In: Computer Science
how you will showcase the impact of session hijacking, session prediction, session fixation, session side jacking, cross-site scripting and illustrate some of the infamous session hijacking exploits to your prospective employer
Social engineering attacks is used to gain access to the system and carry out actions that reveal confidential/secret information of the user. It makes the user break the security procedures and tricks to gain access to the system. There are different types of social engineering attacks such as-
there are three primary methods to obtain a valid session ID:
Most methods focus on session cookies because they are used most commonly to carry session IDs. However, these methods are not limited to cookie hijacking, as many apply equally to session tokens sent in other parts of HTTP requests, such as custom request headers or the request body.
A session ID must be unique and should be hard to guess. That’s why in most cases session IDs are simply long, randomly generated numbers. However, not every developer uses secure, renowned session management libraries. Some decide to generate session IDs themselves and don’t do it too well.
attacks are, in general, all attacks that attempt to guess a valid
session ID (of any user) on the basis of how such IDs are
generated. For example, a developer might decide to use a
base64-encoded Epoch time as a session identifier. Therefore, a
valid session ID would look like
the attacker figures out this algorithm, they can attempt to guess
a valid session token by trying different Epochs and
A brute-force attack could also be considered a form of session prediction. If the session key is short and the web server is not protected against multiple attempts, the attacker may try all possible values one by one until they get one that works.
Session fixation takes place when the attacker generates a valid session ID that has not yet been used and then provides it to the user, who then uses it to authenticate. The attacker must first figure out what format of session IDs is valid and then use social engineering such as phishing or a similar attack technique to trick the user into clicking the login link and providing their credential, thus associating the session ID with the account.
The term session side-jacking is used to describe man-in-the-middle attacks (MITM) that are performed to steal the session. The attacker listens in on the communication between the web server and the client and intercepts valid session IDs.
There are many session side-jacking techniques that rely on different MITM attack techniques. In the simplest case, when traffic is not encrypted, all it takes is a simple sniffer working in the same local network as the client, monitoring network traffic for user’s connections and packet sniffing. This is especially common in the case of public Wi-Fi networks.
If the website or web application uses exclusively encrypted connections, simple session sniffing won’t do, but there are other tricks that may be attempted.
Cross-site Scripting (XSS)
Attackers may also use other methods to obtain session information. For example, they may attempt to infect user computer systems with malware such as trojans. An example of this may be the man-in-the-browser attack, where session identifiers are stolen directly from the user’s web browser.
Defending against Session Hijacking and Similar Attacks
To keep your session IDs safe, follow these rules:
Secure flag for
HttpOnly flag for session cookies.