Cookie.

1. What is Cookie.

2. Cookie Components.

3. Structure of cookie.

4. Session id.

5. Cookie Sniffing.

6. Session Hijacking.

7. Where do your cookies are being saved in your computer and how to you access get cookie in CMD.

What is cookie

Websites use HTTP cookies to streamline your web experiences. Without cookies, you’d have to login every time you leave a site or rebuild your shopping cart if you accidentally closed the page. Making cookies is an important part of the modern internet experience.

To be more concise, cookies are intended to be used for:

1. Session management: For example, cookies let websites recognize users and recall their individual login information and preferences, such as sports news versus politics.
2. Personalization: Customized advertising is the main way cookies are used to personalize your sessions. You may view certain items or parts of a site, and cookies use this data to help build targeted ads that you might enjoy. They’re also used for language preferences as well.
3. Tracking: Shopping sites use cookies to track items users previously viewed, allowing the sites to suggest other goods they might like and keep items in shopping carts while they continue shopping on another part of the website. They will also track and monitor performance analytics, like how many times you visited a page or how much time you spent on a page.

While this is mostly for your benefit, web developers get a lot out of this set-up as well. Cookies are stored on your device locally to free up storage space on a website’s servers. In turn, websites can personalize content, whilst saving money on server maintenance and storage costs.

Cookie Components

HTTP is stateless. But, if an website wants to keep track the identity of its user, then HTTP uses cookie for this purpose.

Cookie technology has following four components.

1. A cookie header line in the HTTP response message.

2. A cookie header line in the HTTP request message.

3. A cookie file kept in the user’s end system & managed by the user’s browser.

4. A back-end database at the website.

Structure of cookie

Domain: The domain that the cookie is available to. Setting the domain to ‘www.example.com’ will make the cookie available in the www subdomain and higher subdomains.

Path: The path attribute defines the URL path under which the cookie is valid. Cookies will be sent with requests matching this path.

Name: The Name of the cookie. This name is used by the website to refer to it. The name should be unique to the website, but it doesn’t matter if it clashes with the name of a cookie from another website.

Value: The value of the cookie. This value is stored on the client’s computer; do not store sensitive information.

Secure: Indicates that the cookie should only be transmitted over a secure HTTPS connection from the client. When set to True, the cookie will only be set if a secure connection exists.

Expires or Max-Age: Either the “Expires” attribute or the “Max-Age” attribute is used to specify the cookie’s expiration date or duration. “Expires” is a timestamp indicating when the cookie will expire, while “Max-Age” specifies the number of seconds until the cookie expires.

Session id

A session ID is a unique number that a Web site’s server assigns a specific user for the duration of that user’s visit (session). The session ID can be stored as a cookie, form field, or URL (Uniform Resource Locator). Some Web servers generate session IDs by simply incrementing static numbers. However, most servers use algorithms that involve more complex methods, such as factoring in the date and time of the visit along with other variables defined by the server administrator.

Every time an Internet user visits a specific Web site, a new session ID is assigned. Closing a browser and then reopening and visiting the site again generates a new session ID. However, the same session ID is sometimes maintained as long as the browser is open, even if the user leaves the site in question and returns. In some cases, Web servers terminate a session and assign a new session ID after a few minutes of inactivity.

Session IDs, in their conventional form, do not offer secure Web browsing. Skilled hackers can acquire session IDs (a process called session prediction), and then masquerade as authorized users in a form of attack known as session Hijacking.

Cookie Sniffing

Cookie sniffing, also known as session hijacking or session eavesdropping, is a type of cyberattack in which an attacker intercepts and steals HTTP cookies from a network connection. These cookies often contain sensitive information, such as session identifiers and user credentials, which can be used to gain unauthorized access to a user’s accounts or impersonate them on a website.

Here’s how cookie sniffing typically works:

1. Interception: An attacker, often on the same network as the victim, uses tools or techniques to intercept network traffic, which may include data exchanged between the user’s browser and a website. This can occur on public Wi-Fi networks or compromised network devices.

2. Cookie Extraction: The attacker identifies and extracts HTTP cookies from the intercepted data. These cookies may include session IDs, authentication tokens, and other user-specific information.

3. Unauthorized Access: With the stolen cookies, the attacker can potentially gain unauthorized access to the victim’s account on the website, impersonate the user, or carry out malicious actions on their behalf.

