Friday, January 1, 2010

Cookie manipulation

I demonstrated cookie hijacking previously but never elaborated about how the stolen cookie can be used.
To make use of stolen cookie information, the session must still be active for cookie manipulation to be successful. Here I manually add cookies using the "Web Developer" Firefox addon to successfully access an active Gmail session.

The high res version of this demo can be downloaded here.

No comments:

Post a Comment