Re: common cookie db?

From: Ramon Pinuaga Cascales (rpinuaga@s21sec.com)
Date: Wed Jan 18 2006 - 13:08:45 EST

• Next message: Michael Weber: "Re: Pen testing Fiber Channel"
• Previous message: Michael: "Online Pharmacy at Rock Bottom Prices!!"
• In reply to: offset: "common cookie db?"
• Next in thread: Javier Fernandez-Sanguino: "Re: common cookie db?"
• Reply: Javier Fernandez-Sanguino: "Re: common cookie db?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi offset,

I've compiled a document called "cookie_figerprinting".
I put here the cookies I usually found working.

I hope it helps you...

Con fecha martes, 17 de enero de 2006, 16:55:47, escribió:

o> Greetings,

o> Before I re-invent the wheel, I wanted to see if anyone knew of a common known cookie list
o> where someone has already tracked this information.

o> If not, I'll just track my own findings as I do assessments.

o> ie.
o> _utma
o> GMAIL_LOGIN
o> JSESSIONID

o> The goal is to track common cookies to applications (ie. Weblogic, websphere, apache, etc).

o> Thanks,

o> ------------------------------------------------------------------------------
o> Audit your website security with Acunetix Web Vulnerability Scanner:

o> Hackers are concentrating their efforts on attacking applications on your
o> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
o> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
o> futile against web application hacking. Check your website for vulnerabilities
o> to SQL injection, Cross site scripting and other web attacks before hackers do!
o> Download Trial at:

o> http://www.securityfocus.com/sponsor/pen-test_050831
o> -------------------------------------------------------------------------------

-- 
Saludos,
 Ramon                            mailto:rpinuaga@s21sec.com

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• text/plain attachment: cookie_fingerprinting.txt

• Next message: Michael Weber: "Re: Pen testing Fiber Channel"
• Previous message: Michael: "Online Pharmacy at Rock Bottom Prices!!"
• In reply to: offset: "common cookie db?"
• Next in thread: Javier Fernandez-Sanguino: "Re: common cookie db?"
• Reply: Javier Fernandez-Sanguino: "Re: common cookie db?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:23 EDT