To mitigate the risk of cookie sniffing, web developers and administrators can implement the following security measures:

1. Use HTTPS: Use secure, encrypted connections (HTTPS) for all web traffic, not just during the login phase. This helps protect sensitive data, including cookies, from interception.

2. Http Only Flag: Set the “Http Only” flag on cookies to prevent JavaScript from accessing them, reducing the risk of cross-site scripting (XSS) attacks.

3. Secure Flag: For sensitive cookies, set the “Secure” flag to ensure they are only transmitted over HTTPS connections.

4. Same Site Attribute: Utilize the “Same Site” attribute to control when cookies are sent with cross-origin requests. Setting it to “Strict” can help mitigate certain types of attacks.

5. Session Timeout: Implement session timeouts to invalidate sessions after a period of inactivity, reducing the window of opportunity for attackers.

6. Regenerate Session IDs: Rotate or regenerate session IDs after successful login to make it more challenging for attackers to guess or intercept them.

7. Network Security: Educate users about the risks of using public Wi-Fi networks and encourage them to use VPNs or other secure methods when accessing sensitive information.

Cookie sniffing is a serious security concern, and its prevention is crucial to protect user data and privacy. Web developers should follow best practices in securing cookies and sensitive information exchanged over the web.

Session Hijacking

Session hijacking — sometimes called cookie hijacking, cookie side-jacking, or TCP session hijacking — occurs when an attacker takes over your internet session. This might happen when you’re shopping online, paying a bill, or checking your bank balance. Session hijackers usually target browser or web applications, and their aim is to take control of your browsing session to gain access to your personal information and passwords.

Session hijackers fool websites into thinking they are you. This type of attack can have serious consequences for application security because it allows attackers to gain unauthorized access to protected accounts (and the data they contain) by masquerading as a legitimate user.

How does session hijacking work

Here is a hypothetical example of how session hijacking might work:

1. An internet user logs into an account as normal.

This might be their online bank or credit card account, an online store, an application, or portal. The application or website installs a temporary session cookie in the user’s browser. That cookie contains information about the user that allows the site to keep them authenticated and logged in and to track their activity during the session. The session cookie remains in the browser until the user logs out (or is automatically logged out after a set period of inactivity).

2. A criminal gains access to the internet user’s valid session.

Cybercriminals use various methods to steal sessions. Often, session hijacking involves stealing the user’s session cookie, locating the session ID within the cookie, and using that information to take over the session. The session ID is also known as a session key. When the criminal obtains the session ID, they can take over the session without detection.

3. The session hijacker gets a payoff for stealing the session.

Once the original internet user has continued their online journey, the hijacker can use the ongoing session to commit various malicious acts. This can include stealing money from the user’s bank account, purchasing items, grabbing personal data to commit identity theft, or encrypting important data and then demanding a ransom for its return.

Session hijack attacks are usually carried out against busy networks with a high number of active communication sessions. This provides the attacker with a large volume of sessions to exploit and gives the attacker a measure of protection — because the number of active sessions on the server makes them less likely to be detected.

Where do your cookies are being saved in your computer and how to you access get cookie in CMD.

Do you want to look up your cookies on your computer’s web browser? Cookies are pieces of information that help your browser remember a website’s past visit. This makes the website easier and quicker to access. Cookies can usually be found in your browser’s Settings, and you can view, delete, or manage them for individual websites. This wiki How will show you how to view and access your browser’s cookies on the desktop versions of Google Chrome.

In Google Chrome, click ⋮ → “Settings” → “Privacy and security” → “Cookies and other site data” → “See all site data and permissions”.

1. Open Google Chrome. This looks like a green, red, blue, and yellow sphere icon.

2. Click ⋮. This icon is in the top-right corner of the Chrome window.

3.Click Settings. It’s toward the bottom of the drop-down menu.

4. Click Privacy and security. This will be on the left panel, underneath Autofill.

5. Click Cookies and other site data. You can find this between Privacy Guide and Security.

6. Click See all site data and permissions. You may need to scroll down to find this option.

7. View your cookies. You’ll see a list of visited websites.

· Click the drop-down menu for Sort by and select: Most visited, Data stored, or Name. You can also use the search bar in the top-right corner to search for specific websites.

· Click the arrow next to each website to expand its details. You can adjust permission for each cookie here.

· To delete a cookie, select a website and click the trashcan.

· You can also delete google chrome history.