Re: common cookie db?



Ramon Pinuaga Cascales wrote:
Hi offset,

I've compiled a document called "cookie_figerprinting".
I put here the cookies I usually found working.

Interesting. Here's a patch adding some more cookies and also some additional references.


Javier
--- cookie_fingerprinting.orig.txt	2006-01-20 10:54:20.515625000 +0100
+++ cookie_fingerprinting.txt	2006-01-20 13:01:18.046875000 +0100
@@ -27,8 +27,18 @@
 Microsoft IIS (www.microsoft.com)
 -------------
 
+Format:
+Set-Cookie: ASPSESSIONIDXXXXXXXX=XXXXXXXXXXXXXXXXXXXXXXXX; path=/
+where 'X' is a upper case letter
+
+Sample:
 Set-Cookie: ASPSESSIONIDGQQGQYDC=KDGFBFGBLPNCMIIELPAINNJH; path=/
 
+Microsoft ASP.Net (www.microsoft.com)
+-----------------
+
+Set-Cookie: ASP.NET_SessionId=0hqed4qelkxvjj153tplacm0; path=/
+
 
 IBM Net.Commerce (www.ibm.com)
 ----------------
@@ -86,9 +96,15 @@
 
 IBM Tivoli Policy Director WebSeal (www.ibm.com)
 ----------------------------------
+Format:
+Set-Cookie: PD-S-SESSION-ID=2_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx; Path=/; Secure
+where 'x' is {[A-Z],[a-z],[0-9],+,-}
 
+Example:
 Set-Cookie: PD-S-SESSION-ID=2_L7kl8vzZ9b8LMEwpm0PgqqQRIh2ZZakRamBlgvMXqIIAABDZ; Path=/; Secure
 
+When accessing a stateful sesion:
+Set-Cookie: PD_STATEFUL_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx=/LOCATION; Path=/
 
 WEBTRENDS ()
 ---------
@@ -96,8 +112,8 @@
 Set-Cookie: WEBTRENDS_ID=223.53.123.13-1091519275.658578; expires=Fri, 31-Dec-2010 00:00:00 GMT; path=/
 
 
-IBM WebSphere ()
--------------
+IBM WebSphere Application Server ()
+---------------------------------
 
 Set-Cookie: sesessionid=ZJ0DMWIAAA51VQFI50BD0VA;Path=/
 
@@ -120,3 +136,25 @@
 
 Set-Cookie: _sn=u3YBSdYfaf0oa5H1hz7Tc0ccApc0T1Iz60QWgeSiMEA_; Version=1; Path=/
 
+BlueCoat Proxy (www.bluecoat.com)
+--------------------------
+
+Set-Cookie: BCSI-CSC2B35314=1; Path=/
+
+Coldfusion (www.macromedia.com
+----------
+
+CFID, CFTOKEN, and CFGLOBALS
+
+More info at
+http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_17919
+http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_17915
+
+Urchin Tracking Module
+----------------------
+
+__utmz 
+__utma
+
+More info at:
+http://www.google.com/support/urchin45/bin/answer.py?answer=28307&topic=7425

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


Relevant Pages

  • Photos
    ... Once you have one opened then go to Format> Format ... provide a link to the website so we could help you with any issues. ... Read the instructions. ... page you will import will be 2250 pixels long. ...
    (microsoft.public.publisher.webdesign)
  • Re: Do you consider this software licensing practice ethical? I am furious!
    ... without eating up resources if they do not format their hard ... and at the end of a FAQ "printed clearly" on the website? ... because I normally do use a repair install or a restore point ... else's quilting software that has what you regard as a better licensing policy. ...
    (misc.consumers)
  • Re: Self-service checkouts have not cut supermarket queues
    ... of card you want to pay with, so the computer should know what number ... that the strange format was probably the cause, ... their own to successfully parse and perform a cursory validation on ... I wrote an ecommerce website for a local cleaning ...
    (uk.legal)
  • Re: Capturing genealogy data from websites
    ... It would depend on the format of your website but this does raise the question of "why a website?". ... The following is a copy of the policy on Gedcom files. ... the FamilySearch website does not support the uploading and downloading of GEDCOM files. ... They didn't mention downloading in any other format so I'm assuming, maybe wrongly, that if they were planning some other download format they'd have mentioned that. ...
    (soc.genealogy.computing)
  • Re: Converting Images Created on PP to Jpeg files
    ... Add a layer below the image that is the website background color ... Troy Chollar ... a white box around the jpg inserted and grouped with the text. ... area and chose 'save as' jpg format as the website I want to use it on ...
    (microsoft.public.powerpoint)