Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

re: C is for Cookie...

From: "gman ." <gman1120 () hotmail com>
Date: Tue, 02 Oct 2001 12:06:21 -0400
Peter,
Attached is a modification I made to Mozilla that allows you to edit cookies that your browser picks up, including session cookies. I have compiled and tested this under Windows and Linux using the Mozilla 0.9.2 (it may work with newer versions, but this is untested) source code tree. Its a pain to compile under Win32, so I suggest using it in Linux. To use, just apply the patch to the source code with: 

patch -p0 < (source to diff)/mozilla-cookie-edit.diff

User the following procedure to edit cookies:
Click edit->prefences. Open the privacy and security twistie, and click on cookies. Click view stored cookies to open the cookie manager. From there, you can view any cookie (as you could always), and change the value by editing the value in the box and clicking "set cookie".
I've used this in web application security assesments, and have successfully hijacked other users sessions this way. Of course you have to guess the session id (if that's all thats used), but considering the predictability of the session IDs generated by an unpatched WebShere application server, this could drive a good point home.
There is only caveat, when you modify a cookie, the value is not stored in the array used for the cookie manager (this is used for display only). If you click another cookie, then come back to the one you have edited, it appears as though the change never occured (even though the value of the cookie in memory). It will be modified if you close the cookie manager and open it back up. This was intentional, since I use this as a way to revert the cookie to its original value, in case I click on the wrong one, or made a mistake ;) 

Regards,

Steve


Does anyone know of a piece of software that can be used for viewing >and
manipulating the data inside of a cookie?



Peter Holland
Available Mortgage Funding
Dallas, Texas




_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

Attachment: mozilla-cookie-edit.diff
Description:

Previous By Date Next
Previous By Thread Next

Current thread: