What type of session hijacking attack is shown in the exhibit?

seenagapeOctober 14, 2015

A.
Cross-site scripting Attack

B.
SQL Injection Attack

C.
Token sniffing Attack

D.
Session Fixation Attack

3 Comments on “What type of session hijacking attack is shown in the exhibit?”

Ghost Man says:

April 21, 2016 at 5:55 pm

A is the Ans.

Log in to Reply
D33pBr3dt says:

July 21, 2016 at 2:59 am

Ans: D

Session Fixation – Social engineering is involved in this attack.

This photo is fairly misleading. Step 1 is the attacker logging into the vulnerable web application. The attacker then sends this ID to the victim who logs into the web application. Session ID is known to the attacker, just reload the browser. Hence the term fixation.

Log in to Reply
dummystudent says:

August 2, 2016 at 6:44 am

100% D

2ez4sinagate

Log in to Reply