To be continued
Reference link: cookie (data stored on the user's local terminal)
Keywords: cookie session HTTP small text file
explain
Cookies are small text files that are stored on a user's browser by a web server
generated by the server
Expire value - lifetime
Normally, when the user ends the browser session, the system terminates all
Cookie and Web site developers use Cookie technology, such as the use of Session object is inseparable from the support of Cookie
Classification
Stored in browser directory file, browser running: RAM-Session Cookies, Exit from this website or server: Local hard drive-Persistent Cookies
Temporary and persistent
attack
Cross site scripting
Although a cookie is not as dangerous as a virus, it still contains some sensitive information: username, computer name, browser used and websites visited. Users don't want this content to leak out, especially when it also contains private information.
This is not alarmist, a type of attack called cross site scripting can achieve this. Usually, cross-site scripting attacks often use website vulnerabilities to implant script code in website pages or reference third-method script code on website pages. There is a possibility of cross-site scripting attacks. When attacked by cross-site scripting, the script instructions will read All cookie contents of the current site (there is no cookie scope restriction), and then submit the cookie contents to the specified server in some way (eg: AJAX). Once a cookie is in the hands of an attacker, it will regain its value.
suggestion
It is suggested that when developers output sensitive content to the client cookie (for example, the content can identify the user's identity):
1) Set the cookie so that it cannot be read by scripts, which solves the above problems to a certain extent.
2) Encrypt the cookie content, and embed a timestamp before encryption to ensure that the encrypted ciphertext is different each time (and can prevent message replay).
3) When the client requests, update the content of the cookie every time or regularly (ie: based on the second subsection, re-encryption)
4) Every time a timestamp is written to the cookie, the database needs to record the last timestamp (to prevent cookie tampering, or replay attack).
5) When the client submits the cookie, it first decrypts and then checks the timestamp. If the timestamp is smaller than the record in the data database, it means that an attack occurs.
Based on the above suggestions, even if the cookie is stolen, the attacker cannot take advantage of it because the cookie is randomly updated and the content is irregular. Another advantage of using timestamps is to prevent cookies from being tampered with or replayed.
Cookie Stealing: Hackers who collect user cookies and send them to attackers. Attackers will use cookie information to gain access to user accounts through legitimate means.
Cookie tampering: Using a security mechanism, an attacker adds code to rewrite the cookie content in order to continue the attack.
You can view all cookies saved to your computer by selecting "Settings/View Files" in the "General" tab of "Tools/Internet Options" in IE. These files are usually named in the format user@domain , where user is your local username and domain is the domain name of the website you are visiting. If you use the NetsCape browser, it is stored in "C:\PROGRAMFILES\NETSCAPE\USERS". Different from IE, NETSCAPE uses a cookie file to record the cookies of all websites.
Internet---WEB---CGI (C preferred)
some thinking
Cookies are encrypted - how to encrypt, how to crack encrypted cookies.
How to determine abnormal access to cookies
How to find cookies
How to do cookie spoofing (intercepting the username and password fields of the cookie and pretending to be the victim)
Ideas: Preventing the collection of cookies from unknown sourcesFLASH hidden danger (getURL())
Idea: Link with firewall to analyze unfamiliar data packets