What is Session Hijacking?

What is Session Hijacking?

What is Session Hijacking? – Session Hijacking refers to an attack where an attacker takes over a Valid TCP communication session between two computers.

Since most authentication only occurs at the start of a TCP session, this allows the attacker to gain access to a machine.

Attackers can sniff all the traffic from the established TCP sessions and perform indentity theft, information theft, froud etc.

The attaker steals a valid session ID and use it to authenticate himself with the server.

Why Session Hijacking is Successful?

  • No account lockout for invalid session IDs
  • Indefinite session expiration time
  • Weak session ID generation algorithm or small session IDs
  • Insecure handling of session IDs
  • Most computers using TCP/IP are vulnerable
  • Most countermeasures do not work unless you use encryption

Session Hijackings Process


The attacker uses different techniques to steal session IDs

1, Using the HTTP referrer Header

2. Sniffing the network traffic

3. Using the cross-site-scripting attacks

4. Sending Trojans on client machines


The attacker tries to guess the session IDs by observing variable parts of the session IDs




Brute Forcing

The attacker attempts different IDs untill he succeeds

Using brute force attacks. an attacker tries to guess a session ID untill he finds the correct session ID

Also Read: How to hack wifi using kali linux

Types of Session Hijacking

Active Attack

The active attack includes interception in the active session from the attacker. An attacker may send packets to the host in the active attack. In a active attack, the attacker is manipulating the legitimate users of the connection. As the result of an active attack, the legitimate user is disconnected from the attacker.

Active Attack

Passive Attack

The passive attack includes hijacking a session and monitoring the communication between hosts without sending any packet.

Passive Attack

Session Hijackings in OSI Model

Network Level Hijacking

Network level hijacking includes hijacking of a network layer session such as TCP or UDP session.

Application Level Hijacking

Application level hijacking includes hijacking of Application layer such as hijacking HTTPS session.

You Miss To Read Dos & D-DOS , Hack Cell Phone Location

Related posts

One Thought to “What is Session Hijacking?”

  1. […] Read This Sql Injection, Session Hijacking, Facebook […]

Leave a Comment