magic cookie

Fri
27
May
Dennis Faas's picture

Session Hijacking

In computer science, session hijacking is the exploitation of a valid computer session (commonly known as a "session key") used to gain unauthorized access to information or services in a computer system. For example, when a user logs in to a web ... site, the user's PC is tagged with a session key using a browser cookie (a cookie is a small file stored on the users PC that the browser reads). Any time the user requires access to a restricted area of a website (usually requiring login), the session key is extracted from the users' PC and compared to the key stored on the web server. If valid, the ... (view more)

Subscribe to RSS - magic cookie