Re: modify non-persistent cookies

["Kevin Spett" <kspett () spidynamics com>]

In addition to using one of the free proxy-based tools mentioned by others
(WebProxy, Achilles, WebSleuth, etc.) you can use your web browser to modify
any aspect of the document object model using Javascript from the URL bar.
Just load the page, and type this into the URL bar:

javascript: alert(document.cookie);

This will pop up a box with the current cookie information in it.  (Big
suprise.)  Similarly, to change the cookie you can use something like this:

javascript: document.cookie='CookieName=CookieValue';

(Those are directions for IE.  Netscape/Mozilla use javascript:// for the
URL format I think.)  The next time you visit the site (by hitting back for
instance), your new exciting cookie values will be used.



Kevin Spett
SPI Labs
http://www.spidynamics.com/

----- Original Message -----
From: "mono toy" <mono () spurious biz>
To: "Webappsec@Securityfocus. Com" <webappsec () securityfocus com>
Sent: Tuesday, December 17, 2002 5:55 AM
Subject: modify non-persistent cookies


> dear list,
>
> is there a way to modify the contents of a non-persistent cookie one
> receives?
>
> thanks!
>
> nico
>
> [ Chief Financial Officer ]
> [ cfo () spurious biz ]
> [ smells like napalm, tastes like chicken! ]
> [ 55B4 B4B6 B2EC B612 6A35  1535 C7E9 0534 7C69 25DF ]