How to Bypass Authentication via Authentication Token (Cookie) Manipulation

Author: Jeremy Druin
Twitter: @webpwnized
Description: In this video we bypass authentication by manipulating session authentication tokens found in cookies. The cookies are found and modified using the Cookie Manager+ add-on for Firefox. Mutillidae is a web application with a series of vulnerabilities added on purpose to allow security enthusiast, pen testers, and students to practice attacking a web application. Mutillidae is a free download at Sourceforge. Updates are announced on Twitter @webpwnized. Thank you for watching. Please support this channel. Up vote, subscribe or even donate by clicking “Support” at https://www.youtube.com/user/webpwnized!

The webpwnized YouTube channel is dedicated to information security, security testing and ethical hacking. There is an emphasis on web application security but many other topics are covers. Some of these include forensics, network security, security testing tools and security testing processes. The channel provides videos to encourage software developers and system administrators to perform security testing. Also, the channel educates the next generation of security testers and bug bounty hunters who want to respectfully, legally and ethically help system owners that allow security testing.

Post Author: hatefull