Thursday 8 August 2019

BigIP cookie decode available in chrome extensions

In order to  set a persistence value for  http transmissions, a cookie value is typically set in   the http.response from the server to client via a cookie header.



e.g  ( a typical  encrypted cookie)

Set-Cookie: pSocl=!UST2rduOVFooxhc5HPwDsEGFTpBTV2uQlX8cNvAz4fXrXYow5ViH/BsvUy+25R/9oxlME0KP9bSc; path=/

This value is encrypted via the cookie profile and passphrase used under the F5 VirtualServer or via a iRule.

You can use  the unix cmd curl and with the verbose output and see if the "Set-Cookie:"  value is  encrypted or  via chrome , it has a simple extensions that can be used  on the chrome browser

e.g


And by execution of the  extension on the toolbar if your cookie details are note encrypted you will get the address and node details

If it's encrypted, you will see nah nah nah nah

( encrypted cookies )
Not encrypted

Yes it's that simple to  check for  cookie that are encrypted or not via the chrome extension.


No comments:

Post a Comment

iRule

  iRule: -- o iRule is a powerful and flexible feature within the BIG-IP local traffic management (LTM). o IRule is a powerful & flexibl...