Session hijacking using Tamper Data
Session hijacking is a technique that's used to gain unauthorized access to information or an account by exploiting a valid computer session. Sometimes, it is also referred to as cookie hijacking as cookies are often used to track the user session. By stealing a cookie from the client session, an attacker can spoof the client and perform activities on behalf of the legitimate client.
When a user attempts to access a domain, they are prompted to authenticate to a protected resource. After a successful login with a valid username and password, the web server assigns a unique value to the client to track the user. The unique value is sometimes called session cookie. This session cookie is created by the web server and placed on the client. While this client is communicating with the web server during this session, this cookie information will continue to be used. An attacker positioned between the client and the web server, such as the interface off of our...