A1:2021 | Hijack a Session (1) | Cycubix Docs
Concept
Application developers who develop their own session IDs frequently forget to incorporate the complexity and randomness necessary for security. If the user specific session ID is not complex and random, then the application is highly susceptible to session-based brute force attacks.
Goals
Gain access to an authenticated session belonging to someone else.
Last updated