In theory if a client computer connects to a php site using sessions and the client has a virus that does packet sniffing... The virus can transmit the get header request with the session id as well as the rest of the header to an offiste machine. Then that offsite machine can access the same website without any issues as long as it keeps the same header right?
If I am correct then is there anyway to protect against this? Also this packet could be stolen via proxy use, correct? I mean if an IT guy has a grudge then he can in theory go steal all the get headers and access the websites by stealing the session right?
Thanks ahead of time,
OP
Packet Sniffer UID Question...
Moderator: General Moderators
- AbraCadaver
- DevNet Master
- Posts: 2572
- Joined: Mon Feb 24, 2003 10:12 am
- Location: The Republic of Texas
- Contact:
Re: Packet Sniffer UID Question...
To protect the session ID use SSL, though it is still in the cookie and can be retrieved from there. You can also save the user's useragent string and IP in the session and check that each time. This does not eliminate the risk but helps to mitigate it some.
As for the proxy, SSL would be the best bet, however an intelligent/technical proxy admin could still get access to the unencrypted data.
As for the proxy, SSL would be the best bet, however an intelligent/technical proxy admin could still get access to the unencrypted data.
mysql_function(): WARNING: This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQLextension should be used. See also MySQL: choosing an API guide and related FAQ for more information.
- flying_circus
- Forum Regular
- Posts: 732
- Joined: Wed Mar 05, 2008 10:23 pm
- Location: Sunriver, OR
Re: Packet Sniffer UID Question...
I believe this depends on how the website handles session authentication. In it's most basic form of just passing the session id through a cookie, then it would be trivial to forge through your scenario. I believe this is referred to as Session Hijacking.0perand wrote:In theory if a client computer connects to a php site using sessions and the client has a virus that does packet sniffing... The virus can transmit the get header request with the session id as well as the rest of the header to an offiste machine. Then that offsite machine can access the same website without any issues as long as it keeps the same header right?
Perhaps someone with more experience can chime in here. If there is a packet sniffer installed as a filter driver, would it be possible to capture the data before it is encrypted in SSL? I was playing around with wireshark the other day, which raised this question.
With a proxy server, I believe you are referring to a Man-In-The-Middle attack. Sending data over a secure connection should mitigate this risk.0perand wrote: If I am correct then is there anyway to protect against this? Also this packet could be stolen via proxy use, correct? I mean if an IT guy has a grudge then he can in theory go steal all the get headers and access the websites by stealing the session right?
Thanks ahead of time,
OP
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Packet Sniffer UID Question...
If the user's browser has been hijacked, there's nothing you as a web developer can do about it.
Re: Packet Sniffer UID Question...
Thanks for the info guys... I figured the best defense I could use is change the uid constantly. Its not perfect, but atleast the uid expires with every refresh or navigation on the site.
BTW SSL does break through a proxy. So an IT guy who is really <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> could do some damage if he knows what to do.
BTW SSL does break through a proxy. So an IT guy who is really <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> could do some damage if he knows what to do.