Wednesday, December 12, 2007

Christmas Cookie Recipe

Here's a cookie recipe for the holidays that might not be so sweet -- if in the wrong hands. Michele Dallachiesa, an Italian security researcher, posted information and links to his two new cookie forging tools on Bugtraq.

The two tools, cookiesniffer and cookieserver, can be used to capture, manipulate or impersonate cookies. The tools can be downloaded from his Xenion web site.

These tools can be used for attacks known as session hijacking, replay attacks and cross-site request forgery (CSRF). They level the playing field for exploiting cookies, the equivalent of passwords in the Web 2.0 world.

There was also an article in Computer World.

Saluti a Michele per il suo grande lavoro nel campo di sicurezza informazione.

0 Comments:

Post a Comment

Links to this post:

Create a Link

<< Home