https://github.com/darkarp/autocookie
Automatically load stolen cookies from ChromePass
https://github.com/darkarp/autocookie
Last synced: about 1 year ago
JSON representation
Automatically load stolen cookies from ChromePass
- Host: GitHub
- URL: https://github.com/darkarp/autocookie
- Owner: darkarp
- License: agpl-3.0
- Created: 2021-03-13T16:10:02.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2021-03-19T07:27:47.000Z (over 5 years ago)
- Last Synced: 2025-03-24T17:55:16.388Z (over 1 year ago)
- Language: Python
- Size: 1.45 MB
- Stars: 24
- Watchers: 3
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
AutoCookie - Automatically loading stolen cookies from ChromePass
View Demo
·
Report Bug
·
Request Feature
## Table of Contents
* [About the Project](#about-the-project)
* [Getting started](#getting-started)
* [Prerequisites](#dependencies-and-requirements)
* [Installation](#installation)
* [Usage](#usage)
* [Errors, Bugs and Feature Requests](#errors-bugs-and-feature-requests)
* [Learn More](#learn-more)
* [License](#license)
---
## About The project
AutoCookie requires the data acquired using [ChromePass](https://github.com/darkarp/chromepass) or data in the same [format](#the-chromepass-data-format).
It's a python-based console application that starts a browser with the following features:
- Automatically detects victims who have cookies on the website you're in.
- Automatically loads cookies for the chosen victim on that browser session.
---
## Getting started
### Dependencies and Requirements
This is a very simple application, which uses only:
* [Python] - Tested on python 3.6+
* [Firefox] - It requires Firefox to run. Instead of adding support for many browsers, having to deal with the problems of each one, it runs with Firefox, the most stable browser by far to run with selenium.
### Installation
Autocookie can be used in any operating system but it requires the stolen cookies obtained from [ChromePass](https://github.com/darkarp/chromepass) or the same [format](#the-chromepass-data-format).
Clone the repository:
```powershell
git clone https://github.com/darkarp/autocookie
```
Install the dependencies:
```powershell
cd autocookie
pip install -r requirements.txt
```
If any errors occur make sure you're running on the proper environment (if applcable) and that you have python 3.6+
If the errors persist, try:
```powershell
python -m pip install --upgrade pip
python -m pip install -r requirements.txt
```
---
## Usage
AutoCookie is very straightforward. Start by running:
```powershell
> python autocookie.py
```
A browser window will show up. Here, you can navigate to any website you want.
On the terminal window you will be notified whether any victims were found to have cookies for that particular website.
All you have to do is either select the victim you'd like to load, or skip loading for that website.
If victims were found for a website and you change the url on the browser, you must skip the prompt on the terminal before it can recognize that the url has changed.
### Notes
>This is a very early release with just the basic functionality.
`Refactorization`, `non-interactive usage`, etc. will be added in the future.
---
## The ChromePass data format
This format is a base directory called `data`. Inside are folders named after the victim's `ip_address`. Inside there are files named `cookie0.json`, `cookie1.json`.
An example:

The `login` files are useless for the `AutoCookie`, we're only interested in the `cookie` files.
Inside the `cookie` json files, the structure is as follows:
```json
{
"domain_name_1": [{
"name": "COOKIE_NAME",
"value": "COOKIE_VALUE",
"domain": "domain_name"
}, {
"name": "COOKIE_NAME",
"value": "COOKIE_VALUE",
"domain": "domain_name"
}],
"domain_name_2": [{
"name": "COOKIE_NAME",
"value": "COOKIE_VALUE",
"domain": "domain_name"
}, {
"name": "COOKIE_NAME",
"value": "COOKIE_VALUE",
"domain": "domain_name"
}, {
"name": "COOKIE_NAME",
"value": "COOKIE_VALUE",
"domain": "domain_name"
}],
}
```
>The `login` json files are not needed but the whole directory structure must be present.
---
## Errors, Bugs and feature requests
If you find an error or a bug, please report it as an issue.
If you wish to suggest a feature or an improvement please report it in the issue pages.
Please follow the templates shown when creating the issue.
---
## Learn More
For access to a community full of aspiring computer security experts, ranging from the complete beginner to the seasoned veteran,
join our Discord Server: [WhiteHat Hacking](https://discord.gg/beczNYP)
If you wish to contact me, you can do so via: `mario@whitehathacking.tech`
---
## Disclaimer
I am not responsible for what you do with the information and code provided. This is intended for professional or educational purposes only.
## License
AGPL-3.0
---
[Python]:
[Firefox]:
[](https://scrutinizer-ci.com/code-intelligence)