The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

out is, or whether a token can still be used days after the last request

Download 5,76 Mb.

Pdf ko'rish

bet	357/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 353 354 355 356 357 358 359 360 ... 875

Bog'liq
3794 1008 4334

out is, or whether a token can still be used days after the last request

using it. Burp Intruder can be configured to increment the time inter-

val between successive requests, to automate this task.

■

Determine whether a logout function exists and is prominently made

available to users. If not, users are more vulnerable because they have

no means of causing the application to invalidate their session.

■

Where a logout function is provided, test its effectiveness. After logging

out, attempt to reuse the old token and determine whether it is still

valid. If so, users remain vulnerable to some session hijacking attacks

even after they have “logged out.”

Client Exposure to Token Hijacking

There are various ways in which an attacker can target other users of the appli-

cation in an attempt to capture or misuse the victim’s session token:

■■

An obvious payload for cross-site scripting attacks is to query the user’s

cookies to obtain their session token, which can then be transmitted to

an arbitrary server controlled by the attacker. All of the various permu-

tations of this attack are described in detail in Chapter 12.

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 353 354 355 356 357 358 359 360 ... 875