> For the complete documentation index, see [llms.txt](https://sarpers-organization.gitbook.io/ctftricks/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://sarpers-organization.gitbook.io/ctftricks/_chapter-intro-6/credentials/filesystem-search/trick-0162.md).

# Credential Discovery In Httpie Session

***

HTTPie stores session information, potentially including credentials, in JSON files within the user's home directory. HTTPie stores sessions on disk unencrypted in a JSON file. Sensitive information like credentials could be stored in these session files.

Check paths following this pattern:

`/home/<user>/.config/httpie/sessions/<host>:<port>/<session_name>.json`

Sessions store cookies, authentication, and custom headers. Use `cat` or a text editor to inspect the file content for usernames, passwords, or other authentication details. This unencrypted storage of sensitive information is related to CVE-2022-24737 / GHSA-9w4w-cpc8-h2fq.

```bash
cat /home/<user>/.config/httpie/sessions/<host>:<port>/<session_name>.json
```
