Import Wireshark Cookies into Firefox?

Question

I'm trying to copy session cookies (collected using Wireshark) into a different Firefox sessions. But can't seem to find a method or working add-on to manage the cookies.

Greasemonkey and tampermonkey's "cookie injector" userscripts don't seem to work. Many other FF add-on's either require JSON format, Netscape format (output formats Wireshark doesn't support) or the cookie add-on's don't feature the ability to import cookies at all.

Is it currently possible to import cookies (collected using Wireshark) using Firefox?

References:

https://addons.mozilla.org/en-US/firefox/addon/tampermonkey/
https://www.youtube.com/results?search_query=wireshark+cookies
https://github.com/ihciah/cookieinjector

UPDATE:

It seems if there aren't cookies set already, I can't right-click on any of the parameters (Name, Path, Domain) to add data. Only if there are cookies already present it's possible to "Delete All" or "Add Item". Is there a solution for adding cookies using Storage when no cookies are present?

@Matthew thanks for your reply. I'm nor sure I follow. When I paste the copied cookie into a text files, its almost 1,000 characters and has several parameters (e.g., "_ud=","__rtgt_sid=", "d7s_uid=", "d7s_spc=") with encoded strings. How can I use this info with `document.cookie`? — user182487, Jul 19 '18 at 11:34
Each of those parameters looks like it is a distinct cookie, so you'd just set them one by one. — Matthew, Jul 19 '18 at 12:32
Following your update: We need more information to understand whether the lack of cookies is normal. In your case, are you authenticated on this website? Is it the same website you retrieved the cookie using Wireshark? — Yuriko, Jul 20 '18 at 08:42
If you visit [www.example.com](https://www.example.com/), you can see that no cookie has been created. Because the website doesn't need to. If you go on [www.google.com](https://www.google.com/), you can see that cookies have been created, even though you're not authenticated. It's probably for tracking purpose and other technical stuff. I don't know which website you visited in your example, but you probably were not authenticated. — Yuriko, Jul 20 '18 at 08:47

Yuriko · Accepted Answer · 2018-07-19T13:41:38.860

As Matthew said, you can directly set the cookies with the document.cookies="..." command in your browser console.

Example on security.stackexchange.com:

As you can see, I am not logged in. I cheated a bit and directly retrieved my cookie through my browser, and not through wireshark, but your question is about setting it once retrieved.

Cookie Name  |  Value
acct         |  t=7c6483ddcd99eb112c060ecbe0543e86&s=080f651e3fcca17df3a47c2cecfcb880

To set it, you can use the document.cookies="{COOKIE_NAME}={VALUE}" command, like I did on the picture above. You need to repeat this command for any cookie you want to set.

I just need to refresh the page, and the cookie will authenticate me.

Here, the Storage tab shows the cookies that have been set.

Note that other security controls may be put in place to prevent cookie theft, like checking other information associated with the user. (Browser, IP, etc.) It is the case here, I couldn't do much before being deauthenticated.

thank you for this answer. It seems like my solution, but I'm having a small issue implementing it. See the updated question. @Yuriko — user182487, Jul 19 '18 at 16:06

Import Wireshark Cookies into Firefox?

1 Answers1

Linked

Related