I'm auditing a web application programmed in CakePHP and I'm having a problem.
I'm almost sure the authentication mechanism is carried by a cookie
but I'm unable to impersonate another user using its cookie.
The probe I do is opening two sessions with two different users (one
in internet explor...
I'm auditing a web application programmed in CakePHP and I'm having a problem.
I'm almost sure the authentication mechanism is carried by a cookie
but I'm unable to impersonate another user using its cookie.
The probe I do is opening two sessions with two different users (one
in internet explor...
[ more ]