Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

New Free Tool - Foundstone CookieDigger

from [Curphey, Mark] Network Security [Permanent Link]
Subject: New Free Tool - Foundstone CookieDigger
Date: Fri, 13 May 2005 10:57:49 -0700 
We are pleased to release another free tool for your pleasure....

For the Impatient

Download Binaries -
http://www.foundstone.com/resources/termsofuse.htm?file=cookiedigger.zip

Download User Guide -
http://www.foundstone.com/resources/downloads/Foundstone_CookieDigger_Wh
itepaper.pdf

For the Less Impatient

CookieDigger, designed by Foundstone, is a free tool to help identify
weak cookie generation and usage by web applications. The tool works by
collecting and analyzing cookies issued by a web application for
multiple users.  

The tools functionality can be divided into 3 broad categories. 
1.      Cookie Collection
2.      Cookie Analyses
3.      Results

Average Length of the Cookie: If the average cookie length of the cookie
that is used as an authenticator is small then it would take fewer brute
force attempts to hijack another users session.  On a popular site we
can assume many users to be logged in at the same time, therefore the
chances of a successful brute force attempt is high. 

Character Set of the Cookie: The character set employed in the
generation of cookie value plays an important role in the determining
the strength of the authenticator. For any given cookie length, a large
character set increases the strength of the authenticator exponentially.
If the attacker can determine the character set employed by the
application, the brute force attempts can be crafted more efficiently.
The combination of the length of the cookie and the character set used
determines the strength of the authenticator.  
 
Critical Information: The tool checks the cookie values set by the
application to see if any of the cookies contains the usernames or
password values in it. The check is performed on both the plain text
value of the cookie and on the base64 decoded value of the cookie. Other
common useful information passed in the cookie values are account
numbers, names, privilege levels, etc. 

Entropy of the Cookies: The tool compares the different values of the
cookie values to check how many characters are changing for every
subsequent login. If the cookie value remains the same on subsequent
logins, it shows that the algorithm used for generating the cookies is
vulnerable to chosen plain text attacks. Furthermore, if the cookie
values remain the same on subsequent logins it gives the attacker longer
periods of time to perform the brute forces attempts.

More and lots of screen shots in the whitepaper

Mark Curphey

http://www.foundstone.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • New Free Tool - Foundstone CookieDigger, Curphey, Mark <=
Previous by Date:  RE: Penetration Test Hardware Vendor, Todd Towles
Next by Date:  Wireless cards, Michael C. McDonnell
Previous by Thread:  Re: Penetration Test Hardware Vendor, Skander Ben Mansour
Next by Thread:  Wireless cards, Michael C. McDonnell
Indexes:  [Date] [Thread] [Top] [All Lists]