1

For education and research purpose, I need to inject a cookie value into my browser to allow me login indirectly (without entering the user name and password).

I collected traffic during a login session using Wireshark. I have the cookie value. I want to inject it to login to the same website used during the login when the Wireshark was collecting the traffic (including the cookie).

How can I inject the cookie into my Firefox browser? The value looks like (where I replaced letters and numbers with xxx): 

   Cookie: FN_cookie_accept-20180525=true; PHPSESSID=xx; glt_3_xxx=yy

EDIT:

Please note that I could not find an answer in this post. If you see it answers my question, please provide steps (how to do this in steps?)?

user9371654
  • 469
  • 1
  • 6
  • 15
  • 4
    *"Please note that I could not find an answer in this post"* - I have no idea what post you are referring to. Possible duplicate of [Import Wireshark Cookies into Firefox?](https://security.stackexchange.com/questions/189928/import-wireshark-cookies-into-firefox) – Steffen Ullrich Apr 29 '19 at 14:02
  • Yes. I mean this post. Given my session format in my question. How can the post answer my question? which part should I paste in the `document.cookies`? – user9371654 Apr 29 '19 at 14:04
  • 2
    You've listed 3 cookies there. The step-by-step instructions on the post you've linked cover this exactly - each cookie (`FN_cookie_accept`, `PHPSESSID` and whatever the last set of xxxs replaces) gets a new `document.cookies` line in the console. – Matthew Apr 29 '19 at 14:07
  • 1
    @user9371654: Matthew is right and he is essentially repeating the same thing he said a year ago in a comment to the question marked as duplicate. Please study the question and answers in detail and also make yourself familiar with the [meaning of the Cookie header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cookie). – Steffen Ullrich Apr 29 '19 at 14:11
  • My cookie looks different. Can you say how to set three cookies? I wrote this syntax in the browser console: `document.cookie ="FN_cookie_accept-20180525=true; PHPSESSID=xx; glt_3_xxx=yy"` But I did not log in? – user9371654 Apr 29 '19 at 14:14
  • The console shows this message after I type my line and hit enter: `request to access cookie or storage on “https://xx.xx.xx.com/gscounters.sendReport?reports=xxx” was blocked because it came from a tracker and content blocking is enabled.` – user9371654 Apr 29 '19 at 14:16
  • Can you clarify what's wrong? how to overcome the problem? – user9371654 Apr 29 '19 at 14:17

1 Answers1

2
  1. Browse to the website you want to place cookies on.
  2. Press F12 to open the developer tools.
  3. Press F1 to open the settings.
  4. Check the "Storage" checkbox to enable this tab.
  5. Click the "Storage" tab. The cookies for this page are shown.
  6. Click the + icon to add a new cookie.
  7. Double click the Name field of the newly added cookie to change the cookie name.
  8. Double click the Value field to change the value.
  9. Refresh the page to perform a request including the new cookie.
Sjoerd
  • 28,707
  • 12
  • 74
  • 102
  • Thanks. What is name I should I enter? given the line I provided in the question, what is the cookie name I should enter? How many cookies entries I should enter? – user9371654 Apr 29 '19 at 14:21
  • @user9371654 this depends entirely on the cookie handling of the site (which should get more or less apparent if you look at the developer tab). If it does not get clear, you should learn more about cookies, what they are, what kind of information is stored within them and why they are used. None of these questions will be answered here. – Tom K. May 11 '19 at 09:51