in the cookie jar
in the cookie jar
I would like to know if I am correct here and if I am how it works. If I am able to steal somebody's cookies I am then able to mask myself as them. How does this work exactly?
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
usually it is done via Javascript, check those links for more info:
http://en.wikipedia.org/wiki/Cross-site_scripting
http://en.wikipedia.org/wiki/Cross-Site_Request_Forgery
http://ha.ckers.org/xss.html
here is an example of how the code would look like:
http://jehiah.cz/archive/xss-stealing-cookies-101
sorry that I am only posting links, but I can't post any code of that kind here....
at the start of suck-o we had a couple of cookie stealing attempts by users that posted forged Javascript links, that's why it is filtered now. but I think the links above will give you enough info for a good start... 
http://en.wikipedia.org/wiki/Cross-site_scripting
http://en.wikipedia.org/wiki/Cross-Site_Request_Forgery
http://ha.ckers.org/xss.html
here is an example of how the code would look like:
http://jehiah.cz/archive/xss-stealing-cookies-101
sorry that I am only posting links, but I can't post any code of that kind here....
at the start of suck-o we had a couple of cookie stealing attempts by users that posted forged Javascript links, that's why it is filtered now. but I think the links above will give you enough info for a good start... 
-
Dltr
- Fame ! Where are the chicks?!
- Posts: 210
- Joined: 28 Oct 2009, 17:00
- 14
- Location: Germany
- Contact:
Thank You bad_brain this really a very good Start , i was looking for (XSS) Read Two Days agobut I think the links above will give you enough info for a good start...
!Code: Select all
http://www.houbysoft.com/papers/xss.php
Thank You
Dltr