The combined attack of Session Hijacking and Session Fixation gives a malicious user full access as an authenticated use.
Web Applications requires Cookies to store temporary data. Sometimes these cookies stores session ID of a logged in user.This enables the user to be uniquely identified by the server till he logs out and the session is being destroyed.
The attack can be represented as follow
- Firefox Browser ( Attacker )
- Comodo IceDragon Browser ( Victim )
- Tamper data ( Firefox Addon )
- This tutorial requires Cookie Stealing Methods. If you dont know about it check my previous post.
"This tutorial should be used for educational purpose only. I won't be responsible if you misuse this techniques and get yourself in trouble.Performing such attacks without the permission of the owner can lead to serious trouble."
Let the attacker user first logs in using his own credentials
Now this is the information displayed about the attacker after logging in
Now the attacker goes to a forum and inject the malicious script
What exactly happen at this level is that the script injected contains a redirection to a cookie stealer script.This cookie catcher script stores the cookie information in a log file and later this log file is used to extract the information about the cookies. After injecting the code the attacker waits for the victim to log and enter the forum.
Now the victim logs in
Now this is the information displayed about the victim after logging in
Once the victim enter the forum page the cookies are retrieved and the page is redirected to the cookie catcher page and the cookie information gets logged in the log file
Now the attacker copies this session ID and manipulates his existing session ID with the hijacked session ID.
And now if the attacker checks the information then he will find that the information of the user will be displayed whose session has been hijacked . That means the attacker has hacked into the account of another user as a authentic user.