What is Session Hijacking?
Session Hijacking attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token. It is also known as cookie hijacking is the exploitation of a valid computer session — sometimes also called a session key — to gain unauthorized access to information or services in a computer system.
What are Cookies?
We use Internet in our day-to-day lives and access it with the help of the Browser. With every website, and every other information we scroll and see via Internet through the Browser, the browser saves some information regarding the Websites a user scroll which can be text and other type of information. These “text” can be User ID, User Information, Session ID etc. which are stored in the Device where the Browser is working. Websites are only allowed to look at their own cookies and not others. These Cookies also stores : Your login state, stored preferences on websites etc.
What are Sessions?
Session is a term used for defining a time-stamp of any authenticated access control which is a key-value pair data structure. Every authenticated session would be having a Session ID which differentiate them from every other Sessions. By default, a session lasts until there’s 30 minutes of inactivity. For a single user application, there will be only one session not more than that.
Relation of Cookies and Sessions
When we any web page from a Web Server, along with the web page content, the Web Server also sends information of the Session through the form of a Cookie for the session ID which will identify the connection with the Web Server among all the connections coming towards the Web Server. If there is a PHP webpage, there will be a PHP SESSIONID, if its a ASP then it will be ASP SESSIONID and same goes for others.
There will be a Web Application having authentication functionality. The Attacker will use DOM Based XSS functionality which will leads to stealing the Cookie having Session ID.
Attacker will create a PHP Code for stealing and saving the Session Details into it.
Further by changing and manipulating the Session ID, the Attacker will get access into the account of other User.
Further a Attacker can check the Session ID of itself by Advanced Cookie Manager. After finding out the Session ID of the Attacker, with the help of same code only, the Attacker will redo all the steps but this time for getting the Session ID of the Victim.
By this way the session hijacking is carried on.