This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

cookie stealing in https

0

I am able to see cookies in http connection. I would like to know if the same is possible in https connection. Stealing cookies in http connection is quite useless and vague.Instead it would be quite useful if the same is visible for http(s) connection. Is there any way to view cookies in https connection and steal the session is from it

asked 13 Aug '14, 05:10

tanu's gravatar image

tanu
1222
accept rate: 0%

Stealing cookies in http connection is quite useless

I don't agree with that. If I'm able to get your session cookie, transmitted via HTTP, I could be able to impersonate your session to the server (depends on some security measures within the web application).

That's way better than 'useless' to me ;-))

(13 Aug '14, 05:39) Kurt Knochner ♦

One Answer:

0

In general, no as that's the point of using an encrypted transport layer (SSL\TLS), all the transported data (i.e. http) is encapsulated by the encryption.

However, there are known methods of defeating SSL\TLS, e.g. MITM attacks so using one of those will allow the plain text HTTP to be recovered and the cookies viewed.

answered 13 Aug '14, 05:15

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

edited 13 Aug '14, 05:15