CookieMonster is coming to Pown (err, Town)
Last month at Defcon, Mike Perry gave a talk about a vulnerability with sites that use SSL to secure the traffic if the site saves a cookie on your machine but does not set a flag indicating it is to be used only with encrypted sessions only. If some one can place themselves so they see your web traffic, they can inject arbitrary content to the data for sites not requiring cookies to set 'Encrypted Sessions Only' and force your browser to provide the saved cookies in a cleartext response. For more information about his tool from last month, see here.
On Tuesday, Mike posted more information including documentation for the tool, a sample configuration file and some code snippets. The tool itself has not yet been made available to the general public.
Thanks to Chris and Micheal for writing in about it.
David Goldsmith
SANS / ISC Handler
Comments