Hack Tool Repository

The tools functionality can be divided into 3 broad categories;

1. Cookie Collection
2. Cookie Analyses
3. Results

CookieDigger performs the following analysis on the cookies collected:

Average Length of the Cookie:
If the average length of the cookie that is used as an authenticator is small then it would take fewer brute force attempts to hijack another users session. On a popular site we can assume many users to be logged in at the same time, therefore the chances of a successful brute force attempt might be high.

Character Set of the Cookie:
The character set employed in the generation of cookie value plays an important role in the entropy of the cookie. For any given cookie length, a large character set increases the strength of the authenticator. If the attacker can determine the character set employed by the application, the brute force attempts can be crafted more efficiently. The combination of the length of the cookie and the character set used determines the strength of the authenticator.

Critical Information:
The tool checks the cookie values set by the application to see if any of the cookies contains the usernames or password values in it. The check is performed on both the plain text value of the cookie and on the base64 decoded value of the cookie. Other common useful information passed in the cookie values are account numbers, names, privilege levels, etc.

Entropy of the Cookies:
The tool compares the different values of the cookie values to check how many characters are changing for every subsequent login. If the cookie value remains the same on subsequent logins, it shows that the algorithm used for generating the cookies is vulnerable to chosen plain text attacks. Furthermore, if the cookie values remain the same on subsequent logins it gives the attacker longer periods of time to perform the brute forces attempts.