root@oco:~$ BROWSER > {darkweb}
* obtain the cookies from platforms that shares data/leaked information
root@htb:~$ BROWSER > {targetSite}
root@htb:~$ BROWSER > New Private Window > {targetSite:port} > F12 > Storage > Cookies
{targetSite}
Name: {providedBySite}
Value: s%3Ac0m4nIkY17kFNu66H7cagVDcN5lH9ibG.yGcm8fEAhExhH5PFttYLOMw1FavpeBn0dwddeUXAJiU
- this value was obtained from the dark web/deep web
* reload the page to bypass the login page
MITIGATION
Countering session hijacking is challenging because a valid session ID inherently grants access. Monitoring user sessions and detecting anomalies can help identify attacks. The best approach is to eliminate known vulnerabilities to prevent hijacking
