Feb 10, 2017
0 0


Written by

Here are some of the most popular session attacks that are currently being used by hackers to exploit session vulnerabilities.

  • Session hijacking: This is when a user’s session  identifier is stolen and used by the attacker to  assume the identity  of the user. The stealing of  the session identifier can be executed several different ways, but XSS is the most common. 

  • Session fixation: This is when an attacker is assigned a valid session identifier by  the  application  and  then  feeds  this  session  to an  unknowing  user. This is usually done with a web URL that the user must click on the link. Once the user clicks the link and signs into the application, the attacker can then use the same session identifier to assume the identity of the user. This attack also occurs when the web server accepts any session from a user (or attacker) and does not assign a new session upon authentication. In this case, the attacker will use his or her own, prechosen session, to send to the victim. These attacks work because the session identifier is allowed to be reused (or replayed) in multiple sessions.
Also read ―> Hacking Web 2.0
  • Session donation: This is very similar to session fixation, but instead of assuming the identity of the user, the attacker will feed the session identifier of the attacker’s session to the user in hopes that the user completes an action unknowingly. The classic example is to feed the user a valid session identifier that ties back to the attacker’s profile page that has no information populated.  When  the  user  populates the form (with  password, credit card info, and other goodies), the information is actually tied to the attacker’s account.
  • Session  ID  in  the  URL:  This  is  when  session  identifiers  are  passed  as  URL parameters during the request and response cycle. If this functionality is present,  an attacker  can feed such  a URL to  the user to  conduct any of the attacks described above.
Like us on facebook ―>Grey Hat Hackers

NOTE: This is for educational purpose only we are not responsible for any type of inconvenience caused by reader.

Leave a Comment

Your email address will not be published. Required fields are marked *