Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Re: Session Fixation

Re: Session Fixation

From: Matt Fisher <mattfisher_at_comcast.net>
Date: Tue, 1 Apr 2003 13:33:36 -0500

http://www.computerbytesman.com/privacy/supercookie.htm

----- Original Message -----
From: "Douglas Schlenker" <Douglas.Schlenker_at_RoyalRoads.ca>
To: <webappsec_at_fishnet.co.uk>; <webappsec_at_securityfocus.com>
Sent: Tuesday, April 01, 2003 12:17 PM
Subject: RE: Session Fixation

> Ok, I'm going to bite... can you explain what IE's ^Super Cookie^ is? I've
> never heard of this reference before and I'm quite interested.
>
> douglas
>
> Hi,
>
> Has anyone put the Internet Explorer ^Super Cookie^ to use ?
>
> For the particular app I am working on, I can guarantee that all the
> user are connecting with IE over ssl. Plus they all (mainly) go
> through a router from the same LAN, thus appear to have the same IP.
>
> I am currently logging the super cookie to try and determine if it
> really is unique enough.
>
> Regards
>
> Ian
> --
>
>
Received on Apr 01 2003

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos