• caglararli@hotmail.com
  • 05386281520

Is there a way to modify the value of a session token with HttpOnly flag set in this scenario?

Çağlar Arlı      -    44 Views

Is there a way to modify the value of a session token with HttpOnly flag set in this scenario?

SCENARIO:

When a user browses to the login page the web application sets SESSIONID=X; Httponly; before the authentication.

After the authentication NO new cookies are set. The only cookie used to identify the session is SESSIONID=X.

This should mean that the webapp is vulnerable to the session fixation attack. I want to develop a complete attack so I need a way to programmatically modify the value of SESSIONID.

The server doesn't use security headers (X-XSS-Protection, etc.), so the login page can be inserted into an iframe and XSS are not blocked.

Is there a way to change the value of SESSIONID when the victim access the login page through attacker web server?