Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Session Decrypting.

  1. Home
  2. Forum
  3. Hacking in general
  4. Session Decrypting.

ghost's Avatar

ghost

0 0

Hello, is there anyway you can decrypt Cookie Session sat by PHP?

Thank you.


ghost's Avatar

ghost

0 0

I'm pretty sure it's random… And I'm also pretty sure the SESSION variables are stored on site… Bith just guesses though


Uber0n's Avatar

Uber0n

Member
0 0

I bet what happysmileman says is true, but it's a good question though… :p


ghost's Avatar

ghost

0 0

PHPSESSID=db027fbadaf1422ec83b8068e7f57914 (And script kiddies, its not my HBH session.)

This is my own cookie, i wondering if there's any way i'm able to decrypt it.


ghost's Avatar

ghost

0 0

http://us2.php.net/session_id thats how it works….md5, hex….should be easy…ish. however you've got to realize the session is constructed on their data and normally with a timestamp….decrypting it probably will just give you garbage….methinks


ghost's Avatar

ghost

0 0

the session variable used in php, is completely random… the more random the more secure it is. If it was possible to know that the session would encrypt and decrypt to, session hijacking would be very common.


ghost's Avatar

ghost

0 0

Oh thanks a lot. Well on my site my session is secured with md5, i guess its almost impossible to get them now (;

Thanks a lot for the help and the answers.


ghost's Avatar

ghost

0 0

The session id just tells the server which Session to edit the data from. You can have a sessid of "123mysessionandme". The server just uses this to find out what session to use