A penetration tester is analyzing traffic from a legacy web application and discovers it is using unencrypted HTTP. The tester successfully captures a session cookie after a user logs in. Which of the following attacks is now possible using this captured cookie?
By capturing a session cookie from unencrypted HTTP traffic, an attacker can perform a session hijacking attack. The attacker reuses the cookie to impersonate the legitimate user's session, gaining the same access and privileges as the user. Cross-site request forgery (CSRF) tricks a logged-in user into performing an unwanted action but does not typically involve sniffing a cookie from network traffic. SQL injection targets the database through vulnerable input fields, and a denial-of-service (DoS) attack aims to make a service unavailable; neither directly uses a captured session cookie to impersonate a user.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a session cookie, and how does it work?
Open an interactive chat with Bash
What is the role of HTTPS in protecting session cookies?
Open an interactive chat with Bash
What is a token replay attack, and how is it mitigated?