Hello Everyone, I hope everyone is doing great. In this write-up I am going to explain about a simple vulnerability/bug/logical-issue. It happens due to poor authorisation configuration. I will not be explaining how I found the bug or what are the steps, Here I am just going to explain you about the impact, and how hackers/attackers can steal one’s session cookies.
Impact: The impact of sessions not expiring after users log out can be severe, leading to potential security breaches and privacy violations. Attackers can gain unauthorized access to users’ accounts and sensitive data, resulting in financial loss, identity theft, and reputational damage. Additionally, active sessions consume server resources, leading to performance issues that can negatively impact the application’s scalability, user experience, and revenue. Therefore, ensuring that sessions expire after log-out is critical to prevent unauthorized access, maintain performance, and protect users’ data and privacy.
How Attackers/Hackers can steal the session cookies?
I understand Mike, to accept the bug as valid, there must be a way for attackers to get the session cookies of the victim, Here are the possible ways how they can access the session cookies.
1. Session Hijacking: This attack involves stealing an already established session cookie from a user’s browser. It can be done by eavesdropping on unsecured networks or using malware to extract the cookie from the victim’s computer.
2. Man-in-the-Middle (MitM) Attack: In this type of attack, the hacker intercepts traffic between the victim and the website, allowing them to view and steal session cookies.
3. Session Sniffing: In this type of attack, a hacker captures network traffic to intercept and steal session cookies as they are transmitted over the network.
Thanks For Reading.