EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Cookie manager for HTTP/HTTPS

Also by EldoS: BizCrypto
Components for BizTalk® and SQL Server® Integration Services that let you securely store and transfer information in your business automation solutions.
#24844
Posted: 05/03/2013 10:22:51
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

my fault, when I start the demo new, the first GET has no cookies.
Thanks

Have a nice evening!
#24848
Posted: 05/03/2013 14:11:46
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Eugene,
I tried to decrypt it with Fiddler2. It works I could find
the https packet where the set-cookies like sessionid ect. are sent from the
server to the client. My assumption was correct, I think.
(see it`s packet 284 in my attachment)

Fiddler is great, but I think I would do also all the Javascripts, right?
Thanks for the info about fiddler.
walter


#24849
Posted: 05/04/2013 00:47:55
by Eugene Mayevski (EldoS Corp.)

Yes, I think you will need to go through JavaScript in order to find where the fields are posted and how they are encoded before being posted (I am sure they are).


Sincerely yours
Eugene Mayevski
#24859
Posted: 05/06/2013 07:18:40
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Eugene,
I have installed fiddler2 and I can see all traffic from IE and Chrome and so on, but not form SBB! I run the HttsClient and did a get to www.eldos.com.
I can see the cookies in the demo , but no traffic was captured in fiddler.

Can you tell me what to do, so that I can capture the normal http traffic at a GET command ?
Thanks
Walter
#24860
Posted: 05/06/2013 07:30:23
by Eugene Mayevski (EldoS Corp.)

I don't know how fiddler works. It's possible that you need to setup the client to through traffic through it somehow. Maybe fiddler documentation will help?


Sincerely yours
Eugene Mayevski
#24861
Posted: 05/06/2013 07:55:18
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Eugene,
the client (= my DEMO SBB) must use the fiddler as proxy.

See: http://fiddler2.com/documentation/Configure-Fiddler/Tasks/ConfigureWinHTTPApp

How can I hook up the SBB with this as proxy?
#24862
Posted: 05/06/2013 08:26:22
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Eugene,
it works with WebTunneling

I have enterd: WebTunnelAddress: 127.0.0.1 WebTunnelPort: 8888
and Set UseWebTunneling to true.

No I can see http and https conect but when I connect to eldos.com fiddler says:

Code
This is a CONNECT tunnel, through which encrypted HTTPS traffic flows.
Fiddler's HTTPS Decryption feature is enabled, but this specific tunnel was configured not to be decrypted. Settings can be found inside Tools > Fiddler Options > HTTPS.

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

Major Version:   3
Minor Version:   1
SessionID:   09 67 7C 14 CA E7 76 9D 4D D2 76 03 2C 51 27 92 46 80 22 ED 67 7C 8B 33 A3 A8 B9 5A 8A 6D AE AB
Random:      51 87 AE 28 80 C1 44 02 B1 F5 05 50 A7 A4 3A BE 57 31 D2 77 84 6A DA 9F 17 07 20 E7 5F C0 E1 BB
Cipher:      TLS_DHE_RSA_WITH_AES_128_SHA [0x0033]
CompressionSuite:   NO_COMPRESSION [0x00]
Extensions:
      none
#24864
Posted: 05/06/2013 08:38:20
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

With RefWorks it works.
I could authenticate with my UserID and Password and got a Success in the XML Response. But all next POSTs failed.
I think I have to set the cookies .

What does the CookieManager, when no DOMAIN cookie is sent from the host?

refWorks has no domain cookie. Will it work too?
#24867
Posted: 05/06/2013 09:32:39
by Eugene Mayevski (EldoS Corp.)

Quote
Walter Schrabmair wrote:
What does the CookieManager, when no DOMAIN cookie is sent from the host?


I have no single idea what you mean by "DOMAIN cookie". Cookies are cookies. Point. There are no DOMAIN or "domain" or any other specific cookies there.


Sincerely yours
Eugene Mayevski
#24869
Posted: 05/06/2013 09:57:09
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Eugene,
I mean that as cookie path there is also a cookie domain like domain cookie = .www.eldos.com

THe Domain cookie is used to increase the counter in Domaincount in the Cookiemanager.

Please check it, you get a domain=.www.eldos.com cookie in the Demo when you get it to www.eldos.com
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 13429 times

Number of guests: 2, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!