View Issue Details

IDProjectCategoryView StatusLast Update
0007099Kali LinuxFeature Requestspublic2022-02-16 19:35
Reporterawesome.juanr155 Assigned ToGamb1t  
PrioritylowSeveritytweakReproducibilityalways
Status closedResolutionwon't fix 
Product Version2021.1 
Summary0007099: SESSION HIJACKING.
Description

VULNERABILITY NAME: SESSION HIJACKING.

VULNERABILITY URL: https://bugs.kali.org/

DESCRIPTION:
In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.

Steps To Reproduce

STEPS TO REPRODUCED:
1) Log in to your account
2) Copy your cookies
3) Logout
4) Clear browser cookies
5) Paste the cookies (copied in step 2)
6) Refresh the page
7) Now you will be logged into the account

Additional Information

The Patch:
Cookies should expire after the logout and previous cookies should not be used for logging into the account, they should expire!

IMPACT:

The malicious attacker can enter the server and access its information without having to hack a registered account. In addition, he can also make modifications on the server to help him hack it in the future or to simplify a data-stealing operation.

Activities

Gamb1t

Gamb1t

2022-02-16 19:35

manager   ~0015753

This report has been filed against an old version of Kali. We will be closing this ticket due to inactivity.

Please could you see if you are able to replicate this issue with the latest version of Kali Linux (https://www.kali.org/get-kali/)?

If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing, and also give information about your setup?
For more information, please read: https://www.kali.org/docs/community/submitting-issues-kali-bug-tracker/

Issue History

Date Modified Username Field Change
2021-03-15 10:40 awesome.juanr155 New Issue
2021-03-15 10:40 awesome.juanr155 Issue generated from: 0007044
2021-06-30 08:49 g0tmi1k Priority none => low
2022-02-16 19:35 Gamb1t Assigned To => Gamb1t
2022-02-16 19:35 Gamb1t Status new => closed
2022-02-16 19:35 Gamb1t Resolution open => won't fix
2022-02-16 19:35 Gamb1t Note Added: 0015753