- Posts: 49
- Thank you received: 0
Random Cookie and Hacking
18 years 10 months ago #13112
by cyberoidx
Surya Sharma
www.Technodrome.info
AR3 Y0U T3CH ENOUGH FOR IT?
Random Cookie and Hacking was created by cyberoidx
I found out that typing a website name (like hotmail) into a P2P generates a lot of cookies that could b used / exploited because stupid people share their entire drives.
Is there any way to expolit these? Like use Hotmail / Yahoo Cookies to gain Unauthorised Acess?
Is there any way to expolit these? Like use Hotmail / Yahoo Cookies to gain Unauthorised Acess?
Surya Sharma
www.Technodrome.info
AR3 Y0U T3CH ENOUGH FOR IT?
18 years 10 months ago #13187
by nske
Replied by nske on topic Re: Random Cookie and Hacking
It is possible. The details depend on what information the script that generated the cookie stored in it. Commonly it could be user/password of an account in plain text, encrypted in some way, or the session id that would match the user's resource-set on the server. Session ids would be a bit harder to exploit mainly because of their limited validity duration. For more information about sessions, have a look
here
.
I think that's enough for someone to watch out with his cookies.
One notice however, the fact that some people show ignorance or neglect in this recard, does not mean they are "stupid".. they just might have more important things to do -not *everything* is about computers-. That certainly doesn't give others the right to mess with their personal stuff.
I think that's enough for someone to watch out with his cookies.
One notice however, the fact that some people show ignorance or neglect in this recard, does not mean they are "stupid".. they just might have more important things to do -not *everything* is about computers-. That certainly doesn't give others the right to mess with their personal stuff.
- Dead-Neur0ns
- Offline
- New Member
Less
More
- Posts: 16
- Thank you received: 0
18 years 10 months ago #13202
by Dead-Neur0ns
<= IИse©u®ity Is A ®esult Of T®ying To Be Se©u®e =>
Replied by Dead-Neur0ns on topic Re: Random Cookie and Hacking
Additional Resources about Cookies,
www.cookiecentral.com/faq/
www.w3.org/Security/Faq/wwwsf2.html#CLT-Q10
www.faqs.org/rfcs/rfc2109.html
www.cookiecentral.com/faq/
www.w3.org/Security/Faq/wwwsf2.html#CLT-Q10
www.faqs.org/rfcs/rfc2109.html
<= IИse©u®ity Is A ®esult Of T®ying To Be Se©u®e =>
18 years 10 months ago #13203
by cyberoidx
Surya Sharma
www.Technodrome.info
AR3 Y0U T3CH ENOUGH FOR IT?
Replied by cyberoidx on topic Re: Random Cookie and Hacking
Thx for the links
@nske I yet consider sharing your entire hard drive on p2p stupid
@nske I yet consider sharing your entire hard drive on p2p stupid
Surya Sharma
www.Technodrome.info
AR3 Y0U T3CH ENOUGH FOR IT?
18 years 10 months ago #13209
by nske
Replied by nske on topic Re: Random Cookie and Hacking
And someone else could consider digging through other people's personal stuff more stupid. It depends on what criteria you use to make your measurements.
18 years 10 months ago #13215
by cyberoidx
Surya Sharma
www.Technodrome.info
AR3 Y0U T3CH ENOUGH FOR IT?
Replied by cyberoidx on topic Re: Random Cookie and Hacking
nice one
but then, cookies contain logins to stuff like bank / online shoppng websites .. thats not personal.. and then in case its needed, people could retrieve data without your permission.
but then, cookies contain logins to stuff like bank / online shoppng websites .. thats not personal.. and then in case its needed, people could retrieve data without your permission.
Surya Sharma
www.Technodrome.info
AR3 Y0U T3CH ENOUGH FOR IT?
Time to create page: 0.152 seconds