Stay Logged In
Checkbox labeled something like "Remember me" or "Keep me logged in".
Some websites generate the "remember me" cookie based on a predictable concatenation of static values, such as the username and a timestamp. Some even use the password as part of the cookie.
Bruteforce - Payload processing: hash md5, add prefix, base64 encode
Don't forget to clear the session cookie, only use the "remember me" cookie
Interesting Books
Interesting BooksDisclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.
The Web Application Hacker’s Handbook The go-to manual for web app pentesters. Covers XSS, SQLi, logic flaws, and more
Bug Bounty Bootcamp: The Guide to Finding and Reporting Web Vulnerabilities Learn how to perform reconnaissance on a target, how to identify vulnerabilities, and how to exploit them
Real-World Bug Hunting: A Field Guide to Web Hacking Learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery.
Support this Gitbook
I hope it helps you as much as it has helped me. If you can support me in any way, I would deeply appreciate it.
Last updated