Penetration Testing mailing list archives

Re: common cookie db?


From: Ramon Pinuaga Cascales <rpinuaga () s21sec com>
Date: Wed, 18 Jan 2006 19:08:45 +0100

Hi offset,

I've compiled a document called "cookie_figerprinting".
I put here the cookies I usually found working.

I hope it helps you...





Con fecha martes, 17 de enero de 2006, 16:55:47, escribió:

o> Greetings,

o> Before I re-invent the wheel, I wanted to see if anyone knew of a common known cookie list
o> where someone has already tracked this information.

o> If not, I'll just track my own findings as I do assessments.

o> ie.
o> _utma
o> GMAIL_LOGIN
o> JSESSIONID

o> The goal is to track common cookies to applications (ie. Weblogic, websphere, apache, etc).

o> Thanks,

o> ------------------------------------------------------------------------------
o> Audit your website security with Acunetix Web Vulnerability Scanner: 

o> Hackers are concentrating their efforts on attacking applications on your
o> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
o> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
o> futile against web application hacking. Check your website for vulnerabilities
o> to SQL injection, Cross site scripting and other web attacks before hackers do!
o> Download Trial at:

o> http://www.securityfocus.com/sponsor/pen-test_050831
o> -------------------------------------------------------------------------------




-- 
Saludos,
 Ramon                            mailto:rpinuaga () s21sec com

Attachment: cookie_fingerprinting.txt
Description:

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread: