Next Generation Emulation banner

1 - 9 of 9 Posts

·
Registered
Joined
·
526 Posts
Discussion Starter #1
Same as the subject guys. Need a software which can help me decrypt cookies. Its part of my project . My proffesor asked me if I could help him find one as he needs it for his work so if anyone can help out I'd be greatful. Thanks for all the help.
 

·
Registered
Joined
·
209 Posts
I think it depends on what kind of cookie you are talking about. If you want to view your cookies I recommend mozilla firefox, after storing a cookie you can go into options->Privacy->Cookies->View Cookies.

Some cookies are in cleartext, the encryption of some cookies is probably done serverside in most cases so it's most likely different depending on what type of cookie it is.
 

·
Registered
Joined
·
526 Posts
Discussion Starter #3
Well thats the thing isnt there a software which can manahe to decrypt all sort of cookies no matter what format it is in
 

·
Registered
Joined
·
145 Posts
No. Why would anyone need to decrypt their own cookies? Most of them contain information such as how many visits to a certain site nad the login status.
 

·
Registered
Joined
·
526 Posts
Discussion Starter #5
forget about that my friend. All I need is a software do you know of one, if you do, can you please let me know thanks
 

·
Registered
Joined
·
209 Posts
As I said I don't think there necessarily is a standard way cookies are encrypted. There might be some standard algorythm in php/asp or something that alot of websites uses to encrypt the cookies before sending them to your browser, but I think you have to pick a specific case, like a forum cookie or something and then study it.
 

·
Registered
Joined
·
1,577 Posts
But at this point it get's extremely complicated. Cryptanalysis is the only way, as there is no rules that determine algorithm. Also, you don't know what the seed or key is.
 

·
Registered
Joined
·
526 Posts
Discussion Starter #8
Thats the whole point. Isnt there a software which is capable of decrypting it. I mean they must have some sort of standardised key value or something to decrypt the cookie.
 

·
Registered
Joined
·
209 Posts
It doesn't necessarily has to:
Website: Hay you have any cookies for this site?
YourBrowser: Yes I have a few you set earlier, here you go.
Website: Cool! (Decrypts cookie using blowfish encryption and a key that only the websiteowner has), ok your id & password is valid, welcome man.

Now another website might use another algorythm like GOST to encrypt/decrypt the cookie, and it's not likely that you can find out how it is done serverside so you can never know what kind of information is stored inside the cookie. (well maybe if its stored in cleartext.)

I'm not exactly sure this is how it works, but I would guess it is something along those lines...
 
1 - 9 of 9 Posts
Top