Quote:
|
Originally Posted by busyrobot
Secondary question:
This 'steal your cookie by an evil link' thing - does that use special browser HTML/JS/ETC or is it all serverside?
|
A known Internet Explorer bug (read: glaring security hole - still around in 5.5 with all the latest Windows Update patches, not sure about 6) allows you to steal cookies using simple JavaScript - all you'd need is for someone to visit a page laced with the deadly cookie-bewildering toxin and their cookies for ANY domain anywhere can be acquired. The exploit doesn't even need to be visible to the user - the script could be run in the background in a tiny IFRAME and the user would have no idea their cookies had been compromised. A serverside script is often used to record this acquired data, but I'm not aware of any major cross-browser exploits which operate on the serverside alone.
Whether or not this was the method used in this particular situation, I am uncertain. Of course, corrections or clarifications would be welcomed.
(first post in months! hooray!)