Web Security : Automating with LibWWWPerl - Testing Session Fixation

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

1. Problem

Session fixation is a problem where the server receives a session token from the web browser that does not correspond to a valid session. Rather than issue a new session token of its own making, the server accepts the browser-provided session token. Such situations can be leveraged by attackers to steal session information and credentials. This Perl script in Example 8-6 checks for an application server that behaves badly in this way.

2. Solution

See Example 1.

Example 1. Testing for session fixation with Perl
use LWP::UserAgent;
use HTTP::Cookies;
use HTTP::Request::Common;

$URL       = "";
$UA        = LWP::UserAgent->new();
$myCookies = HTTP::Cookies->new(
    file           => "cookies.txt",
    autosave       => 1,
    ignore_discard => 1,

# Find a particular cookie from a particular domain. Uses an external
# namespace ($find::) to get the key, path, and domain to search for.
# Puts found cookie into array @find::cookie.
sub findCookie {
    my (
        $version,   $key,    $val,     $path,    $domain, $port,
        $path_spec, $secure, $expires, $discard, $rest
    ) = @_;

    if (    ( $domain eq $find::domain )
        and ( $path eq $find::path )
        and ( $key  eq $find::key ) )
        print "$version, $key, $val, $path, $domain, $expires\n";
        @find::cookie = @_;

# Our Malicious Cookie: Contains a known session ID.
my $version = 0;
my $key     = "session_id";
my $val     = "1234567890abcdef";
my $path    = "/";
my $domain  = "";
my $expires = "123412345";

# Add the malicious cookie to our jar. Fields we don't care
# about are undefined.
    $version, $key,  $val,     $path, $domain, undef,
    undef,    undef, $expires, undef, undef

$req = HTTP::Request->new( GET => $URL );
$resp = $UA->request($req);

$find::domain = "";
$find::path   = "/";
$find::key    = "session_id";

# See if we have any cookies for that site, path, and key.
$myCookies->scan( \&findCookie );
if (    ( $domain eq $find::cookie[4] )
    and ( $path   eq $find::cookie[3] )
    and ( $key    eq $find::cookie[1] ) )
	# We have one. See if it contains our value.
    if ( $val eq $find::cookie[2] ) {
        print "Test failed: cookie returned was ours.\n";
    } else {
        print "Test passed: cookie returned was new.\n";
} else {
    print "Test script failure: no matching cookie found.\n";


3. Discussion

In this example we know something about the target application, so our call to set_cookie() (line 42) sets only the fields of the cookie that matter. You might have a slightly different script for testing your application if different cookie fields matter to your application.

The goal of a session fixation attack is to send a cookie to a victim (e.g., in a URL) and have the victim use it. When the victim uses that cookie, they are vulnerable to various session-stealing attacks because the attacker knows their cookie—he created it in the first place. To find out more about session fixation attacks, search for “session fixation attack pattern” on Google.

In this test we test for it by creating a bogus cookie that is easy to recognize. We send the contrived cookie to the server and then check what cookie the server sends back to us. If the server sends us our malicious cookie back, then the application fails the test.
Top 10
Free Mobile And Desktop Apps For Accessing Restricted Websites
TOYOTA CAMRY 2; 2.5 : Camry now more comely
KIA SORENTO 2.2CRDi : Fuel-sipping slugger
How To Setup, Password Protect & Encrypt Wireless Internet Connection
Emulate And Run iPad Apps On Windows, Mac OS X & Linux With iPadian
Backup & Restore Game Progress From Any Game With SaveGameProgress
Generate A Facebook Timeline Cover Using A Free App
New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
- Messages forwarded by Outlook rule go nowhere
- Create and Deploy Windows 7 Image
- How do I check to see if my exchange 2003 is an open relay? (not using a open relay tester tool online, but on the console)
- Creating and using an unencrypted cookie in ASP.NET
- Directories
- Poor Performance on Sharepoint 2010 Server
- SBS 2008 ~ The e-mail alias already exists...
- Public to Private IP - DNS Changes
- Send Email from Winform application
- How to create a .mdb file from ms sql server database.......
programming4us programming4us