Jump to content
UBot Underground

[HTTP Plugin Example] - Move Cookies from Browser to HTTP Plugin

Bot-Factory

By Bot-Factory,
in General Discussion

 Share Followers 3

Recommended Posts

Bot-Factory

Bot-Factory 602

Posted
Posted

Hello.

 

Here is a simple example how to load a cookie from the browser into a variable and use it with the HTTP plugin:

ui button("Browser") {
    BrowserCookie()
}
ui button("Http Get") {
    httpgetbutton()
}
define BrowserCookie {
    clear cookies
    navigate("http://www.html-kit.com/tools/cookietester/", "Wait")
    run javascript("document.cookie=\"username=MyPersonalCookie\";")
    navigate("http://www.html-kit.com/tools/cookietester/", "Wait")
    set(#cookie, $eval("var x = document.cookie;
x;"), "Global")
}
define httpgetbutton {
    plugin command("HTTP post.dll", "http container") {
        plugin command("HTTP post.dll", "http cookiecontainer mode", "Basic")
        plugin command("HTTP post.dll", "http cookies string", "{#cookie}HTTPGET")
        set(#httpget, $plugin function("HTTP post.dll", "$http get", "http://www.html-kit.com/tools/cookietester/", $plugin function("HTTP post.dll", "$http useragent string", "Chrome 32.0 Win7 64-bit"), "", "", ""), "Global")
        load html(#httpget)
    }
}

Using this technique on a live website is much harder thing to do. Depending on the website, they could use techniques to prevent session stealing. 

Sometimes they encrypt the IP adress into a cookie. Which still would work. But they could also use other variables. 

 

Sometimes you need to scrape something from the website and combine that with the cookie to login. 

So the technique to move a cookie from the browser to http plugin and the other way around is really simple. 

 

But knowing which cookies to store and what you have to change / manipulate is the tricky part.

 

Dan 

  • Like 4
Link to post
Share on other sites
Bot-Factory

Bot-Factory 602

Posted
  • Author
Posted

How to use the cookie back to the browser if we used new browser node?

It's in the example:

 run javascript("document.cookie=\"username=MyPersonalCookie\";")

 

Just replace the text with the variable where you have the cookies stored.

 

Dan

Link to post
Share on other sites
Marton

Marton 48

Posted
Posted

Nice example Dan! I like the cookie tester site. One tiny observation:

 

I don't think you need to declare the variable "x" in the javascript, simply doing this should be enough:

set(#cookie, $eval("document.cookie;"), "Global")

I have a question, maybe you know the answer to this. Shouldn't each "http container" have its own separate cookies? I deleted the "http cookies string" command, but the cookies seem to be used for the next "http get" function too. Look at this:

 

http://www.screencast.com/t/wyXMesE1

 

Clear Cookies command from the plugin doesn't seem to help either.

 

Thanks,

Marton

 

EDIT: adding this to the container seems to "clear" the cookies, but I still don't get why the two containers share the cookies:

plugin command("HTTP post.dll", "http cookies string", "")
Link to post
Share on other sites
Marton

Marton 48

Posted
Posted

load cookie to http post works, but load cookie to ubot browser not works for me

 

It's working well, make sure you are using the latest HTTP Post plugin (v 2.5.1.0).

Link to post
Share on other sites
ptlrc

ptlrc 2

Posted
Posted

thanks for your quick reply, and please help me out again

 

i do have the latest http post plugin .

 

what i am trying is to save a ubot browser cookie , and then i can use it next time.

 

 

 

i have tested in this way:

 

after login ubot forum in ubot browser manually

then run the following code

 

set(#cookie$eval("var x = document.cookie;
x;"), "Global")
clear cookies
navigate("http://www.ubotstudio.com/forum/""Wait")
wait for browser event("Everything Loaded""")
wait(2)
run javascript("document.cookie=\"{#cookie}\";")
navigate("http://www.ubotstudio.com/forum/""Wait")

 

it is not logged in when navigate ubot forum

Link to post
Share on other sites
Bot-Factory

Bot-Factory 602

Posted
  • Author
Posted

The important cookies are probably set to HTTPOnly. That means you can not read them via JavaScript.

