Random things – session hijacking
Written on 18 March 2017, 11:53am
Two notes about session hijacking methods:
Difference between stored and reflected XSS attack
Stored or persistent XSS attack – relies on user input stored on the server. Best example – a comment in a news site.
Reflected or non-persistent XSS attack – relies on user input sent in the HTTP query parameters. Best example – site search, showing the keyword after search
Play the XSS game: xss-game.appspot.com
In a nutshell, session fixation means that the attacker obtains a legitimate session ID from the server and then it makes the victim browser to use it. See example.
The counter-measures are quite simple:
– do not accept setting a session id via URL/POST parameters
– change session id after user login
– just use HTTPS and secure cookies, it’s 2017 and HTTPS adoption reached the tipping point
Written by Dorin Moise (Published articles: 220)