[Mobile Application]
Security Research Center
What is Session Hijacking?
Session hijacking is a family of attacks where a bad actor gains access to the victim’s session token and reuses it to continue working in the same session and execute their own transactions in the system on behalf of the victim.
Since session tokens bear all the necessary information about the current session, there’s no need for the attacker to have authentication information. Instead, the attacker joins an already existing session that a legitimate user created.
There are multiple ways to gain access to the victim’s credential data, the most popular being:
- Malware (see the security research center on malware for more information)
- Man-in-the-middle attack where the victim’s session tokens are captured from the communication channel
- Code vulnerabilities in third-party frameworks
Reusing the stolen session tokens implies unauthorized automation. It is usually not possible to reuse the official application, therefore the attacker would write their own scripts and applications that enable session token spoofing.
---
title: Session hijacking
---
flowchart TD
impersonation_attack
theft_phase
tampering_protection
malware_protection
tls_pinning
device_binding
malware
mitm
impersonation_attack[Impersonation and account takeover]
theft_phase[Theft]
reuse_phase[Reuse]
hijack[Session hijacking]
impersonation_attack --> hijack
hijack --> theft_phase
hijack --> reuse_phase
malware[Malware]
mitm[Man-in-the-middle attack]
bots[Bots]
vulnerability[Vulnerability]
tampering_protection([Tampering protection])
malware_protection([Malware protection])
tls_pinning([TLS pinning])
device_binding([Device binding])
app_attestation([Application attestation])
mast([MAST])
theft_phase --> malware
theft_phase --> mitm
theft_phase --> vulnerability
reuse_phase --> bots
reuse_phase --> malware
malware --> malware_protection
malware --> tampering_protection
malware --> device_binding
bots --> app_attestation
mitm --> tls_pinning
mitm --> device_binding
vulnerability --> mast
style device_binding fill:lightgreen
click malware_protection href "https://www.guardsquare.com/mobile-app-security-research-center/malware/overview" "How to implement malware protection"
click tls_pinning href "https://www.guardsquare.com/video/ssl-pinning-explained" "SSL pinning explained"
click re_protection href "https://www.guardsquare.com/" "Reverse engineering and tampering protection"
click tampering_protection href "https://www.guardsquare.com/" "Reverse engineering and tampering protection"
click app_attestation href "https://www.guardsquare.com/introducing-mobile-app-attestation" "Learn more about App Attestation"
click mast href "https://www.guardsquare.com/what-is-mobile-application-security-testing" "Mobile app security testing"
Guardsquare
Connect with the author
Table of contents
