RE: XSS with encrypted cookie?
From: Rajesh Jose (rajesh.jose_at_paladion.net)
Date: 12/11/03
- Previous message: arlen_at_hushmail.com: "RE: Inprotect software announcement."
- In reply to: pire pire: "XSS with encrypted cookie?"
- Next in thread: Achim Dreyer: "RE: XSS with encrypted cookie?"
- Reply: Achim Dreyer: "RE: XSS with encrypted cookie?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'pire pire'" <pirepire69@romandie.com>, <pen-test@securityfocus.com> Date: Thu, 11 Dec 2003 15:24:21 +0530
Hi,
I didn't get "encrypted session token cookie". Normally nobody will be
encrypting a session token. So far as the session token is strongly
random nothing can be achieved by encrypting it.
Or did you mean secure cookie?
Secure cookie is a cookie which can be fetched by the server only
through a SSL channel.
In all these cases "encrypted, not-encrypted and secured" it is possible
to fetch a cookie through XSS attack and replay the session.
Replaying of session token will not possible if the application is using
source IP for session validation.
Cheers,
Rajesh
-----Original Message-----
From: pire pire [mailto:pirepire69@romandie.com]
Sent: Wednesday, December 10, 2003 1:14 PM
To: pen-test@securityfocus.com
Subject: XSS with encrypted cookie?
Hi,
I'm wondering if it's possible via a XSS attack to steal an
encrypted cookie (actually it's a session token)? (with some
javascript like: document.cookie etc...)
If yes, is it also possible to replay this cookie? (of course the
session must still be valid on the server)
I know it works with regular cookie.
Thanks a lot for your help
_______________________________________________
La messagerie gratuite des romands : 10 MO !!!
Profitez-en ! >>> http://www.romandie.com
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
- Previous message: arlen_at_hushmail.com: "RE: Inprotect software announcement."
- In reply to: pire pire: "XSS with encrypted cookie?"
- Next in thread: Achim Dreyer: "RE: XSS with encrypted cookie?"
- Reply: Achim Dreyer: "RE: XSS with encrypted cookie?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
