XSS attacks can be used to hack cookie information. Following code is demonstrates simple steps to hack unprotected cookie values.
Create Javascript file “getMe.js” with just one line
alert(document.cookie);
Create hackMe.htm file as shown
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <HTML> <HEAD> <TITLE>A document with SCRIPT</TITLE> <META http-equiv="Content-Script-Type" content="text/tcl"> <SCRIPT type="text/javascript" src="http://someHost/myDir/getMe.js"> </SCRIPT> </HEAD> <BODY> </BODY> </HTML>
Now you can use hackme.htm to perform XSS attack.
To protect cookie attacks set HttpOnly flag to true as shown.
MyCookie = Request.Cookies("MyID") if MyCookie is Nothing then MyCookie = New HttpCookie("MyID") MyCookie.HttpOnly = true Response.AppendCookie(MyCookie) end if MyCookie.Value = sAppId & sSessionId Response.Cookies.Set(MyCookie)Or
Response.Cookies("MyID") = “MySecId” Response.Cookies("MyID").HttpOnly=true
You can get more info -
http://en.wikipedia.org/wiki/HTTP_cookie
http://www.codinghorror.com/blog/archives/001167.html
