What is Session Hijacking? – Session Hijacking refers to an attack where an attacker takes over a Valid TCP communication session between two computers.
Since most authentication only occurs at the start of a TCP session, this allows the attacker to gain access to a machine.
Attackers can sniff all the traffic from the established TCP sessions and perform indentity theft, information theft, froud etc.
The attaker steals a valid session ID and use it to authenticate himself with the server.
Why Session Hijacking is Successful?
- No account lockout for invalid session IDs
- Indefinite session expiration time
- Weak session ID generation algorithm or small session IDs
- Insecure handling of session IDs
- Most computers using TCP/IP are vulnerable
- Most countermeasures do not work unless you use encryption
Session Hijackings Process
The attacker uses different techniques to steal session IDs
1, Using the HTTP referrer Header
2. Sniffing the network traffic
3. Using the cross-site-scripting attacks
4. Sending Trojans on client machines
The attacker tries to guess the session IDs by observing variable parts of the session IDs
The attacker attempts different IDs untill he succeeds
Using brute force attacks. an attacker tries to guess a session ID untill he finds the correct session ID
Also Read: How to hack wifi using kali linux
Types of Session Hijacking
The active attack includes interception in the active session from the attacker. An attacker may send packets to the host in the active attack. In a active attack, the attacker is manipulating the legitimate users of the connection. As the result of an active attack, the legitimate user is disconnected from the attacker.
The passive attack includes hijacking a session and monitoring the communication between hosts without sending any packet.
Session Hijackings in OSI Model
Network Level Hijacking
Network level hijacking includes hijacking of a network layer session such as TCP or UDP session.
Application Level Hijacking
Application level hijacking includes hijacking of Application layer such as hijacking HTTPS session.
You Miss To Read Dos & D-DOS , Hack Cell Phone Location