What is a Cookie ?
This gives out analytical information about the user. For example, user preferences, most visited pages, time spent on a particular page, etc. When you get a cookie from a website, it saves particular analytical information about you And then sends it back to the server. If you already have visited the website, it helps the server remember you by its unique cookie.
As of now, cookies can also be used to track what you’re up to online. For example, they are used to show relevant ads to a specific user. If the user has searched for a particular item to be purchased online. Then the particular website shows the ads for particular items.
Why do we require Cookies ?
What is Cookie Stealing ?
When an attacker can gain a hold of your cookie for a particular website, he can pretend to be you. This can result in the exploitation of sensitive data or information about a particular user. If the connection is not secure, the attacker can use a cross-site scripting attack to hijack a session. XSS can also be used to steal cookies. The cookies get saved into the web browser of a user. The cookies not only stay between the web site’s server and web browser of the user but can also travel across the internet. It can bounce from server to server before reaching its destination.
If the cookies are not securely encrypted then an attacker can intercept and use them to pretend to be you for specific websites. Another problem arises that cookies also sensitive information about you. For example, bank details, emails, addresses, etc.
How an attacker steal cookies using Cross-site Scripting attack and Hijack session?
The attacker can essentially send a link to the victim and steal the cookie. For example, if any user has logged into a website and has cookie persistence. Then the attacker can send a link to that same website and the malicious code gets executed in the background. This code returns the cookies to the attacker, which then can be used to hijack the particular session. After hijacking the session the attacker can further exploit sensitive information by pretending to be you. This includes your bank details, credit card details, addresses, etc.
How to defend against Cookie Stealing ?
Secure your connections by installing SSL certificates. If the cookies get stored in plain texts, the attacker can use them directly. Installing SSL certificates would encrypt all your traffic. So, even if the attacker intercepts your network traffic and steals the cookie, they won’t be able to hijack the session because of encryption.