If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the attacker. Such a scenario can use an XSS attack to show the cookie value of the current session; using the same technique it's possible to create a specific JavaScript code that will send the cookie to the attacker. This type of session attack is called the: - Skillset

Are you studying for the CEH certification?

Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.

Upgrade Account

If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the attacker. Such a scenario can use an XSS attack to show the cookie value of the current session; using the same technique it's possible to create a specific JavaScript code that will send the cookie to the attacker. This type of session attack is called the:

Cross-site script attack

Man in the middle attack

Session Sniffing

Explanation

Cross-Site Scripting

Video Training

Train with Skillset and pass your certification exam. Faster. Guaranteed.

Sign Up Now!

Directory

Skillset helps you pass your certification exam.

Contributions and Interactions

Practice Questions

Study thousands of practice questions that organized by skills and ranked by difficulty.

Contributions and Interactions

Personalized Training

Create a tailored training plan based on the knowledge you already possess.

Training Video Selector

Exam Readiness

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Get A Free Skillset Account