Search Results

untitled_design__34_49zldCHdRKCC7F6XZdXEf4tAJKrNGMszXPMvZJQB

http

Session Management DVWA

by Vry4n_ | Jan 15, 2020 | Web Exploitation

Log in to DVWA admin/password, Session IDs have 4 levels (low, medium, high, impossible) We will first inspect the low one. So, set the level to low Low This script is very basic and unsecure, due to the session ID is created in plaintext and uses the most common...

Attacking & Securing Session Management

by Vry4n_ | Jan 14, 2020 | Web Exploitation

I am writing this based on OWASP and the book “The Web Application Hacker’s Handbook”. https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html Introduction The HTTP protocol is essentially stateless. It is based on a simple request-response...