Session Fixation

Session fixation attacks attempt to exploit the vulnerability of a system that allows one person to fixate another person’s session identifier.

- [Session_fixation](https://owasp.org/www-community/attacks/Session_fixation)

Exploitation

1. Attacker Logins Website to Get the Session

An attacker need to login to a legitimate website then get the session value.

Cookie: sessid=abcdef

2. Attacker Sends the Session Value to Victim

There are various way to send the attacker’s session value. For example,

• Send email.
• Predict a session value.
• Eavesdrop a session using packet sniffer such as Wireshark.

• XSS

  <script>document.cookie = ATTACKERS_SESSION_ID</script>
  

3. Victim Logins with Attacker’s Session

If the victim logins and attacker’s session is set to the Cookie, the attacker can control the victim’s account in the website.