Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-21 20:23:18 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #530 from TalebQasem/patch-69

Browse source 
Update cookie-bomb.md
This commit is contained in:
Carlos Polop 2022-10-17 01:04:12 +02:00 committed by GitHub
commit 626eeae7ba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pentesting-web/hacking-with-cookies/cookie-bomb.md
View file

@ -17,11 +17,11 @@
</details>
A cookie bomb is basically the capability of **adding a large number of big cookies to a user** for a domain an its subdomains with the goal that the victim will always **send very big HTTP requests** to the server (due to the cookies) that the **server won't accept the request**. Therefore, this will cause a DoS over a user in that domains and subdomains.
A cookie bomb is the capability of **adding a large number of large cookies to a user** for a domain and its subdomains with the goal that the victim will always **send large HTTP requests** to the server (due to the cookies) the **server won't accept the request**. Therefore, this will cause a DoS over a user in that domain and subdomains.
A nice **example** can be seen in this write-up: [https://hackerone.com/reports/57356](https://hackerone.com/reports/57356)
And for more information you can check this presentation: [https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26](https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26)
And for more information, you can check this presentation: [https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26](https://speakerdeck.com/filedescriptor/the-cookie-monster-in-your-browsers?slide=26)
<details>