Let’s learn WebApp Pentest from basic on DVWA. From setup to hack. Part11. Weak Session ID(Low to High).

Hey all. How are you doing?

Now we will do weak session ID. First, we will do it in low security.

Let’s click on view source and we can see each cookie is increasing by 1.

Let’s catch this on burp suite

Now there is no cookie

We have to forward that traffic and generate it again to catch that traffic. Now we got to see that the cookie value is 1.

If we forward this again and generate it again and catch the traffic, by the source code the cookie should be 2 because it is increasing by 1.

So, by this, we can easily predict that each next cookie is just +1 from the last cookie. The weak session ID is done.

Now in medium level security.

In the view source, we can see cookie_value=time(), which means they are using a timestamp.

Let’s catch that traffic and we can see a 10 digit numerical value is there.

Let’s decode that. How? let’s go to the epoch time converter. Here is the link: https://www.epochconverter.com/

Just paste the time stamp and we can see the data.

So, we can easily see this whole data. The weak session ID is done on medium-level security. Now we will do on high security.

Let’s check the view source. Here we can see it’s again increasing the number by 1 and then it is hashing in the MD5 algorithm.

So, let’s catch the traffic in the burp suite but we cannot see any hash. So let’s open the inspect element on the browser. Go to storage and we can see the hash. Let’s again click on the generate button and we can see the value is updated.

Let’s copy this hash and crack this. We can crack this using online.

We got the result which is 8. Let’s do this process again, by the source, next should be 9.

Yes, we are correct.

So, the weak session ID is done.

I hope all of you understood properly. We will meet in the next part.