mcanpuneet Posted September 1, 2010 Share Posted September 1, 2010 You can find many tools for changing Session ID in cookie, form bases and many more. You can do this using nay proxy, Http debugger and many more. But if you will not find any tool to decode session id in cookie. In Cookie, Session IDs are normally in form of 1600401588313630099709319853232030099705 which is encoded representation.Is nay one help me to decode this value to get the original session ID.Thanks in AdvanceNebie in Security DomainEmail me Link to comment Share on other sites More sharing options...
cipher Posted September 1, 2010 Share Posted September 1, 2010 the are usually md5 encrypted ,try any hash cracker to decrypt them . 1 Link to comment Share on other sites More sharing options...
Loki Posted September 1, 2010 Share Posted September 1, 2010 you're unlikey to be able to decode a session id hence why hijacking is more common. A cookie stealer then replacing the session id will work, even that assumes that the session id isn't locked to a particular IP etcThere are plenty of specialist sites and papers for this stuff.... Link to comment Share on other sites More sharing options...
Arash.A Posted November 8, 2010 Share Posted November 8, 2010 (edited) you're unlikey to be able to decode a session id hence why hijacking is more common. A cookie stealer then replacing the session id will work, even that assumes that the session id isn't locked to a particular IP etcThere are plenty of specialist sites and papers for this stuff....Hi Would you mind introducting some of these sites and papers? I'm looking for a full tutorial of stealing the coockie and changing session ID.Thnx. Edited November 8, 2010 by Arash.A Link to comment Share on other sites More sharing options...
chickenbutt Posted November 9, 2010 Share Posted November 9, 2010 (edited) Decoding is pointless from all aspects, Apache and IIS don't bind it to IP or host string, the domain owner does it through custom session handling if they even do. PHP and Perl session globals also don't. This is why hijacking is so easy. Even more so on ASP.One of the easiest ways to deface sites is actually through poorly managed sessions on shared host, this is the most popular method among turkish and persian defacement groups who do 20+ sites in a sitting.. No popular forum or CMS software does truly custom handling, it's all CGI globals supplemented by DB. It doesn't take a smart person to develop software and convince companies or organizations to buy it with all these new streamline frameworks. Everyone is an expert in their marketing ^^I developed an easy to use CMS that manually handled sessions and even was efficient on metered hosts, and basically nobody ever used it even though it was free. It's fun to go on security sites and see the domain-caches and bug-trackers of what IS being used sometimes..even more so when the domain just got audited by some notable firm xD Edited November 9, 2010 by chickenbutt Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now