hi everyone. i'm writing a thesis on Facebook Connect implementation
and on its vulnerability issues.
Since its for educational purpose,it's important for me to simulate a side jacking attack. i've used
this configuration: one vbox guest machine (WinXP) acting as client
and one vbox host machine (openSuse) acting as connection gateway (on
wich Wireshark is sniffing packets).

- on the guest machine, after having flushed cookies and browser
history, i have shared a youtube video on my fb profile through fb
connect, while on host i've recorded network traffic. after that, i
just closed the browser (not logged out), moved to host, filtered
traffing for packets that contains http cookies related to user
session.
- After that, i've tried, on host, to share a YT video on FB using
these captured cookies. for that purpose i've used Cookie Manager+ ff
extension. anyway, this trick doesn't work and my credential (even not
my name, but my password yes) are still needed.
i'm sure that i can use cookies usefully, but i don't know how
practically.
I'd like to know from you which cookies have to be injected and also whic other part of
the request (e.g. querystring) have to be inserted, so that this attack is effective?
i've tried other tools (Firesheep ,py-cookieJsInjection, Hamster and Ferret) that help to make straightforward this process, but none of these helped.
thanks
Luke
asked
28 May '11, 10:06
lordluke80
1●1●1●1
accept rate:
0%