Modifying PHP Session Variables

In my previous post regarding PHP session compromise, I demonstrated how a poorly configured session ID can be brute forced by an attacker.  In this post we shall look at how poor coding practices can also lead to session compromise without discovering a protected session ID.  This attack will be demonstrated against level 20 of the Natas hacking game. Continue reading “Modifying PHP Session Variables”

Brute Forcing PHP Session IDs

Natas is hacking game hosted at that centres around web application security.  Each level must be compromised by some means to reveal the password for the next level.  Below is a writeup of the method I used to penetrate the security of level 19.  I highly recommend this game to anyone interested in web application security. Continue reading “Brute Forcing PHP Session IDs”