history.dat replay attack

From: spammailme@gmail.com
Date: Thu Nov 09 2006 - 13:45:00 EST

• Next message: Ric Messier: "RE: DDOS Products"
• Previous message: Cory Michal: "RE: nikto problems"
• Next in thread: Frank Bussink: "Re: history.dat replay attack"
• Maybe reply: Frank Bussink: "Re: history.dat replay attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Next during a PT it was discovered the browser history stored fully qualified domain and URI (ie. www.example.com/secure/login.do?session=UYUYFIBV876760760hGUYGU)

Which can be extracted and replayed in another browser. There is a default timeout as a control yet I want to have it removed when session is terminated. It was still there after the browser was closed AND replayable.

Any possible solutions to this issue

First does anyone the windows equiv the *nix history.dat? What is the file name (ntuser.dat?) or path?

Thx
- Don

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Ric Messier: "RE: DDOS Products"
• Previous message: Cory Michal: "RE: nikto problems"
• Next in thread: Frank Bussink: "Re: history.dat replay attack"
• Maybe reply: Frank Bussink: "Re: history.dat replay attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:19 EDT