Penetration Testing mailing list archives

RE: saving session cookies?

From: Johanna Berg <johanna.berg () netgiro com>
Date: Wed, 15 Mar 2006 10:13:32 +0100

Hi,

Perhaps the AnEC Cookie Editor extention to firefox might help you out. :-)

http://addneditcookies.mozdev.org/

Regards,

Johanna 

-----Original Message-----
From: Ivan . [mailto:ivanhec () gmail com] 
Sent: den 15 mars 2006 06:46
To: offset
Cc: pen-test () securityfocus com
Subject: Re: saving session cookies?

Gary,

If you like livehttp, check out tamper data
https://addons.mozilla.org/extensions/moreinfo.php?id=966

cheers
Ivan

On 3/15/06, offset <offset () svcroot net> wrote:

Hi Ivan,

Google search, yes I did, I already have that plugin (great plugin), but

was looking for a way to mass save cookie information for later use by
another program, without having to copy/paste each cookie.


Since I've posted, I've found a nice firefox plugin called LiveHTTPHeaders

that will dump all http header information and then I can save everything to
a file.  I was then going to write a script to parse the cookie information
out for my purposes.


I'd be interested in any other ideas about saving cookie state without

individual copy/paste as some sites have a lot of cookies.


-off

On Wed, Mar 15, 2006 at 09:34:17AM +1100, Ivan . wrote:

Did you try a google search?
http://www.google.com.au/search?hl=en&q=firefox+extension+cookies+ed
itor&btnG=Google+Search&meta=

Add N Edit Cookies - Firefox Extension
https://addons.mozilla.org/extensions/moreinfo.php?application=firef
ox&category=Developer%20Tools&numpg=10&id=573

cheers
Ivan

On 3/15/06, offset <offset () svcroot net> wrote:


Does anyone know of a way to save session cookies for later use (ie.

for load into curl).


Yes, I know this is not the design of session cookies, but

nonetheless, looking to see if there is anything already out there.


ie. firefox plugin, any proxy tools that do this (paros, webscarab),

etc.


----------------------------------------------------------------------
--------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
As attacks through web applications continue to rise, you need to 
proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security 
penetration testing and vulnerability management needs. You have an 
option to go with a managed service (Cenzic ClickToSecure) or an

enterprise software (Cenzic Hailstorm).

Download FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm 
your results from other product. Contact us at request () cenzic com
----------------------------------------------------------------------
--------


----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to
proactively protect your applications from hackers. Cenzic has the most
comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic
Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com
----------------------------------------------------------------------------
--

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
As attacks through web applications continue to rise, you need to proactively 
protect your applications from hackers. Cenzic has the most comprehensive 
solutions to meet your application security penetration testing and 
vulnerability management needs. You have an option to go with a managed 
service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). 
Download FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com
------------------------------------------------------------------------------

Current thread:

Re: saving session cookies?, (continued)
- - - Message not available
    - Re: saving session cookies? offset (Mar 15)
    - Re: saving session cookies? Javier Fernandez-Sanguino (Mar 16)
    - Re: saving session cookies? Chun Han Henry LIM (Mar 16)
- Re: saving session cookies? Gary E. Miller (Mar 14)
  - Re: saving session cookies? offset (Mar 14)
    - Re: saving session cookies? Gary E. Miller (Mar 14)
- Re: saving session cookies? dork (Mar 14)
  - Re: saving session cookies? Lelli Mami (Mar 15)
- RE: saving session cookies? Andy Meyers (Mar 14)
- Re: saving session cookies? dp (Mar 15)
- RE: saving session cookies? Johanna Berg (Mar 15)