Post Cookies & online banking
Advertisement:
The Guarantor will protect you from losing money
and time!
So… as often happens in our lives, we do not always get what we want. Difficulties are there to overcome and, note, not always in the most difficult way.
To get to the point – often we get incomplete data in the logs – holders log into their accounts without answering secret questions, without further verification. The reason can be many factors – IP, flash (*.sol), the system trace (a set of individual parameters of the PC, which together give a very rare “picture”) and cookies. I am sure that there are also other parameters for identification, but here I will try to analyze the last one – cookies.
I think 99% of those who read this article – understand why and how cookies are recorded. If you don’t – google it – it’s not a mystery.
To give you an example let’s look at the most popular bank cookies, bankofamerica.com. Let’s say we have a log on the computer where the Holder logs in with no answers, the username is hidden by asterisks… what to do? Some time ago this was for me an insoluble problem – now … all solved ;-).
We need any account of the same bank with full access, a browser FireFox and two plugins – Cookies Importer, Cookies Exporter. I think the essence of grasped – we will log in with full access and try to understand how to use cookies and whether they can be used at all for this bank.
1) Evaluating the possibility of using only cookies for verification
Let’s take a full-fledged account… Log in to it (check all the boxes like “remember me” where possible). Remember (write down) the addresses of pages where you entered username, password, responses, etc. Exit correctly – LogOut. Here again we check if the bank remembered us and if everything is ok we export cookies after LogOut (use plugin) to a text file.
Next, we clean cookies, change IP (within a reasonable range 😉 ), change the system parameters. In general we do everything to keep from old entry only cookies (they are in text file). It is desirable to wait (if you are patient) for some hours, to avoid practically simultaneous visits from different IPs. Open a clean browser, import cookies (use the plugin) and go log in. If we are talking about BOA – you will succeed – cookies will work like clockwork ;-).
If it did not work – then it’s a happy event when you can do with “little blood”. Continue to explore the bank’s site in other ways.
2) Analysis of cookies – which of them we need?
Honestly – in 90% of my attempts to figure this out it all came down to a stupid search of different cookies, their combinations. Fortunately, there aren’t too many of them 🙂 ) Cookies with names including words or fragments of words login, ID… You will be guided there by the situation. The only thing I can advise you is to filter out unnecessary cookies. When you go to the site BOA – you recorded a certain set of cookies. And it is clear that they have nothing to do with access to the account.
Let’s look at an example – cookies when you visit bankofamerica.com
******************************
.ic-live.com TRUE / FALSE 0 pid2 1302191085bD3jH0tU4xO5
.ic-live.com TRUE / FALSE 0 sid1233 1302191085b3j3jH0tU4xO5
.bankofamerica.tt.omtrdc.net TRUE /m2/bankofamerica FALSE 0 mboxPC 1302191078960-174401.17
.bankofamerica.tt.omtrdc.net TRUE /m2/bankofamerica FALSE 0 mboxSession 1302191078960-174401
www.bankofamerica.com FALSE / FALSE 0 CMAVID none
www.bankofamerica.com FALSE / FALSE 0 JSESSIONID 0000OPd1-T_ZxM9RxtkCdF_NxJN:15m36m8jo
sofa.bankofamerica.com FALSE / FALSE 0 90010394_reset 1302191089
sofa.bankofamerica.com FALSE / FALSE 0 TestSess3 70201302191086025274579
sofa.bankofamerica.com FALSE / FALSE 0 CoreID6 70201302191086025274579
sofa.bankofamerica.com FALSE / FALSE 0 90010394_login 1302191080018461671490010394
.bankofamerica.com TRUE / FALSE 0 NSC_CbolPgBnfsjdb 445b326f7852
.bankofamerica.com TRUE / FALSE 0 cmTPSet Y
.bankofamerica.com TRUE / FALSE 0 throttle_value 23
.bankofamerica.com TRUE / FALSE 0 TCID 0007af3e-bf7c-4958-967c-a97e0000001e
.bankofamerica.com TRUE / FALSE 0 LANG_COOKIE en_US
.bankofamerica.com TRUE / FALSE 0 INTL_LANG en_US
.bankofamerica.com TRUE / FALSE 0 CONTEXT en_US
.bankofamerica.com TRUE / FALSE 0 BOA_0020 20110407:0:O:bbdc18dc-6b42-408d-a2a8e06eae9a9a1b
.bankofamerica.com TRUE / FALSE 0 TLTUID DCCDBD92612D10619EFAE8E6682ACC6D
.bankofamerica.com TRUE / FALSE 0 TLTSID DCCDBD92612D10619EFAE8E6682ACC6D
bac.com FALSE / FALSE 0 BIGipServerngen-www.80 910603947.20480.0000
.doubleclick.net TRUE / FALSE 0 id 22ada169180100a5||t=1302191085|et=730|cs=bsbqxt2l
***************************
Now let’s look at the cookies we get after LogOut from the bank account
*****************
onlineeast1.bankofamerica.com FALSE / FALSE 0 cmRS &t1=1302191239723&t2=1302191257296&t3=1302191285584<i=1302191275754&ln=&hr= https%3A//onlineeast1. bankofamerica.com/cgi-bin/ias/2/GotoLogout&fti=&fn=%20Online%20Banking%20%7C%20Accounts%20Overview_form1%3A0% 3B&ac=&fd=&u