Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Cookie injection - Prevention only
New Posts  All Forums:Forum Nav:

Cookie injection - Prevention only

post #1 of 9
Thread Starter 
I don`t think I am able to freely talk about this on the forum. I have some questions concerning cookie injection to by-pass web-site protections.

One of the questions would be how web designers can protect themselves?
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
post #2 of 9
The how to protect you can talk about smile.gif,

Snatistion is a big part of web security, check the data that is coming into your website, if infomation if comming into the website from the cookie assume that the session has been tampered with, lock the cookie to the ip etc,

What particular are you worried about? SQL via the cookie, user credentials, or session data>
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #3 of 9
Thread Starter 
Quote:
Originally Posted by Ulquiorra View Post

The how to protect you can talk about smile.gif,
Snatistion is a big part of web security, check the data that is coming into your website, if infomation if comming into the website from the cookie assume that the session has been tampered with, lock the cookie to the ip etc,
What particular are you worried about? SQL via the cookie, user credentials, or session data>

I am not worried. I am just wondering how it is so easy to by-pass account privilege. I was also thinking cookie would only work if the IP are matching but it appears there is a major flaw because that's not what is happening.
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
post #4 of 9
This only happens if you have progammed this feature, you could keep track of cookies on the server but that will get hetic, there are probley better people to explain it than me ^_^ (i break them i dont have to fix them after hehe)

The main problem is if your cookie is stolen, then someone else can re-use this cookie to resume the session, thats why its good practise to have the cookies time out (i think)

The other way cookies can be bad is if you store account details in the cookie, NEVER do this ^_^
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #5 of 9
Thread Starter 
Quote:
Originally Posted by Ulquiorra View Post

This only happens if you have progammed this feature, you could keep track of cookies on the server but that will get hetic, there are probley better people to explain it than me ^_^ (i break them i dont have to fix them after hehe)
The main problem is if your cookie is stolen, then someone else can re-use this cookie to resume the session, thats why its good practise to have the cookies time out (i think)
The other way cookies can be bad is if you store account details in the cookie, NEVER do this ^_^

All it does, is inject account privilege into the cookie so you have access to restricted content. You don't need too log into a session. I am still wondering how they manage to do that smile.gif

That's black magic.
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
post #6 of 9
As long as this stays on the topic of prevention of such a thing, and doesn't cross over into the details of how an attacker accomplishes such a thing, I'll let this thread remain open (with a watchful eye). If I feel that at any time it crosses the boundaries set by the ToS (that specifically prevent the discussion of circumventing security related applications) then I shall be locking/deleting this thread.

Regards,
Walnuts
    
CPUMotherboardGraphicsRAM
I5-2500k 4.8Ghz @ 1.38v Z68X-UD4-B3 PNY 480 8GB Dominator 1600's 
Hard DriveOptical DriveOSMonitor
Intel 510 + 300GB Velociraptor LG DVD RW Server 2012 HP 25" + HP 20" 
KeyboardPowerCaseMouse
Deck Legend TX850W XClio Coolbox Mamba 
Mouse PadAudio
Dolica HD550's 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
I5-2500k 4.8Ghz @ 1.38v Z68X-UD4-B3 PNY 480 8GB Dominator 1600's 
Hard DriveOptical DriveOSMonitor
Intel 510 + 300GB Velociraptor LG DVD RW Server 2012 HP 25" + HP 20" 
KeyboardPowerCaseMouse
Deck Legend TX850W XClio Coolbox Mamba 
Mouse PadAudio
Dolica HD550's 
  hide details  
Reply
post #7 of 9
Thats cool W4LNUT5 ^_^.

Its when the remote end messes with the cookie, as long as you sanitize the input, try to keep as little as you can in the cookie, the more that is stored in it the more of a vector that there is, if all there is is a session number it makes much harder for a attacker to hit you, large random numbers help a million times smile.gif
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #8 of 9
Thread Starter 
@ulquiorra I am kind of noob with this redface.gif I think it is doing a SLQ injection based. I've read that twitter was victim of this once but they fixed it. Author doesn't mention how they fixed it.
I will read on the subject a bit more thanks for your help smile.gif
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
post #9 of 9
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Cookie injection - Prevention only