Wanted: Script to email cookies

[Joe Brown <joe_brown () senet-int com>]

I'm working on a pen test for a web application.  After 
the first time you successfully authenticate, the app 
stores a cookie with username and password in clear 
text.  I've recently read the archive regarding 
vulnerable IE browsers revealing cookies.  I'd like to 
go a step farther.  Does anyone have a script that will 
email the cookie?  I'd like to craft an email with a link 
and when a user clicks, it emails the cookie.  I want 
to show the client how dangerous it is to store a clear 
text cookie.  Also, any other method of cookie stealing 
would be really appreciated.  Thanks.

Joe

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/