The main use of this is in combination with an XSS attack to login as the victim. This is a very simple thing to do just D

1. Download the “Add N Edit Cookies” firefox extension.”
2. Obtain the cookies such as: bbuserid=3 and bbpassword=11d90eb73e71d48d6e22976d7c1892e4
3. Now go to the site and click Tools > Cookie Editor
4. Find the site in the list(simply login or attempt to login and a cookie should be baked!), so you can get the path(normally /) and host(normally the site without http://www).
5. Now if you want to change simply just click edit.
6. Or you can click add and input the name, content, host, and path. Using the first example cookie in step 2:
   

   Name: bbuserid
   Content: 3
   Host: tutorialninjas.net
   path: /

7. Clik Save and you are all set the next time you go to the page you should be using your new edited cookie!

This entry was posted on Sunday, July 1st, 2007 at 3:02 pm and is filed under Technology.You can follow any responses to this entry through the RSS 2.0 feed.You can leave a response, or trackback from your own site.