WireShark Analysis of Cookie Forms
- Analyzed one of the pages at leslienate.tech with wireshark
- To isolate the packets sent to/from leslienate.tech We Used the filter for host name, which is contained in the header of http request
- Contained in these packets is a lot of things, the ones we're familiar with are the TCP protocol and the HTTP protocol
- The TCP protocol contains the port numbers sent and received from, acknowledgement flags [ACK, SYN, FIN, etc.], a sequence number with a randomly generated starting point and a payload among a few other things
- The HTTP Protocol contains the host name, the method (POST, GET, PUT, PATCH, DELETE), content-type and cookies among a few other things.
- It was interesting to see the cookies change as it lagged one behind each form submission and persisted between refreshes
- The form data being submitted was also visible in the HTML Form URL encoded at the bottom.