Cookie Detector
The tracker becomes the tracked - understand and verify the cookies set by a given website.
Please note this will only show the 'first party cookies' set by a website, and not the cookies and tracking technology that are tracking you on that website but supplied by third parties. There are a number of third party 'browser extensions' which keep can be used to detect these third party technologies, though they require fairly obtrusive access to the programme you use to surf the web.
Tasklist
- Write the script
- Run the script
- Make sense of the output
1. Write the script
This step is as simple as pasting the code below into a new python file.
Make a new file called cookie_check.py. In the terminal you can simply enter:
$ touch cookie_check.py
Open cookie_check.py in your favourite editor, and enter the following program:
import requests
def collect(url):
session = requests.Session()
response = session.get(url)
if response.ok:
cookie_dict = session.cookies.get_dict()
for k, v in cookie_dict.items():
print("{} {}".format(k, v))
else:
requested_url = ("https://{}".format(raw_url))
collect(requested_url)
raw_url = input("Requested URL:" )
if "http" not in raw_url:
requested_url = "http://{}".format(raw_url)
else:
requested_url = raw_url
collect(requested_url)
2. Run the script
We've got our script, and now it is time to run it.
Open your terminal, and go to the directory you saved cookie_check.py in. Use the cd
command to change directories.
Check the script is indeed in your current director by entering ls -l
and ensuring the filename is listed there.
Now run the script by entering the following:
$ python3 cookie_check.py
If you entered the script correctly, you should see it spit out all of the cookies with the name on the top line, the value of the cookie below, and then a paragraph gap between each result. Check this example for lawfirm.com:
This may not make a lot of sense immediately, so the next step provides a description of what we are actually seeing!
3. Understand the output
Cookies are small text files that websites save on your computer alongside the rest of the files that make up your browser programme. Some are deleted when you leave a website, others are saved on your computer to be picked up again next time you are connected with that website using the same browser. Our script spits out the name of the cookie and the value. Often the cookie value appears to be nonsense, other times the information being saved is quite clear, for example you might see a cookie named something like 'lang' with a value on 'en-gb' which a website is clearly using to remember your language settings.