Learn the concepts of cookies, and how they are used to support web-based authentication and maintain this across a stateless session. Learn about single sign on using the OpenId and SAML protocols.
- [Instructor] Cookies were introduced to the web…in order to support persistent connections…and also to support the ability…to maintain user preferences across sessions.…A cookie is a small piece of text…stored in a SQLite file on a user's computer by the browser.…Let's have a look at where Chrome stores its cookies…on a Windows system.…Digging a little ways down into the User Directory,…we can see the file Cookies.…Let's have a look at the with a SQLite client.…If you don't have an SQLite client loaded,…you can get the DB Browser for SQLite…from the URL shown.…
This is a simple download in Windows Install.…I'll use this to navigate to the Cookie file and open it.…We have just two tables and four indexes.…I can expand the cookie table,…and we see the information held.…The host key, a name, a value, an encrypted value,…and expiry date and some flags.…I'll switch to display data…and we can see our cookies listed,…and there's a lot of them.…Common uses for cookies are authentication,…storing of site preferences, shopping cart items…
Note: The topics in this course will prepare you for key objectives on the Certified Ethical Hacker exam. Find an overview of the certification and the exam handbook at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Dissecting HTTP/HTTPS protocol
- Working with WebSockets
- Understanding cookies
- Installing testing tools such as Hacme Casino and the Vega Scanner
- Running web application tests
- Practicing your skills