 

Not sure how the http plugin handles them. Have to ask Aymen.

Dan

Link to post
Share on other sites
  • 11 months later...
noname

noname 2

Posted
Posted

hello

i couldn't figure the java script part out

how would i go about loading a cookie like this into the browser

 

not HTTP plugin

but ubot browser

 

 

IOUASTR=Mozilla%2F%35.%30+%28Windows+NT+%36.%33%3B+rv%3A%33%36.%30%29+Gecko%2F%32%30%31%30%30%31%30%31+Firefox%2F%33%36.%30
datr=ANEzVckgJ9qz6o1IpovWLtaq; Path=/; Domain=facebook.com; HttpOnly; Max-Age=63071995; Expires=Tue, 18-Apr-2017 16:00:18 GMT
c_user=100004947046093; Path=/; Domain=facebook.com; Secure; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT
fr=0xMBM316SSivqpESh.AWUIZ8Y7Mlsx5DdfRrvZ1P96wzQ.BVM9ER._I.AAA.0.AWW4NdSn; Path=/; Domain=facebook.com; HttpOnly; Max-Age=7775995; Expires=Sat, 18-Jul-2015 16:00:18 GMT
xs=154%3AcOg-1_7HV-P69Q%3A2%3A1429459217%3A5943; Path=/; Domain=facebook.com; Secure; HttpOnly; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT
csm=2; Path=/; Domain=facebook.com; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT
lu=RgmB6H9WkHtsrIUSRZTW_Fbw; Path=/; Domain=facebook.com; Secure; HttpOnly; Max-Age=63071995; Expires=Tue, 18-Apr-2017 16:00:18 GMT
s=Aa7pnFTbtOB43gwW.BVM9ER; Path=/; Domain=facebook.com; Secure; HttpOnly; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT

Link to post
Share on other sites
Bot-Factory

Bot-Factory 602

Posted
  • Author
Posted

hello

i couldn't figure the java script part out

how would i go about loading a cookie like this into the browser

 

not HTTP plugin

but ubot browser

 

 

IOUASTR=Mozilla%2F%35.%30+%28Windows+NT+%36.%33%3B+rv%3A%33%36.%30%29+Gecko%2F%32%30%31%30%30%31%30%31+Firefox%2F%33%36.%30

datr=ANEzVckgJ9qz6o1IpovWLtaq; Path=/; Domain=facebook.com; HttpOnly; Max-Age=63071995; Expires=Tue, 18-Apr-2017 16:00:18 GMT

c_user=100004947046093; Path=/; Domain=facebook.com; Secure; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT

fr=0xMBM316SSivqpESh.AWUIZ8Y7Mlsx5DdfRrvZ1P96wzQ.BVM9ER._I.AAA.0.AWW4NdSn; Path=/; Domain=facebook.com; HttpOnly; Max-Age=7775995; Expires=Sat, 18-Jul-2015 16:00:18 GMT

xs=154%3AcOg-1_7HV-P69Q%3A2%3A1429459217%3A5943; Path=/; Domain=facebook.com; Secure; HttpOnly; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT

csm=2; Path=/; Domain=facebook.com; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT

lu=RgmB6H9WkHtsrIUSRZTW_Fbw; Path=/; Domain=facebook.com; Secure; HttpOnly; Max-Age=63071995; Expires=Tue, 18-Apr-2017 16:00:18 GMT

s=Aa7pnFTbtOB43gwW.BVM9ER; Path=/; Domain=facebook.com; Secure; HttpOnly; Max-Age=251972866777; Expires=Sat, 01-Jan-10000 06:59:59 GMT

 

That's not possibe (http only).

Dan

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 3
Go to topic listing
×
×
  • Create New...