What is cookie poisoning?
Cookie poisoning is an attempt by an unauthorized person to access and control aspects of the data in a cookie, usually to steal a user's identity or financial information. Many different types of hacking that focus on getting data from cookies can be referred to as cookie poisoning, including theft of passwords, credit card numbers, or other identifiers stored in cookie files.
The elements in a cookie that are subject to cookie poisoning are often referred to as parameters. Successful attempts at cookie poisoning identify the parameters that contain useful information, e.g. B. Selecting a credit card number from a transaction that also includes elements such as session ID, timestamp, and other information about purchases.
The general procedure for securing data against cookie poisoning involves encrypting the requests or transactions. Various services can help clients and end users encrypt sent data so that it is no longer transparent to those who can use cookie poisoning.