Files
webgoat
main
project
JavaSource
WebContent
META-INF
WEB-INF
css
database
images
javascript
lesson_plans
AccessControlMatrix.html
BackDoors.html
BasicAuthentication.html
BlindSqlInjection.html
BufferOverflow.html
CSRF.html
ChallengeScreen.html
ClientSideFiltering.html
ClientSideValidation.html
CommandInjection.html
ConcurrencyCart.html
CrossSiteScripting.html
DBCrossSiteScripting.html
DBSQLInjection.html
DOMInjection.html
DOMXSS.html
DOS_Login.html
DangerousEval.html
Encoding.html
FailOpenAuthentication.html
ForcedBrowsing.html
ForgotPassword.html
HiddenFieldTampering.html
HowToWork.html
HtmlClues.html
HttpBasics.html
HttpOnly.html
HttpSplitting.html
InsecureLogin.html
JSONInjection.html
JavaScriptValidation.html
Lesson_Plan_Template.html
LogSpoofing.html
MultiLevelLogin1.html
MultiLevelLogin2.html
NewLesson.html
PasswordStrength.html
PathBasedAccessControl.html
Phishing.html
ReflectedXSS.html
RemoteAdminFlaw.html
RoleBasedAccessControl.html
SQLInjection.html
SameOriginPolicyProtection.html
SessionFixation.html
SilentTransactions.html
SoapRequest.html
SqlNumericInjection.html
SqlStringInjection.html
StoredXss.html
ThreadSafetyProblem.html
TomcatSetup.html
TraceXSS.html
UncheckedEmail.html
UsefulTools.html
WSDLScanning.html
WeakAuthenticationCookie.html
WeakSessionID.html
WelcomeScreeen.html
WsSAXInjection.html
WsSqlInjection.html
XMLInjection.html
XPATHInjection.html
lesson_solutions
lessons
users
main.jsp
sideWindow.jsp
webgoat.jsp
webgoat_challenge.jsp
config
doc
build.xml
Eclipse-Workspace.zip
HOW TO create the WebGoat workspace.txt
build.xml
eclipse.bat
readme.txt
webgoat for SQL Server.bat
webgoat.bat
webgoat.sh
webgoat_8080.bat
webscarab.bat
WebGoat/webgoat/main/project/WebContent/lesson_plans/SessionFixation.html
wirth.marcel 3a1397f178 Session Fixation lesson plan and solution edited
git-svn-id: http://webgoat.googlecode.com/svn/trunk@339 4033779f-a91e-0410-96ef-6bf7bf53c507
2008-04-15 09:43:01 +00:00

34 lines
1.3 KiB
HTML

<div align="Center">
<p><b>Lesson Plan Title:</b> Session Fixation</p>
</div>
<p><b>Concept / Topic To Teach:</b> </p>
How to steal a session with a 'Session Fixation'
<br>
<div align="Left">
<p>
<b>How the attacks works:</b>
</p>
A user is recognized by the server by an unique Session ID. If a
user has logged in and is authorized he does not have to
reauthorize when he revisits the application as the user is recognized
by the Session ID. In some applications it is possible to deliver
the Session ID in the Get-Request. Here is where the attack starts.
<br><br>
An attacker can send a hyperlink to a victim with a chosen Session ID.
This can be done for example by a prepared mail which looks like an
official mail from the application administrator.
If the victim clicks on the link and logs in he is authorized
by the Session ID the attacker has chosen. The attacker
can visit the page with the same ID and is recognized as the victim and
gets logged in without authorization.
</div>
<p><b>General Goal(s):</b> </p>
<!-- Start Instructions -->
This lesson has several stages. You play the attacker but also the victim.
After having done this lesson it should be understood how
a Session Fixation in general works. It should be also understood that
it is a bad idea to use the Get-Request for Session IDs.
<!-- Stop Instructions -->