top of page
Writer's pictureprashant singh

Session Hijacking Attack and Prevention

Updated: Jun 4, 2018

Session Hijacking:-

It is also known as TCP hijacking or cookie hijacking obtaining a session ID over the network. Once a session has been accessed the attacker that do anything as an authorized user. Session ID is normally stored in cookie and URL.

There are four main methods used to perpetrate a session hijack

Session Fixation, Attacker sending the email with a link that contains a particular session id. The attacker now only has to wait until the user logs in.

Session side-jacking, an attacker uses packet sniffing to read network traffic between two parties to steal the session cookie. Websites use SSL encryption for login pages to prevent attackers from seeing the password, but do not use encryption for the rest of the site once authenticated.

Cross-site Scripting, capture victim’s Session ID using XSS attack by using javascript.

Malware and unwanted programs can use browser hijacking to steal a browser's cookie files without a user's knowledge.



Prevent session hijacking

Encryption of the data traffic passed between the parties by using SSL/TSL

Use of a long random number or string as the session key. This reduces the risk that an attacker could not simply guess the session ID.

Regenerating the session id after a successful login. This prevents session fixation because the attacker does not know the session id of the user after s/he has logged in.

Some services change the value of the cookie with each and every request. This reduces the attacker impact.

The way to prevent session hijacking is enabling protection from client side. Most Time session hijacks from the client side. The users should have an efficient antivirus, anti-malware software, and should keep the software up to date.

93 views0 comments

Recent Posts

See All

Comments


bottom of page