Security
Intermediate
What is Session Hijacking?
An attack where an adversary takes over a legitimate user session by stealing or predicting the session identifier.
Session hijacking occurs when an attacker obtains a valid session ID and uses it to impersonate the legitimate user. Attack vectors include network sniffing (intercepting unencrypted session cookies), XSS (JavaScript stealing cookies), session fixation (forcing a known session ID on the victim), and predicting weak session IDs. Prevention measures include HTTPS everywhere (encrypting cookies in transit), HttpOnly flag (preventing JavaScript access), Secure flag (cookies sent only over HTTPS), SameSite attribute (preventing CSRF), session regeneration after login, binding sessions to IP/user-agent, setting short session timeouts, and using cryptographically random session IDs.
