While assessing a custom PHP e-commerce application you observe that the server issues a PHPSESSID cookie on the first page load and keeps the exact same value after users successfully log in. HTTPS is not enforced, but you cannot sniff the network or inject scripts. Which application-level session-hijacking technique could you exploit to gain control of a victim's authenticated session?
Inject a reflected XSS payload to read the PHPSESSID cookie after login.
Leverage session fixation by pre-setting the PHPSESSID value the victim will use to authenticate.
Launch a cross-site request forgery attack to perform actions on behalf of the user.
Conduct a clickjacking attack to trick the user into clicking hidden elements.
Because the application does not regenerate the session identifier after authentication, an attacker can pre-set or capture the unauthenticated PHPSESSID value and then trick the victim into logging in while that same ID is already in place. Once the user authenticates, the attacker simply reuses the known session ID to access the account-this is the classic definition of session fixation. Reflected XSS could steal cookies, but the HttpOnly flag or the lack of an injection point would block that path. CSRF forces the victim's browser to act, but it does not reveal the session token to the attacker. Clickjacking can cause unintended clicks but likewise does not provide the attacker with the session identifier. Therefore, session fixation is the viable method here.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a PHPSESSID cookie?
Open an interactive chat with Bash
What is session fixation?
Open an interactive chat with Bash
Why should HTTPS be enforced in applications?
Open an interactive chat with Bash
What is session fixation and how does it work?
Open an interactive chat with Bash
Why is it important to regenerate the session ID after user authentication?
Open an interactive chat with Bash
What security measures help mitigate session fixation attacks?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .