Related Reads
What is SessionID?
SessionID is a unique ID for checking the authentication of a logged on user. Based on the SessionID the Server responds to a browser. And the Session Hijacking involves, accessing the random sessionID based on user input. This sessionID is being used for both the Web and Mobile applications. Authentication Bypass places a major stack in application vulnerability.
Possible hybrid strings from user input.
username+string
password+string
username+password
username+date+string
Here, ‘+’ is used to concatenate two different strings.
The following code could be helpful in order to crosscheck the severity based on the SessionID.
class SessionProgram { static string randomString(int length) { const string validChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789” //This is the value for defining the string stringBuilder res = new StringBuilder(); // Creating Null Object Random rnd = new Random(); while (0 < length --) { res.Append(validChars[rnd.Next(validChars.Length)]); } } //End of randomString() static void Main(string[] args) { int length = Console.Read(); string usedCase = Console.ReadLine(); // Get string from user string hybridPass = randomString(length); Console.WriteLine(hybridPass +usedCase); } }
This is a program based on C#. In order to try this code, import the following modules and define this whole SessionProgram class under a Namespace.using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
This payload can be used to get sample permutations of various username/password and random strings. The same can be modified for a set of used cases only. Edit the constant string ‘validChars’ with a frequently used parameter value.
**This is for educational purposes only.**
Did You Know?
Cybrary has tons of FREE training resources!
For lifetime access simply CREATE A FREE ACCOUNT.
Already a member? login here.
We recommend always using caution when following any link
Are you sure you want to continue?
thank you… if u make video streaming plz plz send me…
Definitely, I’ll look into for video streaming.
if, I got a video in this program, may be I can learn better,, thank you. 🙂