Social Icons

Sunday, March 24, 2013

Twitter Session Cookie Vulnerability

1.    This one is pretty easy to show and understand..but the only thing not understandable is the fact that it actually exists even today.....so this one is about Twitter Session Cookie Vulnerability.I got to know of this at Null's delhi meet where Rishi Narang (http://www.wtfuzz.com/ )gave this demonstration of which I made a video cast subsequently and uploaded it here at your tube.


2.    In brief it goes like this...u login into your twitter account,an auth_token cookie is generated in the crowd  of various other cookies.Now this cookie only will be able to log you in your twitter account from anywhere across the web....simply watch how to exploit!!!!

3.   Thanks Rishi Narang @ http://www.wtfuzz.com/
Posted by at
Labels: , , , , , , , ,

2 comments:

  1. Vaibhav GuptaMarch 24, 2013 at 4:58 PM

    Cool....You have nicely crafted video showcasing the vulnerability disclosed at #nulldelhi \m/

    Cheers,
    Vaibhav

    ReplyDelete
  2. ANUPAM TIWARIMarch 24, 2013 at 5:09 PM

    thanks Vaibahv. Cheers, you got this post almost immediately as I published it.

    ReplyDelete

Subscribe to: Post Comments (Atom)
Powered By Blogger