This resource is no longer available

Hacking Web Applications Using Cookie Poisoning

Cover
Cookie poisoning is a known technique mainly for achieving impersonation and breach of privacy through manipulation of session cookies, which maintain the identity of the client. By forging these cookies, an attacker can impersonate a valid client, and thus gain information and perform actions on behalf of the victim. The ability to forge such session cookies (or more generally, session tokens) stems from the fact that the tokens are not generated in a secure way.

This paper explains why session management and session management security is a complex task which is why it is usually left for commercial products. We describe how the tokens are generated for two commercial application engines. We then analyze the strength of each mechanism, explain its weakness, and demonstrate how such weakness can be exploited to execute an impersonation/privacy breach attack. We discuss the feasibility of the attack. Finally, we recommend an approach to session management which separates the security from the functionality - the latter is carried out by application engines, while the former should be provided by a dedicated application security product.

Author

Amit Klein Director of Security and Research, Sanctum
Vendor:
Logicalis
Posted:
11 Dec 2008
Published:
11 Dec 2008
Format:
PDF
Length:
12  Page(s)
Type:
White Paper
Language:
English

This resource is no longer available.