1. Session setup:
First, the attacker either sets up a so-called “trap session” on
the target server and obtains that session’s ID, or selects a – usually arbitrary
– session ID to be used in the attack. In some cases, the established trap
session needs to be maintained (kept alive) by repeatedly sending requests
referencing it to avoid idle session timeout.
2. Session fixation:
Next, the attacker needs to introduce her session ID to the
user’s browser, thereby fixing his session.
3. Session entrance:
Finally, the attacker has to wait until the user logs in to
the target server using the previously fixed session ID and then enter the
user’s session.
Posts
No comments:
Post a Comment