mayjune's Avatar, Join Date: Jun 2009
Invasive contributor
I agree, how does it work?? whats the idea?
P455w0rd_Cr4kz's Avatar, Join Date: Jan 2007
Ambitious contributor
Obviously,the whole point of this exploit is to have your victim visiting the exploited page and steale their cookie session.
It will work perfectly if you send them a convincing message with an eleborated and crafted page link.
I won't o it,but there are plenty websites that inspect source codes from websites for you to view. Look at the source code and check it out.
mayjune's Avatar, Join Date: Jun 2009
Invasive contributor
what if cookie is disabled?
P455w0rd_Cr4kz's Avatar, Join Date: Jan 2007
Ambitious contributor
if they're disabled then you're out of luck. However,it all will depend on the site. Make a search about https/http cookies and regular session cookies,big diference between the two of them.
indiansword's Avatar, Join Date: Oct 2008
Security Expert
I dont think cookies would be disabled for google. Entire google works on cookies. All the google sites work on cookies and they share the same session i.e. google, gmail, orkut etc.