[WEB SECURITY] Cookiejacking attack technique

Ivan Buetler ivan.buetler at csnc.ch
Fri May 27 11:43:51 EDT 2011


For your information. The talk of Rosario at Swiss Cyber Storm 3 in
Switzerland plus his slides are now online

https://www.swisscyberstorm.com/speakers/valotta#video

 

Ivan

 

From: websecurity-bounces at lists.webappsec.org
[mailto:websecurity-bounces at lists.webappsec.org] On Behalf Of Rosario
Valotta
Sent: Mittwoch, 25. Mai 2011 00:14
To: websecurity at lists.webappsec.org
Subject: [WEB SECURITY] Cookiejacking attack technique

 

Hi,

last week, in two security conferences I showed a new attack technique
called Cookiejacking that allows to steal session cookies without any
XSS vulnerability.

 

https://www.swisscyberstorm.com/speakers/valotta

http://conference.hackinthebox.org/hitbsecconf2011ams/?page_id=1388

 

All previous approaches on the same topic used at least an XSS or a Man
in the middle attack (eg Firesheep) to steal cookies.

In this approach I use a 0-day vulnerabilty affecting all versions of IE
on every Windows OS and an advanced Clickjacking attack in order to
trick users in dragging & dropping their cookies.

 

You can steal any cookie (http only, secure cookies, whatever the
website) of every Win user.

 

On my blog you can find a writeup and a couple of videos.

https://sites.google.com/site/tentacoloviola/cookiejacking

 

Regards

 

Rosario Valotta

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110527/e3aba91b/attachment-0003.html>


More information about the websecurity mailing list