Cookie Dethroning.::DEMYSTIFIED Part B by Aditya Sood on 31/10/05

[0x02.1] Unsafe About Cookies:

There are two main areas regarding security around a browser:

--> Reading your private files.

--> Manipulating you into a compromising situation.

A few files provide a lot of information about yourself. These include cache files, the history file, and your bookmarks. By examining someone's cache, history, and bookmarks you can learn a lot about a person. Usually if you are a typical home user running Windows, this is not a problem. But if you are storing your Netscape directory on a server, the server could be compromised and then anything in cache and history is in the hands of someone else. Every access. Submitted forms, including those to change passwords on servers whose service you are paying for.

Being manipulated the other hot area. You can be tricked into supplying user IDs and passwords, reveiling personal information like SS# and credit card information, or even be presented with misinformation to cause you to act in a way to cause a vulnerability to arise. If your browser supports HTML 3.0 extensions and Java, your history file, cache, and other files be plucked from your hard drive. Your machine could be used as a mechanism to attack other resources behind your firewall, sending critical info to an offsite hacker.

This document is in PDF format. To view it click here.

Rate this article

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , Infosecwriters.com. All rights reserved. Comments are property of the respective posters.