Re: [PEN-TEST] altering non-persistent cookies in memory

[Robert van der Meulen <rvdm () CISTRON NL>]

Hi,

Quoting Hofmeyr, Michael (hofmemi () EY CO ZA):
> Many companies are using non-persistent cookies to authenticate user
> sessions. have any of you had any experience or ideas for acessing and
> altering non-persistant cookies in a browsers memory? Options i have
> considered are using JavaScript to overwrite the cookie during the
> session, editing the cookie in memory with Soft Ice or something similar
> during the session.  Or simply telnetting to port 80 of the webserver and
> submitting a fake cookie directly?
Just do a fake session to the webserver from any client you fancy, and change
the cookie data in the request.
If you're lazy, and you're running a real operating system, you can
edit the cookie data in .netscape/cookies or .mozilla/default/cookies.txt,
start the browser (make sure it's not running when you edit the cookies
file!), pretend nothing happened, and see the response on the fake cookie.
No clue where cookies in NT/'95 or other m$-ish reside, but that should be
easy to find out.

Another way is to use 'curl':
curl -b "SessionID=Sx3c4DrD343md44sb55edXwhatever" <url>

The '-D' option to 'curl' is useful to see cookies you recieve back from the
webserver, '-e' can be used to spoof referers, and you can submit form data
with it as well (even over SSL/otherwise encrypted connections).

Greets,
        Robert
--
                              Linux Generation
          Reality is a cop-out for people who can't handle drugs.