Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    New to the CF scene
    Join Date
    Jan 2006
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Cookie Retrieving (request)

    Hello,

    I am after someone who can put a code or something on my web site which will retrieve the users cookies he or she has on their computer from ANOTHER web site.

    This is possible and it is used with some java script code.

    Willing to pay money for this so please add me on

    MSN: chatmaster@chattar.com

    Thanks

  • #2
    Senior Coder
    Join Date
    Dec 2004
    Location
    Essex, UK
    Posts
    2,636
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It is not possible, cookies cannot be read from a domain other than the one they were created by. If they could, we'd be in a lot of trouble.

  • #3
    New to the CF scene
    Join Date
    Jan 2006
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Well it is possible :-)

    There are about 1000000 articles about doing it

    Anyone else wanto help me?

  • #4
    jkd
    jkd is offline
    Senior Coder jkd's Avatar
    Join Date
    May 2002
    Location
    metro DC
    Posts
    3,163
    Thanks
    1
    Thanked 18 Times in 18 Posts
    Please refrain from crossposting in the future.

    In any case, I cannot think of any legitimate use of peaking at cookies associated with other domains, other than to steal passwords or session info. This is possible with any cross-domain scripting exploit, of which there are plenty in IE (particularly if the computer isn't fully patched), but where is the motivation to give you code to steal our passwords? Unless of course, I'm missing some obvious reason that is eluding me at the moment (in other words, please correct me if I'm wrong).

  • #5
    New to the CF scene
    Join Date
    Jan 2006
    Posts
    3
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I am not after the code for that reason, what so ever. :-)

    I am after it so I can simply track where my clients have been and which competitors sites they have been to also to see if they are legimate people.

    I would appreciate your help

    Thanks!

  • #6
    Regular Coder
    Join Date
    Aug 2005
    Location
    Canada
    Posts
    137
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by jezzajezza
    I am not after the code for that reason, what so ever. :-)

    I am after it so I can simply track where my clients have been and which competitors sites they have been to also to see if they are legimate people.

    I would appreciate your help

    Thanks!
    Yeah, put that in Privacy Policy, and anybody smart won't buy anything from you.

  • #7
    jkd
    jkd is offline
    Senior Coder jkd's Avatar
    Join Date
    May 2002
    Location
    metro DC
    Posts
    3,163
    Thanks
    1
    Thanked 18 Times in 18 Posts
    Quote Originally Posted by jezzajezza
    I am not after the code for that reason, what so ever. :-)

    I am after it so I can simply track where my clients have been and which competitors sites they have been to also to see if they are legimate people.

    I would appreciate your help

    Thanks!
    That is still unethical, given user-expectations of surfing a website and their privacy.

  • #8
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I agree, its wrong, you shouldnt even want to do it let alone be thinking about doing it....

    If there are that many articles then go do it yourself

    What you have probably read is about XSS (Cross Site Scripting) which can be a problem when web applications have been badly designed. Its not a method of setting it up, its a method of exploiting badly designed websites with content management systems to steal sessions and passwords. You have to know what you are doing and most good systems are protected against XSS.

    Through the native browser UI there is no way to retrieve cookies from another website, as the web browser will only send the cookie for your website.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •