As the name suggests, Session Hijacking involves the exploitation of the web session control mechanism. The attacker basically exploits vulnerable connections and steals HTTP cookies to gain unauthorized access to sensitive information/data stored in web servers.
These attacks, also known as Cookie Hijacking or TCP Session Hijacking, can be performed in a variety of techniques. The main ones include:
The illustration above demonstrates a classic session sniffing situation. Also known as session sidejacking, this is extremely common at places with unsecure WiFi hotspots (coffee shops, restaurants, airports, etc). The network owner, who can potentially be the attacker, can easily hijack the session by intercepting the traffic from the various nodes.
Before diving into remediation and mitigation techniques, it’s important to determine the susceptibility. If a work network is using old unencrypted protocols such as Telnet, FTP or DNS, the chances of being hacked are extremely high. Common hacking tools such as Juggernaut and Hunt can also be used to determine the session’s immunity.
The most effective countermeasure network-level session hijacking is to pick encrypted transport protocols that enable secure connections. The most commonly recommended protocols today are Secure Shell (SSH), Secure Socket Layers (SSL) and Internet Protocol Security (IPSec). These ensure the session key goes through secure information tunnels.
CxSAST scans the application code and lets the user know what kind of protocol has been implemented. This is useful in complex development environments where third-part and open source components are often used without appropriate scrutiny. Once the whole application is scanned and tested, session hijacking risks fall significantly.
Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.
Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.