Am 22.04.2012 22:06, schrieb Michael Heydekamp: > Am 22.04.2012 21:49, schrieb Reindl Harald: >> Am 22.04.2012 21:38, schrieb Michael Heydekamp: > >>> Didn't know that. But how can a different user on a different machine have >>> the same session ID (if not by random)? Is there any way to a) get hold of >>> the ID of any other user's session, and b) to take influence on his own >>> session ID in a way that he would identify himself with the same ID? >> >> what do you think how long it takes to write a cookie like this? >> the only interesting is >> "roundcube_sessauth=S1168d2474c3b543053461d00f9c8b1a1b1764905" >> >> beeing in a open WLAN without ssl and anybody can fake it in seconds > > Ok, typing it is not a big deal, but how can he get hold of the ID of any > user in the same WLAN within seconds?
jesus christ you simply start the hijacked session in your browser - the session is nothing other than sending this header with each reequest > And: If he can do that, isn't faking the User-Agent even an easier deal? yes, but he must fake BOTH at the same time it's both easy, 100% security does not exist you can things only make as difficult as possible without encryption >> Cookie: mailviewsplitterv=244; mailviewsplitter=262; >> composesplitterv=175; prefsviewsplitter=195; >> folderviewsplitter=300; addressviewsplitter=250; >> addressviewsplitterd=200; identviewsplitter=300; >> tl_webmail_sessid=vpxiRqxOLDa%2CM7gMP81eB2hPPc1; >> roundcube_sessauth=S1168d2474c3b543053461d00f9c8b1a1b1764905
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
