Cookie Killer *.bat file that you all have requested :)
From: Jorge Roxo (j.roxo@sotagus.pt)Date: 12/06/01
- Previous message: InfoSec: "Re: CRYPTIC URL"
- Next in thread: Tony Abedini: "Re: Cookie Killer *.bat file that you all have requested :)"
- Reply: Tony Abedini: "Re: Cookie Killer *.bat file that you all have requested :)"
- Reply: pfrancisco@InPhact.com: "RE: Cookie Killer *.bat file that you all have requested :)"
- Reply: BRAD GRIFFIN: "RE: Cookie Killer *.bat file that you all have requested :)"
- Reply: dross@ITWSouthland.com: "RE: Cookie Killer *.bat file that you all have requested :)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Jorge Roxo" <j.roxo@sotagus.pt> To: <focus-ms@securityfocus.com> Date: Thu, 6 Dec 2001 10:05:32 -0000
Hi list members,
First of all, I'd like to thank the people at Securityfocus for their
help, and for giving me some space to put the bat
file in.
Secondly, for all of you interested in it, you can download it directly
from this url:
http://www.securityfocus.com/data/tools/Cookie_Killa_Win2k.zip
I'll welcome any and all comments as well as any input that will help
develop further this bat file. You may comment
directly through the Securityfocus site on this url:
http://www.securityfocus.com/tools/2343
Now, I think it a good idea to explain a bit the principles behind this
file, so here are some explanations:
Operating systems that it works on:
Windows 9x/Me, 2000, 2000 Advanced Server, 2000 Professional, XP
Professional.
The file itself is still a "work-in-progress" project, but already
cleans most of the internet rubbish any computer accumulates whilst
surfing the internet. As its is still a work in progress issue, I will
most gladly accept any and all comments anyone cares to make.
Cookie Killa' v.0.1f.1 batch file information:
The *.bat file must be run under an administrator's account on Windows
2K, but can run on a normal user if the user has his/her privileges
setup so that they can clean/delete their own caches. This is
important since the owner of the temporary internet files directory is
usually - unless local policies are modified - the local machine's
administrator account. As with any and all browsers, but mainly
Internet explorer and Netscape browsers, cookies are stored not just
in one but several places in the local hdd.
Those places for the case of Internet Explorer are usually found at:
Windows 9x/ME:
Local HDD:>\Windows\Cookies
Local HDD:>\Windows\Temporary Internet Files\Content.IE5
Windows 2000/ 2000 Professional/ 2000 Advanced Server/ XP
Professional:
Local HDD:>\Documents and Settings\User\Cookies
Local HDD:>\Documents and Settings\User\Local definitions\Temporary
Internet Files\Content.IE5
Now there is an Important thing to take into account here, the user
may delete at will with no restrictions the ..\..\Cookies directory
contents, but this is not true for the ..\..\..\..\Content.IE5
directory. This is parttly because all cookie information stored in
this directory is but a "Virtual Pointer" or link to the real *.txt
file that its the cookie sent by any server to your machine while
browsing a website. If we delete the content in the ..\..\Cookies
folder, and then go to the other folders, and try to 'open' - not just
edit but the actual open command will say this also - one of the
cookies stored there, you will notice it says it cannot be opened,
since it is missing part of the file or the actual *.txt file that was
the cookie. Thus any information found in Content.IE5 regarding
cookies is just "links" to where the real file is located at.
Another important feature, its that the actual contents of those
directories may be erased by the user by simply opening the windows
explorer - in windows XP professional you dont even need this, since
it already comes with a "delete all cookies" button - and going to the
Content.IE5 folder and deleting the contents. Notice that by doing so,
also the ..\..\Cookies will be emptied. This is also true if you delete
on the local administrators account the ..\..\Cookies folder contents
and
or the ..\..\..\Content.IE5 folder contents. However, notice that by
deleting
the contents using the local machine administrator account, you also
delete
all cookie info from all users in that particular machine.
For Netscape browsers it is handled differently, since windows stores
the
cookies file into the usual directory but also as Netscape does not
create a "Virtual Pointers" folder you may more efficiently cleanse
the coputer from unwanted trash accumulated by surfing the net. It
creates a cache folder in Local HDD:>\Program
Files\Netscape\Users\User\Cache
which is emptied in much the same way as IE does it, but in fact it
stores real files there which produces more rubbish since it is not
equipped with that often ignored but wonderful option of I.E's advanced
setup, that is empty temporary internet folders when you exit the
browser - still this option does leave the cookies behind, and does not
clean them as it should. The way that Netscape simplified matters was
by making no distincition between the user who runs a program to delete
those files and who is the local system administrator, because they
assumed that anyone doing so will have enough privileges in the network
to do it.
I think that the way MS handled the Cookies is complex but the fact of
the matter is that if any and all contents of the ..\..\Cookies folder
or directory is deleted, the information on Content.IE Folder points
to nowhere, thus rendering those "Virtual Pointers" useless and also
harmless since the file that contained the actual cookie code is now
gone from the system. I guess we could say that those "Virtual
Pointers" are much like the links left behind in the programs menu
after a bad uninstall of a program where you previously moved the
program's folder into another, thus making it a subfolder. When the
uninstall is run, the links stay in that folder where you put the
program's folder after installing the program.
Anyway, those are the simple concepts I took into account when I begun
fooling around with this bat file. It has proved useful already for
me, but as I said there is still a whole lot to do on it, or at least
it seems that way to me right now. I hope you all enjoy it, and
please, if you think you can make it better, or have some further
pointers on how to go about that, Id be more than glad to hear it from
you all.
Jorge Roxo
TCSA/Sotagus Computer Systems Administrator
j.roxo@sotagus.pt
--------------------------------------------
This e-mail is confidential and privileged. If you are not the intended
recipient please accept our apologies. Do not disclose, copy or
distribute information in this e-mail or take any action in reliance to
its contents, to do so is strictly prohibited and may be unlawful.
Please inform us that this message has gone astray before deleting it.
Thank you for your co-operation.
--------------------------------------------
- Previous message: InfoSec: "Re: CRYPTIC URL"
- Next in thread: Tony Abedini: "Re: Cookie Killer *.bat file that you all have requested :)"
- Reply: Tony Abedini: "Re: Cookie Killer *.bat file that you all have requested :)"
- Reply: pfrancisco@InPhact.com: "RE: Cookie Killer *.bat file that you all have requested :)"
- Reply: BRAD GRIFFIN: "RE: Cookie Killer *.bat file that you all have requested :)"
- Reply: dross@ITWSouthland.com: "RE: Cookie Killer *.bat file that you all have requested :)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
