Session hijacking attack
The session hijack attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token.
Because a http communication use many different TCP connection, the web server need a method to recognize every user’s connections. The most useful method in use, depends on a token that the Web Server send to the client browser after a successful client authentication. A session token is normally composed by a string of variable width and it could be used indifferent ways, like: in the URL, in the header of the http requisition as a cookie or in the other parts of the header of the http request or yet in the body of the http requisition.
The Session Hijacking attack compromise the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server.
The session token could be compromised in different ways, the most common are:
• Predictable session token;
• Session Sniffing;
• Man-in-the-middle attacks.
Likelihood of exploitation
In the example as we can see, first the attacker uses a sniffer to capture a valid token session called “Session ID”, then he uses the valid token session to gain unauthorized access to the Web Server.
Figure 2. Manipulating the token session executing the session hijacking attack.
Cross-site script attack
Figure 3. Code injection.
Other Examples The following attacks acts intercepting the information exchange between the client and the server