I Haven't explored the ID generation part.

Have you looked at how the ID is generated?
2
1
Drew Griess
Goutham A S
·Follow
Dec 2, 2022
--
I Haven't explored the ID generation part.
Yes, I know it is too hard to guess and find someone ID. But the UserID they are storing in the Cookie, so by social engineering or MITM attacker can steal and get access to another user accounts
--
--
Written by Goutham A S1.2K Followers
·0 Following
Assistant Manager - Information Security | Ethical Hacker | Penetration Tester | Blogger | SAST | DAST | API Security | AWSOps | AZ-500 | Reverse Engineering
No responses yet
Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams