Cookie theft occurs when the the cookie issued by the application is hijacked for malicious purposes by an attacker. By suitably inserting script code into the URL that invokes the portion of the site that uses cookies and is vulnerable, the attacker captures the cookies and can cause damage to content as well as mimic business functions and perform fake transactions.
For example, the code above, when clicked on, sends the cookie to www.destination.com/cgi-bin/cookie.cgi and displays it. If you see a page displaying a cookie, then session hijacking of the user's account is possible. This script can be coded in HEX, as well, to reduce the chance of detection. So, the script sends the user's cookies to the attacker's site where the attacker gain all the information needed to wreak havoc.
0
comments, (602 reads) All Articles by, GentleGiant