WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: MSIE session cookies

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 19 Jan 2006 09:38:17 -0500
Hooking into a instance of browser is possible also.  I just don't know the
details.  However, I do know that you'll need to use the WebBrowser control
instead:

http://msdn.microsoft.com/library/default.asp?url=/workshop/browser/webbrows
er/reference/ifaces/iwebbrowser2/iwebbrowser2.asp

I'm sure that Google will find articles on how to hook into IE.

Richard 

-----Original Message-----
From: John Bond [mailto:john.r.bond () gmail com] 
Sent: Thursday, January 19, 2006 9:33 AM
To: Richard M. Smith
Cc: webappsec () securityfocus com
Subject: Re: MSIE session cookies

On 19/01/06, Richard M. Smith <rms () computerbytesman com> wrote:

You'll need to use the InternetExplorer.Application ActiveX control.  
Here's some sample code in Visual Basic:

http://visualbasic.about.com/od/standalonevb6/l/blnewieinstance.htm

After navigating to a Web page, cookies can be accessed using this
expression:

IE.Document.cookie



This is much more like what i want.  Does the code have to open the browser
or can it hookinto a instance which has already been opened.

-------------------------------------------------------------------------
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: