Session Hijacking
Session Hijacking is when an attacker gets access to Session Hijacking is when an attacker gets access to the session state of a particular user. The attacker steals a valid session ID which is used to get into the system and snoop the data.
TCP session hijacking is when a hacker takes over a TCP session between two machines. Since most authentication only occurs at the start of a TCP session, this allows the hacker to gain access to a machine.
Types of Session Hijacking
There are two types of session hijacking attacks:
Active: In an active attack, an attacker finds an active session and takes over
Passive: With passive attack, an attacker hijacks a session, but sits back, and watches and records all the traffic that is being sent forth.
Steps in Session Hijacking
Place yourself between the victim and the target (you must be able to sniff the network)
Monitor the flow of packets
Predict the sequence number
Kill the connection to the victim’s machine
Take over the session
Start injecting packets to the target server.
Tools:
Juggernaut:
Juggernaut is a network sniffer that can be used to hijack TCP sessions. It runs on Linux operating systems.
Hunt:
Hunt is a program that can be used to listen, intercept, and hijack active sessions on a network.
IP Watcher:
IP watcher is a commercial session hijacking tool that allows you to monitor connections and has active facilities for taking over a session.
Paros HTTP Hijacker:
Paros is a man-in-the-middle proxy and application vulnerability scanner.
T-Sight:
T-Sight is a session hijacking tool for Windows.
Credit hacking article
Thanks for visiting keep learning keep sharing your knowledge.
Post a Comment
Feel Free To Ask Your Query we Love To Answer