查看文章

SideJacking occurs when an attacker intercepts a session cookie and uses it to impersonate a user and gain unauthorized access to a web-based service. To prevent SideJacking, a server should enable HTTPS and configure all session cookies to only be transmitted over a secure link. Many websites do not do this, however, and the user may be unaware. In this work we present a Firefox extension that will allow users to quickly and easily determine whether the server they are visiting is susceptible to SideJacking attacks.