What attack is being depicted here?

seenagapeOctober 11, 2015

Ivan is auditing a corporate website. Using Winhex, he alters a cookie as shown below.
Before Alteration: Cookie: lang=en-us; ADMIN=no; y=1 ; time=10:30GMT ;
After Alteration: Cookie: lang=en-us; ADMIN=yes; y=1 ; time=12:30GMT ;
What attack is being depicted here?

PrepAway - Latest Free Exam Questions & Answers

A.
Cookie Stealing

B.
Session Hijacking

C.
Cross Site Scripting

D.
Parameter Manipulation

Explanation:
Cookies are the preferred method to maintain state in the stateless HTTP protocol. They are
however also used as a convenient mechanism to store user preferences and other data including
session tokens. Both persistent and non-persistent cookies,secure or insecure can be modified by
the client and sent to the server with URL requests. Therefore any malicious user can modify
cookie content to his advantage. There is a popular misconception that non-persistent cookies
cannot be modified but this is not true; tools like Winhex are freely available. SSL also only
protects the cookie in transit.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

What attack is being depicted here?

Leave a Reply Cancel reply