Cookie hijacking is a hacking process by
which the hacker gains unauthorized access to some confidential information in
a way which is not facilitated by the user or a secure session.
Specifically speaking cookie hijacking
means hacking or stealing the cookies that contain confidential information
that is needed to authenticate or connect a user to a remote web server.
Cookie hijacking can be performed by the
hacker by using a computer between the node and server or by obtaining access
to the cookies stored on the user’s computer.
A hacker can also use source router
Internet protocol or IP packets to gain unauthorized access between two
communicating nodes.
The hacker would then route the packets
containing cookies to pass through his computer before reaching destination.
Cookie hijacking sometimes is used to
perform denial of service attacks also known as DOS attacks.
What is a cookie?
Cookies are usually small text files, given
ID tags that are stored on your computer's browser directory or program data
subfolders. Cookies are created when you use your browser to visit a website
that uses cookies to keep track of your movements within the site, help you
resume where you left off, remember your registered login, theme selection,
preferences, and other customization functions.The website stores a
corresponding file(with same ID tag)to the one they set in your browser and in
this file they can track and keep information on your movements within the site
and any information you may have voluntarily given while visiting the website,
such as email address.
Cookies are often indispensable for
websites that have huge databases, need logins, have customizable themes, other
advanced features.
Cookies usually don't contain much
information except for the url of the website that created the cookie, the
duration of the cookie's abilities and effects, and a random number. Due to the
little amount of information a cookie contains, it usually cannot be used to
reveal your identity or personally identifying information.However, marketing
is becoming increasingly sophisticated and cookies in some cases can be
agressively used to create a profile of your surfing habits.
There are two types of cookies: session
cookies and persistent cookies. Session cookies are created temporarily in your
browser's subfolder while you are visiting a website. Once you leave the site,
the session cookie is deleted. On the other hand, persistent cookie files
remain in your browser's subfolder and are activated again once you visit the
website that created that particular cookie. A persistent cookie remains in the
browser's subfolder for the duration period set within the cookie's file.
More on Cookies
A cookie is a small file of letters and
numbers downloaded on to your computer when you access certain websites. Like
virtual door keys, cookies unlock a computer's memory and allow a website to recognise users when they return to a site by opening doors to different
content or services. Like a key, a cookie itself does not contain information,
but when it is read by a browser it
can help a website improve the service delivered.
Cookie files are automatically lodged into
the cookie file -
the memory of your browser - and each one typically contains:
·
The name of the server the cookie was
sent from
·
The lifetime of the cookie
·
A value - usually a randomly
generated unique number
The website server which sent the cookie
uses this number to recognise you when you return to a site or browse from page
to page. Only the server that sent a cookie can read, and therefore use, that
cookie.
A cookie is a text-only string of
information that a website transfers to the cookie file of the browser on the
hard disk of computers so that the website can remember who you are.
A cookie will typically contain the name of
the domain from which the cookie has come, the "lifetime" of the
cookie, and a value, usually a randomly generated unique number. Two common
types of cookies are used on most websites-session cookies, which are temporary
cookies that remain in the cookie file of your browser until you leave the
site, and persistent cookies, which remain in the cookie file of your browser
for much longer (though how long will depend on the lifetime of the specific
cookie).
Session
cookie
A session cookie, also known as an
in-memory cookie or transient cookie, exists only in temporary memory while the
user navigates the website.[14] Web browsers normally delete session cookies
when the user closes the browser.[15] Unlike other cookies, session cookies do
not have an expiration date assigned to them, which is how the browser knows to
treat them as session cookies.
Persistent
cookie
Instead of expiring when the web browser is
closed as session cookies do, persistent cookies expire at a specific date or
after a specific length of time. This means that, for the cookie's entire
lifespan (which can be as long or as short as its creators want), its
information will be transmitted to the server every time the user visits the
website that it belongs to, or every time the user views a resource belonging
to that website from another website (such as an advertisement).
