Jump to content
vorella2015

Cum pot obtine cookie de la orice site ?

Recommended Posts

1 minute ago, vorella2015 said:

Da , am cautat , nu stiu ce sa cred , uni zic ca se poate , alti nu .

Sincer, nu imi dau seama daca faci trolling sau nu...

Cand accesezi un website, primesti automat toate cookie-urile aferente...

Atunci cand webserver-ul iti trimite niste cookies, de fapt iti trimite header-ul http Set-Cookie in response. Toate accesarile urmatoare vor avea in request header-ul http Cookie cu acel/acele cookies primite la inceput (sau pe parcurs).

Exemplu folosind https://httpbin.org/

Spoiler

$ curl -v -L -c curl-cookie-jar.bin 'https://httpbin.org/cookies/set?k2=v2&k1=v1'
* timeout on name lookup is not supported
*   Trying 54.221.212.171...
* TCP_NODELAY set
* Connected to httpbin.org (54.221.212.171) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
  CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
*  subject: CN=httpbin.org
*  start date: Jan 11 23:37:29 2018 GMT
*  expire date: Apr 11 23:37:29 2018 GMT
*  subjectAltName: host "httpbin.org" matched cert's "httpbin.org"
*  issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
*  SSL certificate verify ok.
> GET /cookies/set?k2=v2&k1=v1 HTTP/1.1
> Host: httpbin.org
> User-Agent: curl/7.51.0
> Accept: */*
>
< HTTP/1.1 302 FOUND
< Connection: keep-alive
< Server: meinheld/0.6.1
< Date: Sun, 28 Jan 2018 14:53:57 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 223
< Location: /cookies
* Added cookie k1="v1" for domain httpbin.org, path /, expire 0
< Set-Cookie: k1=v1; Path=/
* Added cookie k2="v2" for domain httpbin.org, path /, expire 0
< Set-Cookie: k2=v2; Path=/
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Credentials: true
< X-Powered-By: Flask
< X-Processed-Time: 0.000816106796265
< Via: 1.1 vegur
<
* Ignoring the response-body
* Curl_http_done: called premature == 0
* Connection #0 to host httpbin.org left intact
* Issue another request to this URL: 'https://httpbin.org/cookies'
* Found bundle for host httpbin.org: 0x45fb210 [can pipeline]
* Re-using existing connection! (#0) with host httpbin.org
* Connected to httpbin.org (54.221.212.171) port 443 (#0)
> GET /cookies HTTP/1.1
> Host: httpbin.org
> User-Agent: curl/7.51.0
> Accept: */*
> Cookie: k1=v1; k2=v2
>
< HTTP/1.1 200 OK
< Connection: keep-alive
< Server: meinheld/0.6.1
< Date: Sun, 28 Jan 2018 14:53:57 GMT
< Content-Type: application/json
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Credentials: true
< X-Powered-By: Flask
< X-Processed-Time: 0.00118708610535
< Content-Length: 55
< Via: 1.1 vegur
<
{
  "cookies": {
    "k1": "v1",
    "k2": "v2"
  }
}
* Curl_http_done: called premature == 0
* Connection #0 to host httpbin.org left intact

 

Tot ce e prefixat cu * este legat de negocierea SSL. Tot ce e prefixat cu > este parte a request-ului. Tot ce e prefixat cu < este parte a response-ului. Restul e body-ul.

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...