As always the information in this thread as well as more can be found in my notes at: https://notes.zanidd.xyz/

Thank you for reading my thread and see you in the next one :)

#session #csrf #xss #sessionhijacking #sessionfixation

Remediating Open Redirect

• Strictly validate URLs
• Do not use user-supplied URLs
• Check supplied values (valid, not an URL, appropriate for the app)
• Sanitize input with an allowlist of trusted hosts (or regex)
• Force redirects to first go through a page notifying users that they're leaving the site

#cybersecurity #session #csrf #xss #sessionhijacking #sessionfixation

Remediating CSRF

• Check if user is authorized to perform action
• Add randomly generated + non-predictable tokens (anti-csrf-token, csrf-tokens)
• Referrer Header Checking
• Implement Two-Step operation (Operation is not executed when called, but needs a verification)
• Make Cookies SameSite!

#cybersecurity #session #csrf #xss #sessionhijacking #sessionfixation

Remediating XSS

• Validation of user input (on the server side)
  • Use positive approach (allowlist)
  • verify existence of actual Input
  • Enforce Input Size restriction
  • Check Input Type and only allow certain types
  • Check range of value and restrict it
  • Sanitize special chars
• HTML Encoding Output (especially user-controlled output)
• Do not embed user input into client-side scripts
• Have a good CSP (Content Security Policy)
• Make Cookies HTTPOnly!

#cybersecurity #session #csrf #xss #sessionhijacking #sessionfixation

Remediation Session Fixation

• Generate new session ID after authenticated operation (invalidate pre-login session id and generate a new one post-login)
• use libraries and built in mechanisms for session management, don't build custom implementations

Example Function for PHP:

session_regenerate_id(bool $delete_old_session = false): bool

#cybersecurity #session #csrf #xss #sessionhijacking #sessionfixation

Remediating Session Hijacking

• Pretty challenging to counter session hijacking
• Monitoring + Anomaly Detection
• safer bet to counter than to eliminate all vulns

#hacking #cybersecurity #session #csrf #xss #sessionhijacking #sessionfixation

Here is some Advice on how to remediate common Session Security Attacks/Vulns (based on HTB Academy).

1/? 🧵

#hacking #cybersecurity #session #csrf #xss #sessionhijacking #sessionfixation

Protection against user session attacks (hijack, replay, tampering, CSRF, XSS...)

https://security.stackexchange.com/questions/268882/protection-against-user-session-attacks-hijack-replay-tampering-csrf-xss

#sessionmanagement #attackprevention #sessionfixation #maninthemiddle