Skip to main content

Cookie Protection for Avoiding Session Hijacking Attacks - Introduction

When we are developing a web application/web page, session and cookies are the most important factors to handle the user operations as well as provide enough security to the application/page. Attackers are using many ways to attack the web based applications. But most of the time they are using session hijacking to hack the network. Because session hijacking is very easy to do and attacker no need to put his effort to hack that system [permission to the system provided by the session]. So, session/cookie implementation is not only a thing but proper [secure/httponly] cookie/session implementation is needed.

This blog is written to “how to create cookie/session?”, “how to read cookie?”, “what is session hijacking?” and “how to protect the session hijacking?”

What is cookie?

Cookie is a file created by the web servers[here tomcat] to store some data specific to the website [here login app] to track the usage of the website by the user. Specific data/ anatomy of cookie as follows.
  1. Name - Name of the cookie
  2. Value - Value of the cookie
  3. Expiration - how long the cookie can survive?
  4. Path - which path the cookie can be use. [Example facebook cookies can be used only for facebook not for google]
  5. Domain - domain for the cookie. [google/facebook]
  6. Secure flag - ensure the cookie is transmitted over a secure server connection
  7. HTTPOnly - ensure the cookie cannot be accessed by the client side script
These above mentioned attributes are need to implemented properly to avoid the session hijacking.

What is session?

It is a server side storage of information which let the user to do what in their website based on the cookie in the user’s browsers.

How to create cookie?
Cookie <cookie> = new Cookie(<cookie name>, <cookie value>);
<cookie>.setMaxAge(<time in second>);
<cookie>.setPath(<path>);
<cookie>.setDomain(<domain>);
<cookie>.setComment(<comments>);
<cookie>.setSecure(<true/false>);
<cookie>.setHttpOnly(<true/false>);
response.addCookie(<cookie>);

How to read cookie?
<cookie>.getName();
<cookie>.getValue();
<cookie>.getMaxAge();
<cookie>.getPath();
<cookie>.getDomain();
<cookie>.getComment();

What is Session Hijacking?

Attacker compromising the session by stealing the valid session token [session token are cookies] to gain the unauthorized access to the web server. This stealing can be done by 2 ways.


  1. Session Sniffing - Attacker gain the session ID by capturing the traffic. If a session token transmitted from the server to the client browser by using not secure communication [http] then it can be easily captures and used by the attackers.

    Solution : by enabling the secure communication between the server and client browser. [secure flag]
  2. Cross - Site Script Attack - Attacker use some code/script from the client side to get the session ID. If the website is vulnerable for this kind of attack attacker can execute some malicious codes/scripts/payloads into the website by using the client side. The user/victim might visit the website send the relevant session ID to the attacker.

    Solution : by disabling the script function when the server and the client communication. [httponly flag]

Comments

Post a Comment

Popular posts from this blog

What is Google Hacking?

As an ethical hacker we have need to follow some general steps to be a good ethical hacker. Such that steps/stages can be listed as follows. But these steps are not a defined one. We can change them according to our needs. 1    . Reconnaissance – Gathering the information which are having the security vulnerability. 2   . Scanning - Examine/explore a target machine/network for the vulnerability that can be make use to go inside. 3    .Gaining Access – After scanning process make use of the vulnerability and attempt to move inside to the system to exploit. 4    . Maintaining Access – After moved into the machine/network hacker needs to make some backdoor to gain the access again. 5    . Clearing Tracks (unethical) – Clearing the traces of all the activities what they done in their hacking process. 6    . Reporting – End of the ethical hacking process in order to make some notes on the findings, things done in the hacking...
Post a Comment
Read more

Introduction to OAuth

What is OAuth? OAuth is a protocol that allows distinct parties to share information and resources in a secure and reliable manner. OAuth needs to consider the 2 concept to provide the informations in secure and reliable manner. They are authentication and authorization. Authentication -> Validating the person/system who need the information Authorization -> After authentication what action can be performed by the person/system. By maintaining this 2 concept OAuth is providing federated identity and delegated identity. Federated identity -> User can use his/her one application account to login another application. [Example: If a user having Facebook account then he can login Instagram with the same login as Facebook] Delegated identity -> One service can access another service resources. [Example: When creating a Facebook account with eMail address that will suggest the contacts in the eMail to add as friends] Without OAuth With OAuth User ...
Post a Comment
Read more

Hack Windows 2000 by Kali Linux through the Metasploit Framwork

It is a sample documentations to record what I have did to hack Windows 2000 by Kali Linux. ©IT Today
Post a Comment
Read more