Four Steps To Hijack An Online Account
Setting The Scene:
For this step we need to set up two things. These being that first you have access to the computer that is currently logged into the account you wish to hijack as well as you having enough time on it to follow the rest of the steps.
While secondly you need to have the computer that you wish to give the account to ready (This can be done later on but for simplicity sake its just easier to have both machines ready).
Installing And Setting Up The Tools:
After you have acquired both computers and have the chrome web browser loaded on both you now need to install an extension to the browser, the extension I used to do this is called Edit This Cookie (Other extensions are available but this is the one I used). For the hijacking to work this extension needs to be installed on both computers. As well as this if the extensions were not enabled by basic then enable them on both browsers also.
One small thing that needs to be set up for the importing of the cookies to be successful on every website is for a setting in Chrome to be disabled. This is because on visiting certain websites (For example Netflix) they will redirect you to another website if you are not signed in with them (In this case Signup.netflix.com) and as the cookies only work for the original site we entered and not the redirect site entering the cookies will not work. There is a fix for this and it is to turn of a feature in chrome that allows websites to redirect you. This setting is called “Phishing And Malware Protection”. This setting can be found by going to your Settings (chrome://settings/) and then scrolling to the bottom and pressing advanced. Once here search for the setting and disable it.
Exporting And Importing The Cookie
Now that both computers are set up and have the appropriate extension on them now the next step entails exporting the cookies from the machine with the account logged in. To do this you will need to be on the machine that you wish to hijack the account and be logged into the specific website that you wish to take the account off. Once this has been done click the cookie button in the right hand side of the screen (Shown in the image below by a green box). After you have selected this icon a list of setting will pop up, here we need to select the export cookies button (Shown below in the blue box). This will then copy all of the cookies to your clipboard. Sometimes it may make a box appear with the cookies inside, if this is the case just copy and paste the contents.
Now the best thing to do is email the copied cookies to yourself. Instead of this you could save it to a USB in a notepad document to use later. Anything along these lines is okay as long as you will have access to these cookies on the computer that you wish to give the account to.
Importing the cookies is similar and all that needs to be done is that you are on the same website as before (on the new machine, that you wish to give the account to/ share the account with) and that the machine has the extension installed. The import cookies button can be found right next to the export cookies button (As shown in blue below). After this is selected a box will appear, once you have this past all of the cookies we copied earlier and then click submit cookie changes. After this the cookies should be updated and you should be logged into the new account. If you are not then there are several troubleshooting techniques that you can implement to fix this.
- Refresh the page
- Select “Submit Cookie Changes” again
- Select all of the boxes above the “Submit cookie changes” button
- Make sure that you un-clicked the “Phishing And Malware Protection” button in the settings and stated in the installation section above.
Finally everything is completed and you have successfully hijacked an account (Hopefully), now all we need to do is clean up. First off if you wanted to do this discreetly you will need to remove the extension on the ‘Victims’ computer. This can be done as easily as installing it as next to the extension is a button to remove it (Don’t get this confused with the button to disable it). Although if you wish to perform an attack like this on the same users computer again and the user isn’t technical savy then it might be best to just disable the extension so that you don’t have to go through the hassle of installing it all over again. As well as this the extension that I am using Edit This Cookie has been said to inject advertising into search results. This being the case after I have successfully Hijacked an account I normally disable it on my own computer just to be precautions.
The last thing that we need to clean up is to turn the “Phishing And Malware Protection” setting back on (If you turned it off in the first place. This can be done by simply re-clicking on the tick box.
Image Source: Pixbay.com