mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
878 B
878 B
Cookie Bomb
{{#include ../../banners/hacktricks-training.md}}
Cookie bomb
involves adding a significant number of large cookies to a domain and its subdomains targeting a user. This action results in the victim sending oversized HTTP requests to the server, which are subsequently rejected by the server. The consequence of this is the induction of a Denial of Service (DoS) specifically targeted at a user within that domain and its subdomains.
A nice example can be seen in this write-up: https://hackerone.com/reports/57356
And for more information, you can check this presentation: https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26
{{#include ../../banners/hacktricks-training.md}}