Account Options Sign in. Top charts. New releases.
We have a thorough belief that it is best enjoyed with friends, and the best way to do that is through our micro-hosting platform. Download the Leet Management app for your phone to get instant access to your server's configuration. Available on both Android and iOS.
Results: Exact: Elapsed time: 21 ms.
We recently migrated our community to a new web platform and regretably the content for this page needed to be programmatically ported from its previous wiki page. The Session Hijacking attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token. The most useful method depends on a token that the Web Server sends to the client browser after a successful client authentication. A session token is normally composed of a string of variable width and it could be used in different ways, like in the URL, in the header of the http requisition as a cookie, in other parts of the header of the http request, or yet in the body of the http requisition. The Session Hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server. The attacker can compromise the session token by using malicious code or programs running at the client-side. The example shows how the attacker could use an XSS attack to steal the session token.