Can the other programs on my PC access my Google account through web browsers' cookies?

google-chrome windows-7 cookies

I am curious whether it is possible for the other programs on my Windows 7 to access my Gmail, given I have already logged in my Google Account in Chrome (stable).

If no, by what and how are they prevented from the accessibility?

The bounty is for todda.speot.is.

If you have any good answer, I would +1 at least. XD


Presumably, yes. If you read the comments here they imply that Chrome does not encrypt cookies and you can simply copy your user profile to another PC and Chrome will start using those cookies.

Substitute "you can simply copy your user profile to another PC" with "an attack can copy your user profile to their PC"

Or, a local application could make a copy of it. This thread has a Python script for exporting your Chrome cookies.

Edit:

I can't tell if surfasb is trolling or just doesn't understand how HTTP works. Unencrypted cookies are the attack vector Firesheep uses. Whether it gets it off the wire or off the disk is unimportant. Once you have the cookie, you're in.

Here's a small example to "trick" Google into thinking that netcat is Chrome. Note that Google doesn't care what my browser is, just that I have the cookies Google gave me that identifies me to Google.

request_nocookie.txt:

GET http://www.google.com.au/ HTTP/1.1
Host: www.google.com.au
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en-US;q=0.8,en;q=0.6
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

request_cookie.txt is the same as the above, but with my PREF, SID, HSISD, NID cookies for .google.com. I'm not going to show you them, because they're mine :)

These two commands send the requests to Google and then save the response.

type request_nocookie.txt | nc www.google.com 80 > response_nocookie.txt
type request_cookie.txt | nc www.google.com 80 > response_cookie.txt

Now that we have the responses...

find "Todd" < response_nocookie.txt > NUL
echo %ERRORLEVEL%
1

A non-zero error level is failure. My name doesn't appear in the response, because without the cookies Google doesn't know about me.

What about when we have the cookie?

find "Todd" < response_cookie.txt > NUL
echo %ERRORLEVEL%
0

A zero error level is success - we've found my name in the response! It's actually there a few times, because the toolbar up the top has a bunch of stuff relating to my Google Plus account.

I'll leave this as an exercise to the reader: if you really want to you can let yourself in to a Google Plus account with some slightly better tools. Google Plus requires SSL (which doesn't make it any more secure to a user taking the cookies off the disk, but it does stop Firesheep).

Related

How to determine the WiFi channel from Mac command line?
What to do when Windows 7 appears to hang during the installation of updates?
How can I load my last tabs into Chrome using Last Tabs, Last Session files?
tmux refresh display after terminal width change
How to allow acces to a symbolic link in my ~/Sites/ for Apache under Mac OS X Lion 10.7.2
Server Operator on csgo [closed]
How can I disable the "wrong way" timer?
Removing Legendary Skill Ranks in Skyrim?
What am I supposed to do when the hot air balloon runs out of gas?
How to import an mcedit schematic using world edit?
1.14.4 How to detect bow pulling stages?
How do the aiming options work when in a vehicle in Grand Theft Auto V?