Sniping Insecure Cookies with XSS
Tags
| attack-pattern: | Data Credentials - T1589.001 Javascript - T1059.007 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | df48d18a-7573-495a-80cf-012a70094107 |
| Fingerprint | 2d5bd2824ce365b5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 22, 2017, midnight |
| Added to db | Feb. 18, 2023, 1:17 a.m. |
| Last updated | Oct. 15, 2024, 10:11 p.m. |
| Headline | Sniping Insecure Cookies with XSS |
| Title | Sniping Insecure Cookies with XSS |
| Detected Hints/Tags/Attributes | 50/1/15 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://breakdev.org/sniping-insecure-cookies-with-xss/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | app.accounting.com |
|
| Details | Domain | 12 | server.com |
|
| Details | Domain | 4 | breakdev.org |
|
| Details | 1 | myemail@server.com |
||
| Details | 1 | admin@office.pl |
||
| Details | 2 | kuba@breakdev.org |
||
| Details | File | 1 | office.pl |
|
| Details | File | 31 | image.php |
|
| Details | File | 1 | secretcookielog9977.txt |
|
| Details | File | 1 | 'secretcookielog9977.txt |
|
| Details | sha256 | 1 | 79c7d0c479011ca769be91c049dedae8b6e0cdec6c3ec7f652804fe446094b26 |
|
| Details | Url | 1 | https://app.accounting.com |
|
| Details | Url | 1 | http://app.accounting.com |
|
| Details | Url | 1 | http://attacker.ip/image.php?c= |
|
| Details | Url | 1 | http://attacker.ip/image.php |