This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I am able to see cookies in http connection. I would like to know if the same is possible in https connection. Stealing cookies in http connection is quite useless and vague.Instead it would be quite useful if the same is visible for http(s) connection. Is there any way to view cookies in https connection and steal the session is from it

asked 13 Aug '14, 05:10

tanu's gravatar image

tanu
1222
accept rate: 0%

Stealing cookies in http connection is quite useless

I don't agree with that. If I'm able to get your session cookie, transmitted via HTTP, I could be able to impersonate your session to the server (depends on some security measures within the web application).

That's way better than 'useless' to me ;-))

(13 Aug '14, 05:39) Kurt Knochner ♦

In general, no as that's the point of using an encrypted transport layer (SSL\TLS), all the transported data (i.e. http) is encapsulated by the encryption.

However, there are known methods of defeating SSL\TLS, e.g. MITM attacks so using one of those will allow the plain text HTTP to be recovered and the cookies viewed.

permanent link

answered 13 Aug '14, 05:15

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

edited 13 Aug '14, 05:15

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×69
×9

question asked: 13 Aug '14, 05:10

question was seen: 5,801 times

last updated: 13 Aug '14, 05:39

p​o​w​e​r​e​d by O​S​Q​A