Writeup: Brute-forcing a stay-logged-in cookie

Lab link.

Persistent cookies are used in sections such as “Remember me”. Some websites keep This cookie in predictable values or simple hashed form. In this Lab, operations are also done through cookies, we will examine this first.

We need a hash-type detector to solve the structure in Cookie, you can use whatever you want. Here is the structure of the cookie:

base64(username:md5(password))

We pass our request to the intruder and edit it, first, we delete the “?id=wiener” part. In the Cookie section, we delete the session part and add a payload marker in the stay-logged-in section.

We add our cookie rule in the payload processing section.

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir