Principle of COOKIE deception
According to the browser's agreement, only cookies from the same domain name can be read and written, and cookies are only for the browser and are compatible
The communication protocol has no impact, so there are many ways to conduct cookie spoofing:
1. Skip the browser and directly rewrite the communication data
2. Modify the browser to allow browsing The browser can read and write cookies of any domain name locally
3. Use signed scripts to allow the browser to read and write cookies of any domain name locally (there are security issues)
4. Deceive the browser , allowing the browser to obtain a fake domain name
Among them:
Methods 1 and 2 require more professional programming knowledge and are not suitable for ordinary users.
There are two ways to implement method 3:
1. Use the signature script directly, no signature verification is required, but it will cause serious security problems because everyone has to go online
p>Yes, if you do this, your hard disk files will...
2. Sign the script before using the signature script, but it requires a special digital signature tool, which is not suitable for ordinary users
Suitable.
Method 4 seems to be the most suitable. Domain name spoofing is very simple and does not require any tools (of course it would be better if your machine
is equipped with a web server) , below I will take the9 as an example. Based on this method, I will explain the process of cookie deception (any server-side bugs mentioned below have been improved by the9, so this article will No security impact
):
Note: The cookie we are discussing is the kind of cookie that does not leave traces in the cookie file on the hard disk, that is, the kind that only /p>
A cookie generated during the browser life cycle (session). If the browser is closed (session ends), then this cookie will be deleted
COOKIE deception principle
According to the browser According to the agreement, only cookies from the same domain name can be read and written, and cookies are only for the browser and have no impact on the communication protocol. Therefore, there are many ways to spoof cookies:
1. Skip the browser and directly rewrite the communication data
2. Modify the browser so that the browser can read and write cookies of any domain name locally
3. Use signatures Script allows the browser to read and write any domain name cookie locally (there are security issues)
4. Deceive the browser and let the browser obtain a fake domain name
Among them:
Methods 1 and 2 require more professional programming knowledge and are not suitable for ordinary users.
There are two ways to implement method 3:
1. Use the signature script directly, no signature verification is required, but it will cause serious security problems because everyone has to go online
p>Yes, if you do this, your hard disk files will...
2. Sign the script before using the signature script, but it requires a special digital signature tool, which is not suitable for ordinary users
Suitable.
Method 4 seems to be the most suitable. Domain name spoofing is very simple and does not require any tools (of course it would be better if your machine
is equipped with a web server) , below I will take the9 as an example. Based on this method, I will explain the process of cookie deception. (Any server-side bug mentioned below has been improved by the9, so this article will No security impact
):
Note: The cookie we are discussing is the kind of cookie that does not leave traces in the cookie file on the hard disk, that is, the kind that only /p>
Cookies generated during the browser lifetime (session), if the browser is closed (session ends) then this cookie will
be deleted!