I try to stay logged into my university session by avoiding entering my password. The point is that every week we reset the password for a 10-character password and it is very annoying to have to search for these reset passwords in the emails.
So what me and my sister came up with is to avoid entering the password via the plaintext id:
This cookie has been expired:
[ { "domain": "siiauescolar.siiau.udg.mx", "hostOnly": true, "httpOnly": false, "name": "17092022SIIAUSESION", "path": "/", "sameSite": null, "secure": false, "session": true, "storeId": null, "value": "1199992582" }, { "domain": "siiauescolar.siiau.udg.mx", "hostOnly": true, "httpOnly": false, "name": "17092022SIIAUUDG", "path": "/", "sameSite": null, "secure": false, "session": true, "storeId": null, "value": "1170962" }, { "domain": "siiauescolar.siiau.udg.mx", "expirationDate": 1698016592.462624, "hostOnly": true, "httpOnly": true, "name": "cookiesession1", "path": "/", "sameSite": null, "secure": false, "session": false, "storeId": null, "value": "678B2874FAC21D18E4111426474EF65D" } ]
But this is my id:
1170962
When I try to put it in the cookie with another date, it throws me a javascript taking me out of the session. Is there a way to prevent me from getting kicked out of the session?
Advertisement
Answer
The only way to keep a session alive is to sending constantly requests to the platform. This can be automated using a bot script, e.g. something like this
while True; do curl -v -b 'your_cookie_data1=some_value' -b 'your_cookie_data2=some_value' -b 'your_cookie_data3=some_value' ... enter full cookie data https://your.university.edu sleep 3600 # sending this request every hour done
Of course you have to use a not-expired cookie. This script must be run on a device which is permanently powered on and connected to the internet like a smartphone.
It is totally possible that your university will invalidate your cookie when your password expires. It can also invalidate your cookie when it notices you using such a script or for other reasons. In fact it is probably against the terms of use you signed somewhere using such a script.
If the software decides to invalidate your cookie because of another reason than inactivity you can’t do anything from stopping it.
It is highly not recommended to hack your university network. This can get you into trouble.