Re: Cookie Killer *.bat file that you all have requested :)

From: Tony Abedini (tabedini@yahoo.com)
Date: 12/06/01


Date: Thu, 6 Dec 2001 08:17:46 -0800 (PST)
From: Tony Abedini <tabedini@yahoo.com>
To: j.roxo@sotagus.pt, focus-ms@securityfocus.com

Jorge,

This is nice, BUT, unfortunately not everybody's login
names are the same, so when the batch file addresses
that particular directory under the "Documents and
Settings" folder, the cookies stay, since that
directory doesn't exist and can't delete them!

--- Jorge Roxo <j.roxo@sotagus.pt> wrote:
> Hi list members,
>
> First of all, I'd like to thank the people at
> Securityfocus for their
> help, and for giving me some space to put the bat
> file in.
>
> Secondly, for all of you interested in it, you can
> download it directly
> from this url:
>
>
>
http://www.securityfocus.com/data/tools/Cookie_Killa_Win2k.zip
>
> I'll welcome any and all comments as well as any
> input that will help
> develop further this bat file. You may comment
> directly through the Securityfocus site on this
> url:
>
> http://www.securityfocus.com/tools/2343
>
> Now, I think it a good idea to explain a bit the
> principles behind this
> file, so here are some explanations:
>
> Operating systems that it works on:
>
> Windows 9x/Me, 2000, 2000 Advanced Server, 2000
> Professional, XP
> Professional.
>
> The file itself is still a "work-in-progress"
> project, but already
> cleans most of the internet rubbish any computer
> accumulates whilst
> surfing the internet. As its is still a work in
> progress issue, I will
> most gladly accept any and all comments anyone
> cares to make.
>
> Cookie Killa' v.0.1f.1 batch file information:
>
> The *.bat file must be run under an administrator's
> account on Windows
> 2K, but can run on a normal user if the user has
> his/her privileges
> setup so that they can clean/delete their own
> caches. This is
> important since the owner of the temporary internet
> files directory is
> usually - unless local policies are modified - the
> local machine's
> administrator account. As with any and all
> browsers, but mainly
> Internet explorer and Netscape browsers, cookies
> are stored not just
> in one but several places in the local hdd.
>
> Those places for the case of Internet Explorer are
> usually found at:
>
> Windows 9x/ME:
>
> Local HDD:>\Windows\Cookies
> Local HDD:>\Windows\Temporary Internet
> Files\Content.IE5
>
> Windows 2000/ 2000 Professional/ 2000 Advanced
> Server/ XP
> Professional:
>
> Local HDD:>\Documents and Settings\User\Cookies
> Local HDD:>\Documents and Settings\User\Local
> definitions\Temporary
> Internet Files\Content.IE5
>
> Now there is an Important thing to take into
> account here, the user
> may delete at will with no restrictions the
> ..\..\Cookies directory
> contents, but this is not true for the
> ..\..\..\..\Content.IE5
> directory. This is parttly because all cookie
> information stored in
> this directory is but a "Virtual Pointer" or link
> to the real *.txt
> file that its the cookie sent by any server to your
> machine while
> browsing a website. If we delete the content in the
> ..\..\Cookies
> folder, and then go to the other folders, and try
> to 'open' - not just
> edit but the actual open command will say this also
> - one of the
> cookies stored there, you will notice it says it
> cannot be opened,
> since it is missing part of the file or the actual
> *.txt file that was
> the cookie. Thus any information found in
> Content.IE5 regarding
> cookies is just "links" to where the real file is
> located at.
>
> Another important feature, its that the actual
> contents of those
> directories may be erased by the user by simply
> opening the windows
> explorer - in windows XP professional you dont even
> need this, since
> it already comes with a "delete all cookies" button
> - and going to the
> Content.IE5 folder and deleting the contents.
> Notice that by doing so,
> also the ..\..\Cookies will be emptied. This is
> also true if you delete
> on the local administrators account the
> ..\..\Cookies folder contents
> and
> or the ..\..\..\Content.IE5 folder contents.
> However, notice that by
> deleting
> the contents using the local machine administrator
> account, you also
> delete
> all cookie info from all users in that particular
> machine.
>
> For Netscape browsers it is handled differently,
> since windows stores
> the
> cookies file into the usual directory but also as
> Netscape does not
> create a "Virtual Pointers" folder you may more
> efficiently cleanse
> the coputer from unwanted trash accumulated by
> surfing the net. It
> creates a cache folder in Local HDD:>\Program
> Files\Netscape\Users\User\Cache
> which is emptied in much the same way as IE does
> it, but in fact it
> stores real files there which produces more rubbish
> since it is not
> equipped with that often ignored but wonderful
> option of I.E's advanced
> setup, that is empty temporary internet folders
> when you exit the
> browser - still this option does leave the cookies
> behind, and does not
> clean them as it should. The way that Netscape
> simplified matters was
> by making no distincition between the user who runs
> a program to delete
> those files and who is the local system
> administrator, because they
> assumed that anyone doing so will have enough
> privileges in the network
> to do it.
>
> I think that the way MS handled the Cookies is
> complex but the fact of
> the matter is that if any and all contents of the
> ..\..\Cookies folder
> or directory is deleted, the information on
> Content.IE Folder points
> to nowhere, thus rendering those "Virtual Pointers"
> useless and also
> harmless since the file that contained the actual
> cookie code is now
> gone from the system. I guess we could say that
> those "Virtual
> Pointers" are much like the links left behind in
> the programs menu
> after a bad uninstall of a program where you
> previously moved the
> program's folder into another, thus making it a
> subfolder. When the
> uninstall is run, the links stay in that folder
> where you put the
> program's folder after installing the program.
>
> Anyway, those are the simple concepts I took into
> account when I begun
> fooling around with this bat file. It has proved
> useful already for
> me, but as I said there is still a whole lot to do
> on it, or at least
> it seems that way to me right now. I hope you all
> enjoy it, and
> please, if you think you can make it better, or
> have some further
> pointers on how to go about that, Id be more than
> glad to hear it from
> you all.
>
> Jorge Roxo
> TCSA/Sotagus Computer Systems Administrator
> j.roxo@sotagus.pt
> --------------------------------------------
> This e-mail is confidential and privileged. If you
> are not the intended
>
=== message truncated ===

__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com



Relevant Pages

  • Re: Security discussion regarding hubs, firewalls, anti-virus and
    ... User Account Control needs advanced customization features -- I have ... allowing blocking of 3rd party cookies and session cookies ... I tried to drag it to a folder on my links so I could access it ... I looked at the folder and I appear to have full rights. ...
    (microsoft.public.security)
  • Re: unknown added files to Administrator folder
    ... developed by Netscape to enable Web authors to design interactive sites. ... > files got into my Adminstrator folder when I had never used this ... > account up untill last night. ... > this because the last time I deleted cookies, I was not able to access ...
    (microsoft.public.windowsxp.help_and_support)
  • index file that wont go away
    ... Index.dat is a required folder and yes it does keep a log ... delete the 'Temporary Internet Files', History or Cookies ... Cookies folders points Windows at the proper files within ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Password protect folders
    ... account on my computer. ... files and folders without blocking access to the internet. ... what they want in the folder and resetting permissons back. ... counting the built-in Administrator account, ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Temp HTML files
    ... > the control panel and then to the folder that has to do ... > with the internet where you have the option of deleting ... > cookies, temporary internet files and wiping out the ... >>Joe Steele ...
    (microsoft.public.windowsxp.basics)