In our last post we discussed countermeasures against session hacking. Here we gonna discus one more attack that can be done if session is not protected. Hacked session XSRF attack is combination of session hacking and cross site request forgery(XSRF). Hacked session XSRF vulnerabilities arise where HTTP cookies are used to transmit session tokens. That means once HTTP cookie is set in browser it'll automatically submit that cookie back to application for every request.This purely states that if application does not take precautions against misuse of tokens it will be not be only vulnerable to session management attack but also to XSRF attack and when both will be combined a more stronger attack can be performed. Exploiting this vulnerability is easy, have a look on following steps.
- Find vulnerable website.
- Find application which performs action without user's knowledge.
- Now create a HTML page that will perform desired action by application without interacting with user to set cookie. Use PHP or Java script to perform desired action.
The very first step countermeasure to this attack is same as countermeasures against session management attacks. If you are reading this post for very first time you are requested to read our previous posts on session hacking and XSRF to understand attack thoroughly. In next post to this we will have our look on preventive measures against XSRF attacks. Till then thanks for reading, have a nice time and keep visiting.