I was just watching some of the educational videos from imperva on youtube, and one of them was session hijacking. Basically you can obtain a coockie, in some way such as cross-site scripting, and then use the coockie to access a web page where you will be logged in as the user who that coockie belongs to, though I am wondering, would this be the case if its htts traffic? Not even sure if that exists in https? Like can you even sniff packets?
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.