If someone successfully set up a phishing website on a fake wireless network for say, bankofamerica.com, and lets pretend that SSL was not used, would they be able to run a script on the server that reads the cookie contents of anyone who connected to it (for example, a long-term authentication token)?
Aucun commentaire:
Enregistrer un commentaire