Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 11 Dec 2018, 10:10
All times are UTC - 4
 Forum index » Off-Topic Area » Security
WTF - posting as someone else?
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 2 [19 Posts]   Goto page: Previous 1, 2
Author Message
a_salty_dogg


Joined: 15 Dec 2013
Posts: 140

PostPosted: Wed 14 Nov 2018, 20:51    Post subject:  

Burn_IT wrote:
He was making a Wry comment????


Laughing

Took me a while to understand that comment but now I see it in Black & White and I'm not Grousing! Wink
Back to top
View user's profile Send private message 
s243a

Joined: 02 Sep 2014
Posts: 1305

PostPosted: Thu 15 Nov 2018, 03:02    Post subject:  

nic007 wrote:
I never logout myself after a session so am normally logged in when I return to the forum. Today I visited the site and replied to a post, I then noticed that I was logged in as gabtech and posting under that name. Logged out and successfully logged in with my nic007 login. How did my live nic007 login status change to gabtech?


I don't completely understand this yet but I did find the following:

Quote:
The attack consists of obtaining a valid session ID (e.g. by connecting to the application), inducing a user to authenticate himself with that session ID, and then hijacking the user-validated session by the knowledge of the used session ID. The attacker has to provide a legitimate Web application session ID and try to make the victim's browser use it.

https://www.owasp.org/index.php/Session_fixation
Back to top
View user's profile Send private message 
nic007


Joined: 13 Nov 2011
Posts: 2698
Location: Cradle of Humankind

PostPosted: Thu 15 Nov 2018, 04:17    Post subject:  

I wasn't asked to do anything as user. When I visited the forum I was magically logged in as gabtech instead of nic007
Back to top
View user's profile Send private message 
fredx181


Joined: 11 Dec 2013
Posts: 3573
Location: holland

PostPosted: Thu 15 Nov 2018, 13:39    Post subject:  

nic007 wrote:
I wasn't asked to do anything as user. When I visited the forum I was magically logged in as gabtech instead of nic007


This is really weird !!!, completely the other way around, in fact it looks like gabtech is the victim of being "hacked" (unintended, I believe you Wink ) by you.
(if I understand well)

I wonder what gabtech thinks about it, but it looks like he/she is not around here anymore.

Fred

_________________
Dog Linux website
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 2 [19 Posts]   Goto page: Previous 1, 2
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0433s ][ Queries: 12 (0.0126s) ][ GZIP on ]