vorella2015 Posted January 28, 2018 Report Posted January 28, 2018 Salut baietii , am si eu nevoie sa pot obtine cookie de la orice site , este cineva pe aici care ma poate ajuta , platesc pentru asta . Astept Pm pentru mai multe detallii. Quote
DoubleG Posted January 28, 2018 Report Posted January 28, 2018 din curiozitate, ai cautat macar pe google? Quote
vorella2015 Posted January 28, 2018 Author Report Posted January 28, 2018 Da , am cautat , nu stiu ce sa cred , uni zic ca se poate , alti nu . Quote
spider Posted January 28, 2018 Report Posted January 28, 2018 15 minutes ago, vorella2015 said: nu stiu ce sa cred , uni zic ca se poate , alti nu . 2 Quote
u0m3 Posted January 28, 2018 Report Posted January 28, 2018 1 minute ago, vorella2015 said: Da , am cautat , nu stiu ce sa cred , uni zic ca se poate , alti nu . Sincer, nu imi dau seama daca faci trolling sau nu... Cand accesezi un website, primesti automat toate cookie-urile aferente... Atunci cand webserver-ul iti trimite niste cookies, de fapt iti trimite header-ul http Set-Cookie in response. Toate accesarile urmatoare vor avea in request header-ul http Cookie cu acel/acele cookies primite la inceput (sau pe parcurs). Exemplu folosind https://httpbin.org/ Spoiler $ curl -v -L -c curl-cookie-jar.bin 'https://httpbin.org/cookies/set?k2=v2&k1=v1' * timeout on name lookup is not supported * Trying 54.221.212.171... * TCP_NODELAY set * Connected to httpbin.org (54.221.212.171) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt CApath: none * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: CN=httpbin.org * start date: Jan 11 23:37:29 2018 GMT * expire date: Apr 11 23:37:29 2018 GMT * subjectAltName: host "httpbin.org" matched cert's "httpbin.org" * issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3 * SSL certificate verify ok. > GET /cookies/set?k2=v2&k1=v1 HTTP/1.1 > Host: httpbin.org > User-Agent: curl/7.51.0 > Accept: */* > < HTTP/1.1 302 FOUND < Connection: keep-alive < Server: meinheld/0.6.1 < Date: Sun, 28 Jan 2018 14:53:57 GMT < Content-Type: text/html; charset=utf-8 < Content-Length: 223 < Location: /cookies * Added cookie k1="v1" for domain httpbin.org, path /, expire 0 < Set-Cookie: k1=v1; Path=/ * Added cookie k2="v2" for domain httpbin.org, path /, expire 0 < Set-Cookie: k2=v2; Path=/ < Access-Control-Allow-Origin: * < Access-Control-Allow-Credentials: true < X-Powered-By: Flask < X-Processed-Time: 0.000816106796265 < Via: 1.1 vegur < * Ignoring the response-body * Curl_http_done: called premature == 0 * Connection #0 to host httpbin.org left intact * Issue another request to this URL: 'https://httpbin.org/cookies' * Found bundle for host httpbin.org: 0x45fb210 [can pipeline] * Re-using existing connection! (#0) with host httpbin.org * Connected to httpbin.org (54.221.212.171) port 443 (#0) > GET /cookies HTTP/1.1 > Host: httpbin.org > User-Agent: curl/7.51.0 > Accept: */* > Cookie: k1=v1; k2=v2 > < HTTP/1.1 200 OK < Connection: keep-alive < Server: meinheld/0.6.1 < Date: Sun, 28 Jan 2018 14:53:57 GMT < Content-Type: application/json < Access-Control-Allow-Origin: * < Access-Control-Allow-Credentials: true < X-Powered-By: Flask < X-Processed-Time: 0.00118708610535 < Content-Length: 55 < Via: 1.1 vegur < { "cookies": { "k1": "v1", "k2": "v2" } } * Curl_http_done: called premature == 0 * Connection #0 to host httpbin.org left intact Tot ce e prefixat cu * este legat de negocierea SSL. Tot ce e prefixat cu > este parte a request-ului. Tot ce e prefixat cu < este parte a response-ului. Restul e body-ul. 1 Quote
Technetium Posted February 2, 2018 Report Posted February 2, 2018 (edited) @vorella2015 ai postat la exploit-uri. Trebuia postat la Ajutor. Esti din 2015 aici... Suntem pierduti, la fel ca tara asta. Si? Ati reusit? Si...inca nu! https://youtu.be/CCs_DkC-oHA?t=155 Edited February 2, 2018 by Technetium Quote