How Cookies Affect Your Internet Security and Privacy

Home Forums Forum How Cookies Affect Your Internet Security and Privacy

This topic contains 3 replies, has 4 voices, and was last updated by  ChristianWard 2 days, 15 hours ago.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #2814

    It is pretty familiar when you are using a website and a dialogue box pops up on your screen telling you that the site you are on is using cookies. I know a big percentage of you most probably don’t even know what cookies are. So let us start from there.

    What are cookies?

    A Cookie is a small text file of up to 4kb created by a website and is stored in the user’s device either temporary for that session only or permanently on the hard disk (persistent cookies). They provide a way for the website to recognize you and keep track of your preferences. It is simply a small piece of data sent from a website and stored on a user’s device by user’s web browser while the user is browsing.
    The following are some of the negative effects cookies can pose on cyber security:
    1. Poisoning
    2. Hijacking/Stealing
    3. Manipulation
    4. Cross site scripting
    5. Cross site request forgery
    6. TCP/IP hijacking
    7. HTTPS protocol
    Cookies have been used for quite long time now. But how vulnerable are they y when it comes to cyber security?

    1. Poisoning
    Normally, when cookie are sent to the user’s device and stored, they are supposed to be sent back to the web server unchanged. However, an attacker may change the value of cookies before sending it back to the web server. In the process of doing this, he ends up poisoning the cookies. The modified values of cookies when used by the web server enables the attacker to gain entry into the system and have access to sensitive information such as credentials or even impersonate the session of the user.

    2. Hijacking/Stealing

    There are also other attackers who are capable of hijacking or stealing cookies through network traffic and capturing cookies downloaded from a website to a web browser. The attacker may also steal the cookies stored on the user’s machine and use it to suit his own needs.
    It enables the attacker to start another session to the same website, after which he can submit the cookies to bypass authentication to execute malicious actions within the user’s account.
    How does cookie hijacking executed? This is achieved by applying the JavaScript code and supporting it with PHP program. This code is then sent to the victim. Upon running it, the cookie is sent to the attacker. Once the cookie reaches the attacker, the rest is history. The attacker will be capable of accessing the victim’s credentials.

    3. Manipulation
    Cookie manipulation attack is divided into cookie activation and direct cookie injection. Cookie activation attacks target store of the browser. Normally, cookie store has a certain limit of cookie size and the number of cookies that can be stored in a domain name. Here, the attacker may try and exploit the cookie size limit in the cookie store. He then submits multiple dummy cookies making the browser clean all the actual cookies, leaving behind only the dummy cookies in the browser store.
    Direct cookie injection on the other hand is applied in case te website uses secure cookies. It involves creation of new cookies or overwriting the ready existing cookies. It exploits the fact that insecure and secure cookies are located in same name space. The attacker catches a plain text HTTP transaction launched by a victim to coerce a plain text HTTP request to a target website. The attacker can then reply the request with HTTP response including arbitrary cookies.

    4. Cross-Site Scripting
    Cross-site scripting can be used for:
    • stealing sensitive information
    • hijacking user sessions
    • Compromising browsers and system integrity.
    This attack is executed when a software fails to neutralize user-controllable inputs or it neutralizes it incorrectly before the user input is placed in an output used as a web page served to users.

    The attacker injects HTML tags or scripts into a web site. This code is then downloaded and executed by a user from the web site. The attacker exploits a vulnerable application to send malicious code to the application’s user. Usually the used coding language for this kind of attack is JavaScript. This process realizes when the injected code is part of the original code. The focus of cross site scripting is on attacking the client, not the web server. The goal of the XSS attack is to have the client executing the malicious script to perform an action.

    In cross site scripting, the victim is used for performing the malicious script’s running to perform an action the attacker desires.

    5. TCP/IP Hijacking

    TCP/IP hijacking problem has existed in the most of applications that are TCP/IP-based. TCP/IP hijacking is also known as session hijacking. An attacker needs to be able to intercept the data of a legitimate user in order to hijack TCP/IP connection. Then the attacker inserts herself into that session. In web-based application’s session hijacking involves hijacking a user’s cookie. The cookie can be used for storing sensitive information such as login credentials. The attacker may use the cookie for accessing the session of the user. The user is probably not aware what happens and receives a “session expired” or “login failed” message. If session timeouts are incorrectly configured in web server application, an attacker may perform session hijacking. Typically, timeouts are configured to happen after a set period of inactivity in user’s session. An attacker may potentially use a hijacked cookie or predict session identifier numbers to hijack a session of a user if the time frame of timeouts is too extensive.

    #2858
    #5950

    Wow! Extremely surprising and informative. In all honesty, every time I saw the Cookies bar pop up, I had no damn idea what it meant. I have to say thought, the fact that a perpetrator can send “poisoned cookies” is just pure comedy. Ridiculous when one comes to think of the world we’ve come to.

    #5966

    Very useful, now I finally know what cookies stands for! 🙂 I have been going along all this time with no idea that it was this important. Just goes to show that being informed is invaluable. Good article!

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login Register