Penetration Testing mailing list archives
Re: [hackers-se] Proxy that can manage session cookies?
From: "Kristian Franzen" <krfr () balsna mine nu>
Date: Fri, 26 Nov 2004 08:27:46 +0100 (CET)
Rickard, I'm not sure if youre looking for a client side proxy, such as achilles or paros to aid your tests, or a regular server based one. The new MS ISA 2004 is one example of a server based proxy that manage cookie authentication thtough what MS calls 'forms authentication'. Though, as mentioned, I'm not sure if that was the question or not. /Kristian
Hi All! Do any of you know of a proxy that can manage cookie based authentication in webapps? I going to test a webapp that when authenticated the user get a session cookie. If the users make an invalid request (URLs that dont exists etc), the cookie goes bad and the user has to reauthenticate again. So I need a proxy that could check that the cookie is ok, otherwise re-authenticate, for every request otherwise it would take ages to test this app. Cheers Rikard _______________________________________________ hackers-se mailing list hackers-se () cqure net http://mailman.smufsa.nu/mailman/listinfo/hackers-se
Current thread:
- Re: [hackers-se] Proxy that can manage session cookies? Kristian Franzen (Nov 27)