Saturday 17 April 2021

Root Causes of Session Hijacking and Session Fixation and Broken Authentication

Root Causes of Session Hijacking and Session Fixation and Broken Authentication
Question: What is Session Hijacking?
Session hijacking is an attack where a user session is taken over by an attacker.


Question: What are the Root Causes of Session Hijacking?
  1. Guessable session ID
  2. Absence of detection mechanism for “repeated guessing trial” either with brute-force or systematic methods.
  3. Weak cryptography algorithm
  4. Unable to detect repeated guessing trials while there is a mechanism in place
  5. Insecure session handling methods
  6. Limitation of HTTP: the statelessness of the protocol or lack of any inherent or integrated state management mechanism



Question: What is Session Fixation?
Session Fixation is an attack that permits an attacker to hijack a valid user session.

Question: What are the Root Causes of Session Fixation?
  1. Permissive Server: a server that accepts client generated session ID
  2. Session management type in use
  3. Reuse of session identifiers



Question: What is Broken Authentication?
Attacker get authenticated when he attack on Session Data and get success.

Question: What are the Root Causes of Broken Authentication?
  1. Lack of metrics: absence of well-developed metrics
  2. Lack of security knowledge among programmers to apply information and communication security mechanisms to their solutions
  3. Wrong decisions or compromises
  4. Use of self-developed modules instead of well tested and thoroughly analyzed modules for security services such as authentication
  5. Storing user credentials with other application data.
  6. Guessing Attempts: allowing repeated guessing attempts
  7. Lack of security awareness among users.