Jump to content

All Internet Explorer browser versions allow cookiejacking

daredevil
 Share

Recommended Posts

  • Administrators
daredevil Grand Master

daredevil

Posted
  • Administrators
Posted
Internet Explorer was found to have a flaw that allows hackers to steal cookies to access their accounts on some websites. The bug was found by a security researcher Rosario Valotta who said it could let hackers steal credentials to access FaceBook, Twitter and other websites.

 

"Any website. Any cookie. Limit is just your imagination," said Valotta, an independent Internet security researcher based in Italy.

 

Hackers can exploit the flaw to access a data file stored inside the browser known as a "cookie," which holds the login name and password to a web account, Valotta said via email

 

As a perpetrator access the cookie they can use it to access the same site concludes Valotta who dubs the technique as "cookiejacking."

 

The vulnerability affects all versions of Internet Explorer, including IE 9, on every version of the Windows operating system.

 

To exploit the flaw, the hacker must persuade the victim to drag and drop an object across the PC's screen before the cookie can be hijacked.

 

While it may sound like a difficult task, Valotta said he was able to do it fairly easily. He built a puzzle that he put up on Facebook in which users are challenged to "undress" a photo of an attractive woman.

 

"I published this game online on FaceBook and in less than three days, more than 80 cookies were sent to my server," he said. "And I've only got 150 friends."

 

Source.

Chuckun Newbie

Chuckun

Posted
Posted

By the way.. I can do this with any browser.. (have never tried with chrome)

All browsers store cookies, and all of them can be copied and/or forged from another PC.. Or am I missing something? :/

 

Edit: my bad, I missed the section explaining the hacker could retreive them with no access to the users system. Impressive!

Chuckun Newbie

Chuckun

Posted
Posted

If you use IE, this is just one of many worries you should have in mind :P

  • Administrators
daredevil Grand Master

daredevil

Posted
  • Author
  • Administrators
Posted

In short stop using IE 9 till they release fix for it :)

  • Administrators
JoeDirt Newbie

JoeDirt

Posted
  • Administrators
Posted

I can get more data then that in a Starbucks or any place that has open wifi, doesn't matter which browser you use. Also its easier to infect ppl's computers with spyware. I was reading an interesting article on Apple and malware today made me lol. Also that guy has 80 retarded friends

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

About Us

We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.

Player Gaming Stats for =F|A= Servers.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept