Making it harder (Session Hijacking)
Filed under: research - custom | Tags: cookie, hijacking, session, sid, stealing, xss |
This is basically an idea that came to me a while ago while got over a XSS vulnerable website, on which I could get hold of the cookie which stored the session identifier…
But firstly, how can a session hijacking take place? Examples based on XSS:
1.The SID is appended in the url, then a simple document.location would help….
2.The SID is stored in the cookie, then what?… document.cookie :-?
But this is not a tutorial about session hijacking, for more info wikipedia or google.
How was I thinking to strengthen the website against SH?
The magic answer: to store an IP per session, so that only the IP that registered the session can take full advantage of it….
Implementation? To easy to print out the code (maybe in a later article).
What would not help? A visitor who has dynamic IP, or an attacker on the same sub network as the victim….
Of course this is just a strengthening technique, you always should secure your website in many ways as possible. I don’t see how a add-on could disadvantage you…
[...] Making it harder (Session Hijacking) (a thought anti Session Hijacking) [...]