Actually, since I desire to read everyone's sessions let's take a look at how easy it would be to open up a rails 2 session with the default options. Let's start with a cookie that I copied straight from a rails app.
BAh7CToOcmV0dXJuX3RvMDoMY3NyZl9pZCIlMGFlNGM2N2NiMjBhZWNiMGIy%250AOWQxZjNiYzExNWY5YjI6CXVzZXJpByIKZmxhc2hJ
QzonQWN0aW9uQ29udHJv%250AbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsGOgtub3RpY2UiG0xvZ2dlZCBpbiBz%250AdWNjZXNzZnVsb
HkGOgpAdXNlZHsGOwlU--87ab0b1e092388efc814a06d932c0e9258bf2844
Now let's take a very minimal ruby script and have it bust this cookie wide open.
1 2 3 4 |
require 'base64' cookie = ARGV[0] puts Base64.decode64(cookie) |
\004\b{\t:\016return_to0:\fcsrf_id"%0ae4c67cb20aecb0b2\333\235\0009d1f3bc115f9b2:\tuseri\a"\n
flashIC:'ActionContro\333\235\000ller::Flash::FlashHash{\006:\vnotice"\eLogged in s\333\235\000uccessfully\006:\n
@used{\006;\tT\363\266\233\321\275^\323\335\267\363\307\237s\315xkN\235\367}\234\321\357v\347\306\337\333\3168
Now you can see that we can read the contents of this cookie. You can see that this particular app isn't storing any sensitive data, but imagine if it were. Not the best of news for those of you who didn't know this already. Now this is the part of the informercial where I say "But Wait! If you act now..." and explain that this problem can be solved rather easily. I will cover creating an encrypted cookie store for your rails app in a follow up to this article. It will most likely come in the form of a plugin sometime soon.
Sorry, comments are closed for this article.