What is Session Fixation Local Attack Vector Vulnerability?

Session Fixation is a type of attack that allows an attacker to hijack a legitimate user session. The attack investigates a flaw in how the web application handles the session ID, especially the susceptible web application. When authenticating a user, it does not create a new session ID, allowing an existing session ID to be used. The attack entails getting a legitimate session ID (e.g., via connecting to the application), convincing a user to authenticate himself using that session ID, and then hijacking the user-validated session using the used session ID. The attacker must give a valid Web application session ID and attempt to utilize it in the victim’s browser.

The session fixation attack is not a kind of Session Hijacking, in which the established session between the client and the Web Server is stolen after the user checks in. The Session Fixation attack, on the other hand, fixes an existing session on the victim’s browser, so the attack begins before the user signs in.

The attack may be carried out using a variety of approaches, depending on how the Web application handles session tokens. Some of the most prevalent strategies are as follows:

• Session token in the URL argument: The Session ID is supplied to the victim in the form of a hyperlink, and the victim visits the site through the malicious URL.

• Session token in a hidden form field: In this approach, the victim must be duped into authenticating in the target Web Server using a login form created by the attacker. The form might be hosted on the evil web server or in an html-formatted e-mail.

• Session ID stored in a cookie

Example

The steps for the attack employing script execution in the victim’s browser are quite similar to example 1, however in this case, the Session ID appears inside the cookie rather than as an argument of the URL. The attacker might put JavaScript code in the URL that would be performed in the victim’s browser to fix the value of the Session ID in the victim’s cookie.

 http://website.kom/<script>document.cookie=”sessionid=abcd”;</script>

ZOFixer.com security scan helps to find this vulnerability in your software and server, you can easily use it by registering on our website and activating the 30-day trial.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Example

Related Posts

Leave a Comment Cancel Reply