You are right, there isn't anything particularly special about sessions. Sessions just allow the web server to "know" who is making a request.
Of course, if you can't use cookies you need another method to identify the user. What is usually done is to pass a unique identifier as a URL parameter:
myfile.php?session=ADE85XZ32322200V
Then use that identifier as a unique key for storing user variables (like in a flat file or database system like mySQL). You just have to remember to pass the variable on every page. Cookie based sessions work the same way except you don't have to pass back the identifier with every page because the cookie mechanism does it automatically with each page request.
