

[scrptnnj]

If I'm not mistaken most sites use PHP sessions(which can not be edited by the user) instead of cookies for important stuff like login info. Cookies are usually just used for things that don't need to be secure. So the cookies may or may not be that useful. That being said:

As far as saving cookies from wireshark I'd just copy and paste them into a text editor and save them. You can also click file then save in wireshark to save all of the capture results as a pcap file.

step 1:
You can either add the cookies using cookie manager or you can go to the site and if the site has a login then log into or create another account to get your own cookies, after that you just need to change the values of your cookies to that of the stolen cookies.

Add Cookies:
just click add and put in info. Repeat for each cookie.

or

Change your cookies:
In cookie manager check the box next to the cookie you want to change and click edit. Then change content to whatever the value of the stolen cookie was. Repeat for each cookie.
Note: Leave the name of the cookie alone, the name is basically the name of a variable, and content is it's value.

Step 2: Go to or refresh the page.

Results: depend on what the cookies are used for.

If you happen to have a server to run it on, you can use this to test if you are editing the cookies correctly:

Code: Select all

<?php
setcookie('logged_in', 'no');

echo $_COOKIE['logged_in'];
?>

It prints the value of the cookie, which is 'no' by default. This will also set the cookie back to 'no', so if you refresh it will return to 'no'.

[fashizzlepop]

If you happen to have a server to run it on, you can use this to test if you are editing the cookies correctly:

Code: Select all

<?php
setcookie('logged_in', 'no');

echo $_COOKIE['logged_in'];
?>

It prints the value of the cookie, which is 'no' by default. This will also set the cookie back to 'no', so if you refresh it will return to 'no'.

This will ALWAYS display 'no' as you set it to no before echoing it. switch the two statements around and you will be shown what it was set to before it gets reset to no.

[scrptnnj]

This will ALWAYS display 'no' as you set it to no before echoing it. switch the two statements around and you will be shown what it was set to before it gets reset to no.

Actually the order does not matter, I tested it before I posted. The setcookie function sends the logged_in cookie with the value of 'no' to the users computer, but you send your cookie to the server first and it echos the value of that cookie, which is whatever you changed it to. So basically when a page sets a cookie it does not get sent back to the server until the next time the user sends a request.