Hacked Session XSRF Attack
In our last post we discussed countermeasures against session hacking. Here we gonna discus one more attack that can be done if session is not protected. Hacked session XSRF attack is combination of session hacking and cross site request forgery(XSRF). Hacked session XSRF vulnerabilities arise where HTTP cookies are used to transmit session tokens. That means once HTTP cookie is set in browser it'll automatically submit that cookie back to application for every request.





0 comments:
Post a Comment