Is your Session Hijacked???

Is your Session Hijacked???

Cookie Theft and Session Hijacking

Session hijacking is one of the most common and potentially destructive cookie attacks. Cookies are used for authentication, tracking, maintaining state over stateless HTTP, etc. If a website uses cookies as session identifiers, attackers can impersonate users' requests by stealing a full set of victims' cookies.

Probable Root Cause:

Session hijacking can be caused due to several reasons like predictable token value, insecure transport layer leading to man in middle attack, unencrypted sessions, persistent and cacheable cookies. In addition, cookies are static; they do not change during their lifetime.

Probable Recommendations:

·      For security of sensitive information, ”Secure” cookie attribute must be set and should only be transmitted if the communications channel with the host is a secure one. Servers should use SSL. 


·      To suppress caching of the Set-Cookie header, the origin server should send Cache-control: no-cache="Set-cookie” response header. 


·      To avoid access and manipulation of cookies in the script, the “HTTPOnly” attribute should be set for the cookie 


·      Cookie which is used to store session-id information should not be persistent; “Expires or max age” attribute for the cookie should be set accordingly, so that cookie information is valid only for the session. 


--> Set the “Domain” and “Path” parameters for the cookie correctly. The “domain” attribute sets the cookie to only be sent to the specified domain or subdomain. The “path” attribute tells the browser to only send the cookie to the specified directory or subdirectory. 
Also Visit:
https://www.linkedin.com/in/pradeep-m-s-699a2522/detail/recent-activity/shares/

https://www.linkedin.com/pulse/your-session-hijacked-pradeep-m-s-