XSS with encrypted cookie?

From: pire pire (pirepire69_at_romandie.com)
Date: 12/10/03

  • Next message: Alfred Huger: "Re: Education End Users about Passwords - Was - RE: john the ripper - DEAD THREAD" 
    Date: Wed, 10 Dec 2003 08:44:07 +0100
To: pen-test@securityfocus.com

    Hi,

    I'm wondering if it's possible via a XSS attack to steal an
    encrypted cookie (actually it's a session token)? (with some
    javascript like: document.cookie etc...)

    If yes, is it also possible to replay this cookie? (of course the
    session must still be valid on the server)

    I know it works with regular cookie.

    Thanks a lot for your help

    _______________________________________________

    La messagerie gratuite des romands : 10 MO !!!
    Profitez-en ! >>> http://www.romandie.com

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Alfred Huger: "Re: Education End Users about Passwords - Was - RE: john the ripper - DEAD THREAD"

    Relevant Pages

    • Re: Getting the referer info into a form field?
      ... conditionally stored the referer in a Cookie, only if the referer was not ... and if the Cookie did not exist already (which would ... JavaScript alone, though, nice thinking - yes, a Cookie would be the way to ... >> Kevin Spencer ...
      (microsoft.public.frontpage.programming)
    • Re: [Full-disclosure] Google / GMail bug, all accounts vulnerable
      ... JavaScript code was being loaded. ... This would work if the session cookie is restricted to ... then google did two things. ... GMail account, but has nothing to do with CAPTCHAs. ...
      (Full-Disclosure)
    • PageLoad when BACK is clicked
      ... Basically I think you could do this by JavaScript. ... And then also create a cookie with a timestamp (and set it ... Retrieve the hidden form field value (into a var ... Otherwise reload the page. ...
      (microsoft.public.dotnet.framework.aspnet.webcontrols)
    • Mozilla cookie stealing - Sandblad advisory #9
      ... Steal/spoof arbitrary cookie in Mozilla ... using the javascript URL. ... Parsing of host and path will stop when a space is found. ...
      (Bugtraq)
    • RE: HTTPModule - an interceptor indeed, but without communication skills!
      ... httpModule to check in the certain event before request has been processed ... easily manually append such querystring to bypass the validation. ... My suggestion is what about the cookie? ... In the validation code, you can use javascript ...
      (microsoft.public.dotnet.framework.aspnet)