WebApp Sec mailing list archives
RE: MSIE session cookies
From: Labe Grzegorz DRS-BSI Centrala <G.Labe () GetinBank pl>
Date: Thu, 19 Jan 2006 15:20:02 +0100
On 1/18/06, John Bond <john.r.bond () gmail com> wrote:
Does anyone no of a way i can read MSIE (v6) session cookies and possibly change them. i.e. where are they stored. is there a program which does this already. is there an API which would allow this
odysseus (tiny proxy server - you can change session cookies in the interceptor mode): http://www.wastelands.gen.nz/odysseus/index.php http://www.wastelands.gen.nz/odysseus/interceptor-headers.gif TamperIE (an IE plugin that allows to intercept POSTs and GETs before they occur - you can tweak it: change/add POST data): http://www.bayden.com/Other/ best regards, gl -- GETIN Bank SA Departament Rozwoju Systemow Informatycznych Katowice, ul. 1go Maja 87 tel.: 32.7863440 ------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- Re: MSIE session cookies, (continued)
- Re: MSIE session cookies John Bond (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- Re: MSIE session cookies John Bond (Jan 19)
- RE: MSIE session cookies Richard M. Smith (Jan 19)
- Message not available
- Re: MSIE session cookies John Bond (Jan 20)