+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+
|A|n|o|m|a|l|o|u|s| |C|o|o|k|i|e| - v1.0
+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+
Auto fuzz cookies to detect weaknesses (leading to additional vulnerabilities) and create screenshots.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
INSTALL/PRE-REQS:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-
Install python:
apt-get install python -
Install pip!
apt-get install python-pip pip install --upgrade pip -
Install needed Python libs:
pip install selenium -
Install Geckodriver!
wget https://github.com/mozilla/geckodriver/releases/download/v0.18.0/geckodriver-v0.18.0-linux64.tar.gz
- tar zxvf geckodriver-v0.18.0-linux64.tar.gz
- chmod 655 geckodriver
- cp geckodriver /usr/bin/geckodriver
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
INSTALLING:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
GIT CLONE the 'AnomalousCookie' script/framework:
git clone https://github.com/LostRabbitLabs/AnomalousCookie
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
HOW TO USE:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Usage:
./AnomalousCookie-v1.py -h // HELP!!
./AnomalousCookie-v1.py -1 "https://www.example.com" output // Append fuzz data before existing cookie payload data.
./AnomalousCookie-v1.py -2 "https://www.example.com" output // Overwrite existing cookie payload data.
./AnomalousCookie-v1.py -3 "https://www.example.com" output // Append fuzz data after existing cookie payload data.
Enable proxy by modifying the setting below:
proxy = "yes"
Screenshots will be saved in the 'output' directory. Enjoy!
-theLostRabbit