How it works...
In this recipe, we just checked some values of a cookie. Although not as spectacular as others, it is important to check the cookie configuration in every penetration test we perform; an incorrectly configured session cookie opens the door to a session hijacking attack and the misuse of a trusted user's account.
If a cookie doesn't have the HTTPOnly flag enabled, it can be read by scripting, which means that if there is a Cross-Site Scripting (XSS) vulnerability, which we will see in later chapters, the attacker will be able to get the identifier of a valid session and use that value to impersonate the real user in the application.
The Secure attribute, or Send For Encrypted Connections Only in Cookies Manager, tells the browser ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access