A penetration tester is analyzing traffic from a legacy web application and discovers it is using unencrypted HTTP. The tester successfully captures a session cookie after a user logs in. Which of the following attacks is now possible using this captured cookie?
By capturing a session cookie from unencrypted HTTP traffic, an attacker can perform a session hijacking attack. The attacker reuses the cookie to impersonate the legitimate user's session, gaining the same access and privileges as the user. Cross-site request forgery (CSRF) tricks a logged-in user into performing an unwanted action but does not typically involve sniffing a cookie from network traffic. SQL injection targets the database through vulnerable input fields, and a denial-of-service (DoS) attack aims to make a service unavailable; neither directly uses a captured session cookie to impersonate a user.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is session hijacking?
Open an interactive chat with Bash
How does HTTP encryption protect against session hijacking?
Open an interactive chat with Bash
What are common tools used to perform session hijacking?