I found a list of problems with PHP sessions you should know about. Of course you can steal a someone's session if you have his session id because it's not IP based.
Maybe unexpected is that you can get this id not only by sniffing traffic but also with XSS by reading out the cookie and loading an image from another server. More surprisingly you can can even force a user to use a session id you already know by sending him a link with a id. The server recognise the id and keep using it. To prevent this just generate a new id during login using session_regenerate_id().
Keine Kommentare:
Kommentar veröffentlichen