WebApp Sec: RE: Unable to impersonate another user although having its cookie

Nmap Security Scanner

Intro

Docs
Security Lists

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

RE: Unable to impersonate another user although having its cookie

From: "Martin O'Neal" <martin.oneal () corsaire com>
Date: Wed, 1 Jul 2009 14:34:38 +0100

Is this possible?


Ja; possible. May be tagging agent, or source address, or maybe using
multiple cookies, or maybe session ID in javascript variable...

Is it the normal operation 
in sessions in CakePHP?


No eye dear.

Martin...

Current thread:

Re: Unable to impersonate another user although having its cookie, (continued)
- RE: Unable to impersonate another user although having its cookie Hellman, Matthew (Jul 01)
  - Re: Unable to impersonate another user although having its cookie Guillermo Caminer (Jul 06)
- Re: Unable to impersonate another user although having its cookie Guillermo Caminer (Jul 06)
  - Re: Unable to impersonate another user although having its cookie José Manuel Molina Pascual (Jul 06)
- RE: Unable to impersonate another user although having its cookie Martin O'Neal (Jul 01)
- Re: Unable to impersonate another user although having its cookie arvind doraiswamy (Jul 27)