using cookie what are they ways to exploit it.

like my admin system is using cookie after login 1 cookie is store on the client comp, with domain and path and expire = 1 hour.

there is ways to exploit it ?


PS: just looking around to know if i need more safety at it.

Cookies are by far the safest, in comparision to passing values in a URL string <G>

Cheers

Andy (mod)
andy@ultranerds.co.uk

---

IMPORTANT: I've now moved to ultranerds.co.uk, and the .com will no longer work!
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package (plugins total "value" $3,325 & rising, for just $350)| GLinks ULTRA Package PRO (plugins total "value" $5,625 & rising, for just $500)
Support Forum | Links SQL Plugins | DMOZ Dumps | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Compare our different Plugin packages *new* Free CSS Templates

what would be the safest option to use in? since you have too many important data.

like with cookie i saw around many many times when you join somes sites they show your cookies thats why i open this topic to know if they can emulate it to make a cookie with same value will this work to enter a restrict area...

i have been reading about cookie with sessions and i didnt get the point yet.


lets say(no session in this example):

user enter at the web-page, put his login and password and log into the system.
when user put right login + pass a cookie is write on the user to give him access.

if the user enter in other site and that site read and store that cookie info(stole it).
The owner of the site 2 read and generate a cookie with the same information that he stole.

questions:

Will the thief be able to access the site ? (if the cookie didnt expire yet.)
Can him even generate the domain/path information without problem ?
What would be different using sessions ?

thanks for the help, im just trying to get it better

Hi,

I would do;

1) User logs in, and an entry is added to a login table (alongside their sessionID)
2) The sessionID is then saved to the cookie,alongside their IP address (i.e "e554f4354554-255.232.32.32"), to give uniqueness.
3) When they access pages, you can look at the cookie.. and confirm the sessionID exists, as is indeed valid.

If someone just happened to "copy" the cookie over; although the session ID may work, the IP address would be different... and thus you could confirm this wasn't the person who logged in first, and thus reject them =)

Hope that helps.

Cheers

Andy (mod)
andy@ultranerds.co.uk

---

IMPORTANT: I've now moved to ultranerds.co.uk, and the .com will no longer work!
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package (plugins total "value" $3,325 & rising, for just $350)| GLinks ULTRA Package PRO (plugins total "value" $5,625 & rising, for just $500)
Support Forum | Links SQL Plugins | DMOZ Dumps | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Compare our different Plugin packages *new* Free CSS Templates

good way, actually i use to use the session id = md5(random number)
so i would only add ip. and store it to compare and make the system know if its real/not real.

thx to help this newbie ;D

learning every time more and more