For this reason, persistent cookies are
sometimes referred to as tracking cookies because they can be used by
advertisers to record information about a user's web browsing habits over an
extended period of time. However, they are also used for "legitimate"
reasons as well (such as keeping users logged into their accounts on websites,
to avoid re-entering login credentials at every visit).
Secure
cookie
A secure cookie can only be transmitted
over an encrypted connection (i.e. HTTPS). This makes the cookie less likely to
be exposed to cookie theft via eavesdropping.
HttpOnly
cookie
HttpOnly cookies can only be used when
transmitted via HTTP (or HTTPS). They are not accessible through non-HTTP APIs
such as JavaScript. This restriction eliminates the threat of cookie theft via
cross-site scripting (XSS), while leaving the threats of cross-site tracing
(XCT) and cross-site request forgery (CSRF) intact.
Third-party
cookie
Normally, a cookie's domain attribute will
match the domain that is shown in the web browser's address bar. This is called
a first-party cookie. Third-party cookies, however, belong to domains different
from the one shown in the address bar. These sorts of cookies typically appear
when web pages feature content, such as banner advertisements, from external
websites. This opens up the potential for tracking the user's browsing history,
and is often used by advertisers in an effort to serve relevant advertisements
to each user.
As an example, suppose a user visits
www.example.org. This web site contains an advertisement from
ad.foxytracking.com, which, when downloaded, sets a cookie belonging to the
advertisement's domain (ad.foxytracking.com). Then, the user visits another
website, www.foo.com, which also contains an advertisement from
ad.foxytracking.com/, and which also sets a cookie belonging to that domain
(ad.foxytracking.com). Eventually, both of these cookies will be sent to the
advertiser when loading their advertisements or visiting their website. The
advertiser can then use these cookies to build up a browsing history of the
user across all the websites that have ads from this advertiser.
As of 2014, some websites were setting
cookies readable for over 100 third-party domains.[16] On average, a single
website was setting 10 cookies, with a maximum number of cookies (first- and
third-party) reaching over 800.[17]
Most modern web browsers contain privacy
settings that can block third-party cookies.
Supercookie
A "supercookie" is a cookie with
an origin of a Top-Level Domain (such as .com) or a Public Suffix (such as
.co.uk). Ordinary cookies, by contrast, have an origin of a specific domain
name, such as example.com.
Supercookies can be a potential security
concern and are therefore often blocked by web browsers. If unblocked by the
client computer, an attacker in control of a malicious website could set a supercookie
and potentially disrupt or impersonate legitimate user requests to another
website that shares the same Top-Level Domain or Public Suffix as the malicious
website. For example, a supercookie with an origin of .com, could maliciously
affect a request made to example.com, even if the cookie did not originate from
example.com. This can be used to fake logins or change user information.
The Public Suffix List helps to mitigate
the risk that supercookies pose. The Public Suffix List is a cross-vendor initiative
that aims to provide an accurate and up-to-date list of domain name suffixes.
Older versions of browsers may not have an up-to-date list, and will therefore
be vulnerable to supercookies from certain domains.
The term "supercookie" is
sometimes used for tracking technologies that do not rely on HTTP cookies. Two
such "supercookie" mechanisms were found on Microsoft websites in
August 2011: cookie syncing that respawned MUID (Machine Unique IDentifier)
cookies, and ETag cookies.[18] Due to media attention, Microsoft later disabled
this code.
Zombie
cookie
Zombie cookies are cookies that are
automatically recreated after being deleted. This is accomplished with the help
of a client-side script. The script starts by storing the cookie's content in
multiple locations, such as Flash local storage, HTML5 storage, and other
client-side storage locations. When the script detects the cookie's absence, it
recreates the cookie using the data stored in these locations.
Structure
A cookie consists of the following
components:
Name
Value
Zero or more attributes
No comments:
Post a Comment