[thelist] 'Hijacking' sessions

Anthony Baratta anthony at baratta.com
Wed May 24 10:48:23 CDT 2006


Nick...

Are these two sites on the same server?

May - and this is a big maybe - with the session cookie "hash" being passed to the second domain via Query String, you can then manually grab the session file from the temp directory and rebuild anything you need.

Just a wild eye guess, but worth a look?





More information about the thelist mailing list