WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MSIE session cookies

From: John Bond <john.r.bond () gmail com>
Date: Fri, 20 Jan 2006 15:45:55 +0000
On 20/01/06, Zhou, Joe [HR] <Joe.Zhou () sprint com> wrote:

HTTPWatch (http://www.httpwatch.co.uk/) can view session cookies in MSIE
but cannot modify them.


This is what i was after but its a bit expensive.  I am working on a
quick and dirty bit of code which writes them to the standard  cookie
folder.  i can then use IEwatch to view them.  Thats all i want at the
moment.  It will work by monitoring when a cookie is set and when it
is destroyed.

I intend to to this by hooking into CBTProc and then hooking the IE
event which sets. cookies.havn't had time to find this yet but expect
it will make use of this object
http://msdn.microsoft.com/library/default.asp?url=/workshop/browser/webbrows
er/reference/ifaces/iwebbrowser2/iwebbrowser2.asp

thanks for all your help

-------------------------------------------------------------------------
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: