First, let me introduce these two terms: JavaScript and cookie. JavaScript is a scripting language used to enhance web pages, while cookie is a simple text file that the web server sets in the client’s computer so as recognize the user. JavaScript is a simple yet powerful programming environment for web pages.
Since the study of JavaScript is itself a large topic, l can’t explain everything over here. Now let us move to our main topic: cookies i.e. editing using JavaScript.
The Document Object Model specifies document. Cookies can be modified or accessed using the methods: void () and alert ().
How to view cookies set by a site:
This is simply done by putting the following text before the URL in the address bar.
JavaScript: alert (document.cookie); Website address
This will display the status of cookies set by the site.
Now, l will take an example.
Suppose, l have signed in to the site
http: www.dipakg.com.np
When l sign in, it sets a cookie as below (only for demonstration):
PHPSESSID O1A3CDFG ALLOWED_ADMIN = No
This can be viewed using the command I have shown previously.
Think of this cookie. Look for ALLOWED_ADMIN = NO.
lf it was AllOWED_ADMIN =YES, we could get access to the site with the privileges of the admin of the site ( for supposition ) . So, let us now move forward to see cookie editing.
How to edit cookies using JavaScript;
The void () method is used to edit cookies. The following text is kept before the URL in the address bar for editing cookies:
JavaScript: void (document.cookie =” Data field =Value'');
Now, we have successfully modified the concerned cookie / s to get privileges of the admin.
What l just wants to demonstrate is that such cookies can be modified using JavaScript.
Think what would happen if any malicious user modifies cookies for unauthorized access. He could do everything he wants. In the above tutorial, I've just shown simple cookie manipulation but there are thousands of other methods provided by JavaScript . Probably, you have now understood the value of JavaScript. Learn it, hack it and enjoy it...
Cookie Editing using java script Hacking Underground
Jargon Buster-1
Techno babble demystified…
1- MB- Megabyte a measurement of storage capacity, usually for computer memory. 1mb is equals to 1024kb (kilobytes).
2- PDF- portable Document Format. A file format developed by Adobe that allows formatted pages of text and graphics to be viewed and printed correctly on a variety of machines, without the original author having to worry about the recipients. PDF pages created with the free Acrobat Reader application.
3. VGA -video graphics Array. a very basic standard for graphics output, specifying that the monitor and graphics card should be able to display 16 different colors at a resolution of 640×480 pixels.
4. HTML-Hypertext Markup Language. The language used to create pages for a website.
5-Icon - A small image used by Windows to identify a file or application.
6-Instant messaging - Real time text-based communication over a network (usually the internet), using a program such as AOL Instant Messenger.
7. PDF-Portable Document Format. a file format that allows pages of text and graphics to be viewed and printed correctly on PC.
8. Dialogue Box -Bitmap (BMP) A type of graphical image recorded as many tiny dots (or pixels).
9. Backup- A file, folder or external storage device that stores copies of valued documents.
10. Blog-Short for ‘web log’, a blog is an online journal or news site.
11. Context menus - The context-sensitive menus that pop up when you right-click on something in Windows.
12. Download- Transferring files onto your PC from the internet.
