Example #1
0
 def grab(self, user, profile=None, rc=False):
   profiles = [profile] if profile is not None else self.getProfiles(user)
   cookies=[]
   for p in profiles:
     for c in selectAllFrom(self.cookieTrail%(user,p), "cookies"):
       if rc:
         cookies.append(Cookie(c['host_key'],c['host_key'],c['name'],c['value'], 'chrome', '%s:%s'%(user,p), c['last_access_utc'],c['creation_utc']))
       else:
         cookies.append(c)
   return cookies
Example #2
0
 def grab(self, user, profile=None, rc=False):
   profiles = [profile] if profile is not None else self.getProfiles(user)
   cookies=[]
   for p in profiles:
     for c in selectAllFrom(self.cookieTrail%(user,p), "moz_cookies"):
       if rc:
         cookies.append(Cookie(c['basedomain'], c['host'], c['name'], c['value'], 'firefox', '%s:%s'%(user,p), c['lastaccessed'], c['creationtime']))
       else:
         cookies.append(c)
   return cookies
Example #3
0
 def grabAndStore(self, database=None, allUsers=False, users=None):
   path = database if database else "../CookieJar.sqlite"
   if not users or type(users) is not list:
     users=getUsers() if allUsers else [getpass.getuser()]
   grabJar(path)
   cookies=selectAllFrom(path, "CookieJar")
   if self.args.v: print("Starting with Google Chrome Cookies")
   for u in users:
     if self.args.v: print(" |- Grabbing cookies of %s"%u)
     for p in self.getProfiles(u):
       if not os.path.isfile(self.cookieTrail%(u,p)):
         if args.v: print(" |   | -> Profile %s does not have cookies"%p)
         continue
       if self.args.v: print(" |   |- Grabbing cookies of profile %s"%p)
       added=addToJar(path, [Cookie(c['host_key'],c['host_key'],c['name'],c['value'], 'chrome', '%s:%s'%(u,p), webkit_to_epoch(c['last_access_utc']),webkit_to_epoch(c['creation_utc'])) for c in self.grab(u,p)])
       if self.args.v: print(" |   | -> Stored %s new cookies"%added)
Example #4
0
def _query():
  domain= request.args.get('domain', type=str).strip()
  name=   request.args.get('name', type=str).strip()
  id=     request.args.get('id', type=str).strip()
  value=  request.args.get('value', type=str).strip()
  browser=request.args.get('browser', type=str).strip()
  user=   request.args.get('user', type=str).strip()
  where = []
  if domain:  where.append('domain="%s"'%domain)
  if name:    where.append('name="%s"'%name)
  if id:      where.append('id="%s"'%id)
  if value:   where.append('value="%s"'%value)
  if browser: where.append('browser="%s"'%browser)
  if user:    where.append('user="******"'%user)
  results=selectAllFrom(info['db'], 'CookieJar', where)
  for x in results:
    x['timejarred']  =toDate(x['timejarred'])
    x['lastused']    =toDate(x['lastused'])
    x['creationtime']=toDate(x['creationtime'])
  return jsonify({"results":results})
Example #5
0
def _inject():
  items=request.args.get('inject', type=str).split(",")
  cookies=request.args.get('cookies', type=str).split(",")
  c=[selectAllFrom(info['db'], 'CookieJar', ['id=%s'%x]) for x in cookies]
  c=[Cookie(x[0]['domain'], x[0]['host'], x[0]['name'], x[0]['value'], x[0]['browser'], x[0]['user'], x[0]['lastused'], x[0]['creationtime']) for x in c]
  success=[]
  failed=[]
  for x in items:
    ex=x.replace("chk:","")
    ex.replace("|", " > ")
    try:
      xs=x.split('|')
      if len(xs)>0: xs[0]=xs[0].replace("chk:","")
      if len(xs)==3:   grabbers[xs[1]].inject(c, xs[0], xs[2])
      elif len(xs)==2: grabbers[xs[1]].inject(c, xs[0])
      elif len(xs)==1:
        for g in grabbers:
          grabbers[g].inject(c, xs[0])
      success.append(ex)
    except Exception as e:
      print(e)
      failed.append("%s: %s"%(ex,e))
  if len(failed)>0: return jsonify({"inject":"failure", "success":success, "failed":failed})
  else:             return jsonify({"inject":"success", "success":success})
Example #6
0
def inject():
  c=selectAllFrom(info['db'], 'CookieJar')
  return render_template("inject.html", cookies=c ,info=info, grabable=grabable())
Example #7
0
def query():
  c=selectAllFrom(info['db'], 'CookieJar')
  return render_template("query.html", cookies=c ,info=info)
Example #8
0
# Main
if __name__=='__main__':
  description='''Queries the database for cookies matching criteria'''

  parser = argparse.ArgumentParser(description=description)
  parser.add_argument('-s',  action='store_true', help='Display stats')
  parser.add_argument('-d',  metavar='domain',    help='Domain to query cookies from (e.g github.com)')
  parser.add_argument('-b',  metavar='browser',   help='Browser the cookie was grabbed from (e.g firefox)')
  parser.add_argument('-n',  metavar='name',      help='Cookie name')
  parser.add_argument('-v',  metavar='value',     help='Cookie value')
  parser.add_argument('-u',  metavar='user',      help='User:profile the cookies originate from (e.g NorthernSec:12345ua0.default)')
  parser.add_argument('-id', metavar='id',        help='ID of stored cookie')
  parser.add_argument('db',  metavar='database', nargs='?', help='Database')
  args = parser.parse_args()

  where=[]
  if args.d:  where.append("domain='%s'"%args.d)
  if args.b:  where.append("browser='%s'"%args.b)
  if args.n:  where.append("name='%s'"%args.n)
  if args.v:  where.append("value='%s'"%args.v)
  if args.u:  where.append("user='******'"%args.u)
  if args.id: where.append("id='%s'"%args.id)
  db=args.db if args.db else conf.getCookieJar()
  print(db)
  cookies = selectAllFrom(db, 'CookieJar', where)
  print("id | domain | host | name | value | browser | user | lastUsed | creationTime | timeJarred | notes")
  for c in cookies:
    print("%s | %s | %s | %s | %s | %s | %s | %s | %s | %s | %s"%(c['id'],c['domain'],c['host'],c['name'],c['value'],c['browser'],c['user'],c['lastused'],c['creationtime'],c['timejarred'],c['notes']))
  if args.s:
    print("Total of %s cookie(s)"%len(cookies))