I found a list of problems with PHP sessions you should know about. Of course you can steal a someone's session if you have his session id because it's not IP based.
Maybe unexpected is that you can get this id not only by sniffing traffic but also with XSS by reading out the cookie and loading an image from another server. More surprisingly you can can even force a user to use a session id you already know by sending him a link with a id. The server recognise the id and keep using it. To prevent this just generate a new id during login using session_regenerate_id().
Like it? Share it!
Freitag, 10. Juli 2009
I found a list of problems with PHP sessions you should know about. Of course you can steal a someone's session if you have his session id because it's not IP based.
Maybe unexpected is that you can get this id not only by sniffing traffic but also with XSS by reading out the cookie and loading an image from another server. More surprisingly you can can even force a user to use a session id you already know by sending him a link with a id. The server recognise the id and keep using it. To prevent this just generate a new id during login using session_regenerate_id().
Maybe unexpected is that you can get this id not only by sniffing traffic but also with XSS by reading out the cookie and loading an image from another server. More surprisingly you can can even force a user to use a session id you already know by sending him a link with a id. The server recognise the id and keep using it. To prevent this just generate a new id during login using session_regenerate_id().
PHP Session Security
Abonnieren
Kommentare zum Post (Atom)
Keine Kommentare:
Kommentar veröffentlichen