Session Hijacking in practice

回眸只為那壹抹淺笑 提交于 2019-12-04 02:48:28

Forging a cookie is trivial. As mentioned by Klaus, you can do it right out of your browser.

Here's a practical example of how this could be exploited:

  • You login to your banking site
  • Banking site puts a session ID into a cookie, say 123456
  • Your browser sends the session ID to the server on every request. The server looks at his session store and recognizes you as the user who logged in a little while ago
  • I somehow gain access to your cookies, or I sniff one of your HTTP requests (impossible with SSL), and find out your session id: 123456
  • I forge a cookie for your banking site, containing the session ID
  • Banking site recognizes ME as you, still logged in
  • I transfer all your funds to my secret account in Switzerland and buy a ridiculously large boat

Of course, in practice there will be more security on high profile sites (for instance, one could check that a session ID never transfers to another client IP address), but this is the gist of how session hijacking works.

If you use firefox there is a plugin called TamperData that lets you change the values of everything that is sent to a server. So if I could read your session cookie, I could basically just go to that site with my firefox and use tamperdata to send it your session cookie value instead of my own, thus hijacking your session.

/Klaus

The internet isn't a magical black box that can only be utilized by browsers in the way the site wants you to.

You can edit your cookies or POST data or GET session variables, or write a simple script to do it. In the end all you're doing is sending HTTP requests and substituting your session data with whatever you want.

Would you have to tamper with your browser to make use of the stolen cookies?

You could, but it would probably be easier just to type javascript:document.cookie='stolencookie=somevalue' in the address bar whilst viewing a page from the target site.

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!