Social Icons

Sunday, March 24, 2013

Twitter Session Cookie Vulnerability

1.    This one is pretty easy to show and understand..but the only thing not understandable is the fact that it actually exists even today.....so this one is about Twitter Session Cookie Vulnerability.I got to know of this at Null's delhi meet where Rishi Narang (http://www.wtfuzz.com/ )gave this demonstration of which I made a video cast subsequently and uploaded it here at your tube.


2.    In brief it goes like this...u login into your twitter account,an auth_token cookie is generated in the crowd  of various other cookies.Now this cookie only will be able to log you in your twitter account from anywhere across the web....simply watch how to exploit!!!!

3.   Thanks Rishi Narang @ http://www.wtfuzz.com/

2 comments:

  1. Cool....You have nicely crafted video showcasing the vulnerability disclosed at #nulldelhi \m/

    Cheers,
    Vaibhav

    ReplyDelete
  2. thanks Vaibahv. Cheers, you got this post almost immediately as I published it.

    ReplyDelete