Network Security: Detailed info on Re: Whitepaper "SESSION RIDING

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's

from [Florian Weimer] Network Security

[Permanent Link]

Subject:	Re: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's Web Applications"
Date:	Wed, 22 Dec 2004 19:21:38 +0100

* Noah Gray:

1) Most sites use some form of Session Expiration. The whole of this paper
assumes the when the user is attacked, they are still logged in, and have a
valid session cookie intact. In reality, this attack is only useful while a
user is logged in, and shortly thereafter. Which, while being very plausible
in intranet application, is unlikely in internet applications, except in
focused attacks.


Not true if you attack web-based email services. 8-) There are rumors
that some of them are vulnerable, and they make very interesting
targets these days.

Other than that, this is very plausible attack that I would agree hasn't
received enough attention. I would also add that in the case of the img tag
in the email, an iframe could also be used, similar to recent viruses. It
needn't even be visible.


A style sheet link has been reported to work as well, even in clients
that don't retrieve external images.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RE: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's Web Applications", Noah Gray RE: Whitepaper "SESSION RIDING - A Widespread Vulnerability in Today's Web Applications", Thomas Schreiber Re: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's Web Applications", Ben Timby Re: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's Web Applications", Florian Weimer <=

Previous by Date:	Re: Whitepaper "SESSION RIDING - A Widespread Vulnerability in Today's Web Applications", Florian Weimer
Next by Date:	Re: Obfuscation of JSPs?, Dave Ockwell-Jenner
Previous by Thread:	Re: Whitepaper "SESSION RIDING - A Widespread Vulnerability in To day's Web Applications", Ben Timby
Next by Thread:	Critical New Web Application Vulnerability Alert BOB23203115, Arian J. Evans
Indexes:	[Date] [Thread] [Top] [All Lists]