0

Is it possible to create a windows application that can read the session cookies of a specific browser tab or of a specific domain, and use that for for example session hijacking by sending the cookie to a malicious user who enters it in his browser?

As I read it, cookies are stored in local files. And if so then it is possible? Or have I missed something here?

Thanks Jihad

Jihad Haddad
  • 592
  • 1
  • 6
  • 19
  • Too broad: not all browsers work in the same way. E.g. whether session cookies are stored on disk is an implementation detail. – MSalters Feb 22 '17 at 08:37
  • OK Fine. But if we take one of the major browsers (Chrome, IE, Firefox) are there any of them where this is possible? – Jihad Haddad Feb 22 '17 at 12:07

0 Answers0