Obtaining and modifying cookies
Cookies are small pieces of information sent by a web server to the client (browser) to store some information locally, related to that specific user. In modern web applications, cookies are used to store user-specific data, such as color theme configuration, object arrangement preferences, previous activity, and (more importantly for us) the session identifiers.
In this recipe, we will use the browser's tools to see the cookies' values, how they are stored, and how to modify them.
Getting ready
Our vulnerable_vm needs to be running. 192.168.56.102 will be used as the IP address for that machine and we will use OWASP-Mantra as the web browser.
How to do it...
Browse to
http://192.168.56.102/WackoPicko
.On Mantra's menu, navigate to Tools | Applicatio n Auditing | Cookies Manager +.
In the preceding image, we can see all the cookies stored at that time, and the sites they belong to, with this add-on. We can also modify their values, delete them, and add new ones.
Select...