Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    New Coder
    Join Date
    Jul 2007
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Session hijacking

    Hi,

    Can anyone help me what does session hijacking means, and how to use it..

    thanks,
    deva

  • #2
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    Every session has an encrypted session ID stored in the cookie or in the URL if cookies can't be used. If that session ID is stolen, for example from the URL, someone can potentially use it to send requests to your script and pose as the person who originally started the session.

    So if Secretary Rice logged into the NSA's satellite positioning website using a session, and Habib was able to steal that session ID and use it while sending requests to the website using his own browser, the website would think it was Condalisa and would allow Habib to reposition all of the free world's satellites, thereby interrupting communication and plunging the free world into anarchy and chaos. Airplanes falling from the sky, the earth opening up and swallowing entire cities, mountains becoming valleys and valleys becoming mountains, floods famines, locusts, frogs, etc.etc.etc.

    But you're just asking for educational purposes, right? You're not going to destroy the free world with your knowledge, are you?

  • #3
    New Coder
    Join Date
    Jul 2007
    Posts
    32
    Thanks
    0
    Thanked 0 Times in 0 Posts
    LoL I Would Like To Know How To Do This To Access Other Peoples Accounts On A Game! Where Could I Learn To Do This?

  • #4
    Senior Coder rafiki's Avatar
    Join Date
    Aug 2006
    Location
    Floating around somewhere...
    Posts
    2,043
    Thanks
    19
    Thanked 42 Times in 42 Posts
    Quote Originally Posted by birdbrain24 View Post
    LoL I Would Like To Know How To Do This To Access Other Peoples Accounts On A Game! Where Could I Learn To Do This?
    Wow you really do live up to your name, nobody here is going to help you hack somebodys account on anything, maybe you should just get banned!!

  • #5
    Banned
    Join Date
    Apr 2007
    Posts
    428
    Thanks
    29
    Thanked 5 Times in 5 Posts
    Quote Originally Posted by Fumigator View Post
    Every session has an encrypted session ID stored in the cookie or in the URL if cookies can't be used. If that session ID is stolen, for example from the URL, someone can potentially use it to send requests to your script and pose as the person who originally started the session.

    So if Secretary Rice logged into the NSA's satellite positioning website using a session, and Habib was able to steal that session ID and use it while sending requests to the website using his own browser, the website would think it was Condalisa and would allow Habib to reposition all of the free world's satellites, thereby interrupting communication and plunging the free world into anarchy and chaos. Airplanes falling from the sky, the earth opening up and swallowing entire cities, mountains becoming valleys and valleys becoming mountains, floods famines, locusts, frogs, etc.etc.etc.

    But you're just asking for educational purposes, right? You're not going to destroy the free world with your knowledge, are you?
    i've noticed you guys here don't even like to talk about sessions itself, and not to mention about session hijacking. i don't get it, in order to do that you need to know A LOT about a LOT of stuffz, so no need to be paranoid instantly

  • #6
    New Coder
    Join Date
    Jul 2007
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi Fumigator.. you do not need to panic.. i just liked to gather information, and it was only for education purpose.. though your comments helped me to gain a brief knowledge about the subject..


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •