Our website uses necessary cookies to enable basic functions and optional cookies to help us to enhance your user experience. Learn more about our cookie policy by clicking "Learn More".
Accept All Only Necessary Cookies
Guessable Session ID icon

Guessable Session ID (Web)


hpAndro
1.0.0
  • Sep 27, 2021
    Update date
  • Everyone
  • Android 6.0+
    Android OS

About Guessable Session ID

The session prediction attack focuses on predicting session ID values

The session prediction attack focuses on predicting session ID values that permit an attacker to bypass the authentication schema of an application. By analyzing and understanding the session ID generation process, an attacker can predict a valid session ID value and get access to the application.

n the first step, the attacker needs to collect some valid session ID values that are used to identify authenticated users. Then, they must understand the structure of session ID, the information that is used to create it, and the encryption or hash algorithm used by the application to protect it. Some bad implementations use sessions IDs composed by username or other predictable information, like timestamp or client IP address. In the worst case, this information is used in clear text or coded using some weak algorithm like base64 encoding.

Show More

Additional APP Information

Latest Version

1.0.0

Uploaded by

Nilton Schneider Jr.

Requires Android

Android 6.0+

Content Rating

Everyone

What's New in the Latest Version 1.0.0

Last updated on Sep 27, 2021

Minor bug fixes and improvements. Install or update to the newest version to check it out!

Show More

Guessable Session ID Screenshots

Guessable Session ID posterGuessable Session ID screenshot 1Guessable Session ID screenshot 2

Related Tags

Popular Articles In Last 24 Hours

Subscribe to APKPure
Be the first to get access to the early release, news, and guides of the best Android games and apps.
No thanks
Sign Up
Subscribed Successfully!
You're now subscribed to APKPure.