Attacks described in this section all are concerned with accessing some confidential information on the client side. I look at cookie, history, file, and clipboard stealing attacks as well as attacks that are able to obtain information about protected internal network topology and phishing.
Cookies are pieces of data that is being sent by the server to be stored on the client for retrieval at a later time. Cookies are primarily used to allow for tracking of the client across multiple request/response cycles. Cookies, according to the same origin security policy, can only be retrieved by the server that sets them. As a result, web servers are not able to read cookies from other domains. Cookies themselves are not likely to represent an attack vector on the web client. However, they are a high value target for attackers, as a cookie with its purpose of identifying the client would help with attempts hijack a session and impersonate a client. Web mail clients, for instance, utilize cookies to identify a user at a later time, so the user does not have to provide their credentials each time they would like to access their mail. If an attacker can access the cookie, unauthorized access to the mail account could be obtained as demonstrated recently Perry at Defcon and Graham with SideJacking with Hamster.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.