Editing local cookie values

Question

Editing local cookie values

I'm trying to do some quick testing to load cookie values for some of my web applications (ASP.NET, if that ultimately matters). I am trying to insert some Javascript and SQL code for this, but with some problems.

I have FireFox, IE 7 and 8, and Chrome. FireFox Add extension N Edit Cookies will not allow me to change the value to anything with a semicolon. Nirsoft IECookiesView will not show a specific cookie that I have ever followed (ASP.NET session cookie).

Are there any other cookie editing utilities so that I can verify this? My google fu seems to fail with this.

+3

security cookies

Chris Jan 25 '10 at 20:09

source share

3 answers

, HTTP-? , .

, http HTTP , . Java, JMeter Solex .

, cookie , , , HTTP, , Add N Edit Cookies. cookie , firefox , .

+1

Yoni 25 . '10 20:29

; cookie. Set-Cookie document.cookie, , cookie.

Cookie:, ; .

+1

bobince Jan 25 '10 at 21:01

source share

rook · Accepted Answer · 2010-01-25T20:29:41+0000

Enter this in your address bar on the cookie website that you want to edit. Remember that document.cookie differs depending on the domain you are currently viewing. UNION ALL SELECT lname FROM Employee ORDER BY au_lname

Edit: Bobint is right about the semicolon, so there is a SQL injection here without a semicolon.

javascript: document.cookie = "SESSID = 'union select password from users, where id = 1 -";

Tamperdata addon firefox SQL- xss, . Acunetix, http-, cookie xss/sql . Acuentix xss . w3af wapiti , cookie.

Editing local cookie values

More articles: