Skip to content
/ session-replay Public

A threat actor may re-use a stolen or leaked session identifier to access the user's account

License

AGPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qeeqbox/session-replay

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
session-replay.drawio
session-replay.drawio
 
 
session-replay.png
session-replay.png
 
 

Repository files navigation

A threat actor may re-use a stolen or leaked session identifier to access the user's account.

Example #1

  1. Threat actor obtains a valid session identifier and does not use it immediately
  2. Threat actor re-using the same session identifier to gain unauthorized access to a victim's account

Example #2

  1. Bob submits a request to buy an item from a vulnerable website
  2. Threat actor finds the request and tricks bob into re-submitting it
  3. The vulnerable website receives both requests with the same session identifier and processes them

Impact

Vary

Risk

  • gain unauthorized access

Redemption

  • Identity confirmation
  • Regenerate session ids at authentication
  • Timeout and replace old session ids
  • Store ids in HTTP cookies

ID

fe0561ad-6ce7-4cf3-a229-eb136ad1f919

References

About

A threat actor may re-use a stolen or leaked session identifier to access the user's account

Topics

visualization metadata example session vulnerability replay qeeqbox infosecsimplified

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Sponsor this project

 
Learn more about GitHub Sponsors