Skip to content

Rundiz/device-cookies-example

BranchesTags

Repository files navigation

Device cookies example

This is an example source code for device cookies in PHP from the OWASP document "Slow Down Online Guessing Attacks with Device Cookies".

This source code is not a ready to work. You have to modify things and implement to match your code & DB.
It is made for testing but you can use it for any purpose under MIT license.

Installation

It is required at least PHP 7.0

Import the .sql file into your database, change configuration in config.php file.

Begin testing

Browse to form.php page and enter email: admin@localhost and password: pass. It should be displaying that you had logged in successfully.

Try again with wrong password until you get lockout.
For more test and information please continue reading on the OWASP page.

Tools

Generate random keys

For generate random secret keys online.
link 1, link 2, link 3

Check length

For checking that generated keys is in the length you want.
link 1, link 2, link 3

About

The example source code of Device Cookies in PHP.

rundiz.com/web-resources/%e0%b8%95%e0%b8%b1%e0%b8%a7%e0%b8%ad%e0%b8%a2%e0%b9%88%e0%b8%b2%e0%b8%87%e0%b9%82%e0%b8%84%e0%b9%89%e0%b8%94-php-device-cookies-%e0%b8%9b%e0%b9%89%e0%b8%ad%e0%b8%87%e0%b8%81%e0%b8%b1%e0%b8%99%e0%b8%81

Topics

security bruteforce brute-force-attacks brute-force bruteforce-attacks device-cookie device-cookies

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages