WebApp Sec mailing list archives
Re: MSIE session cookies
From: John Bond <john.r.bond () gmail com>
Date: Thu, 19 Jan 2006 14:03:46 +0000
Hi, Thank you all for your responses. I have paros fiddler and webscarab and think there all good tools. However what i would really like to do is read the cookies directly from memory. I want to be able to read cookies which have already been set. possibly monitor when that memory is accessed
Session cookies don't appear to be stored in files which implies they are only held in RAM.
This is what i think i have tried lookingon google for anymore infomation but i am unableto find any. I think the simplist way to do this would be to patch the MSIE api calls for cookies. Any Ideas, pappers or usefull programs would be aprieciate
Richard
------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- MSIE session cookies John Bond (Jan 18)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- Re: MSIE session cookies Scott Hamm (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- <Possible follow-ups>
- RE: MSIE session cookies Zhou, Joe [HR] (Jan 19)