Description
- It was noted that the application did not correctly reissue a new session upon logging into the application therefore was vulnerable to Session Fixation
Session Fixation #1
Steps to Reproduce:
- Visit the login page. Login with valid user and observe that the sessionID has not been changed
// HTTP POST request logging in
POST /bludit/admin/ HTTP/1.1
Host: 192.168.58.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0
[...]
tokenCSRF=551bee4a6e6d065481ec1d29d9b37335475ae1d0&username=admin&password=password&save=
Host: 192.168.58.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0
[...]
tokenCSRF=551bee4a6e6d065481ec1d29d9b37335475ae1d0&username=admin&password=password&save=
// HTTP response
HTTP/1.1 301 Moved Permanently
Date: Tue, 03 Jun 2025 20:34:36 GMT
Server: Apache/2.4.37 (Unix) OpenSSL/1.0.2q PHP/5.6.40 mod_perl/2.0.8-dev Perl/v5.16.3
[...]
No comments:
Post a Comment