Y
Hacker News
new
|
ask
|
show
|
jobs
by
rixed
482 days ago
Couldn't the content of that cookie be used to validate its actual age? Like, just signing the date of generation?
2 comments
immibis
481 days ago
That's probably what it was. So they accessed some page over and over, pretending to not have the cookie yet, got a bunch of cookies, and 9 days later, used them to bypass captchas.
link
gruez
482 days ago
...or generate a bunch and wait 9 days?
link