From 4d879dd633af0de1cee45b4feceaca5adfd95f28 Mon Sep 17 00:00:00 2001 From: Taleb Qasem <97813742+TalebQasem@users.noreply.github.com> Date: Wed, 12 Oct 2022 08:05:30 +0600 Subject: [PATCH] Update cookie-bomb.md --- pentesting-web/hacking-with-cookies/cookie-bomb.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pentesting-web/hacking-with-cookies/cookie-bomb.md b/pentesting-web/hacking-with-cookies/cookie-bomb.md index a71bc5c8a..b46a6518a 100644 --- a/pentesting-web/hacking-with-cookies/cookie-bomb.md +++ b/pentesting-web/hacking-with-cookies/cookie-bomb.md @@ -17,11 +17,11 @@ -A cookie bomb is basically the capability of **adding a large number of big cookies to a user** for a domain an its subdomains with the goal that the victim will always **send very big HTTP requests** to the server (due to the cookies) that the **server won't accept the request**. Therefore, this will cause a DoS over a user in that domains and subdomains. +A cookie bomb is the capability of **adding a large number of large cookies to a user** for a domain and its subdomains with the goal that the victim will always **send large HTTP requests** to the server (due to the cookies) the **server won't accept the request**. Therefore, this will cause a DoS over a user in that domain and subdomains. A nice **example** can be seen in this write-up: [https://hackerone.com/reports/57356](https://hackerone.com/reports/57356) -And for more information you can check this presentation: [https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26](https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26) +And for more information, you can check this presentation: [https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26](https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26)