The main
purpose of Session Hijacking is to
bypass authentication process and
gain unauthorized access to the
computer or Website. In simple
words , hackers will login as some
other client using their Sessions.
TCP session hijacking is when a
hacker takes over a TCP session
between two machines. Since most
authentication only occurs at the
start of a TCP session, this allows
the hacker to gain access to a
machine
Different Session Hijacking methods:
Session stealing is achieved by
following methods
1. Session fixation: In this method,
the Hacker sets a user's session id
to known victim. For example,
Hacker will send email to known
victim with a link that contains a
particular session id. If the victim
followed that link, the hacker can
use that session and gain access.
2. Session SideJacking(session
Sniffing): In this method, the
attacker use packet sniffing to and
steal the Session cookie. In order to
prevent this, some websites use SSL
(encrypts the session). but do not
use encryption for the rest of the
site once authenticated. This allows
attackers that can read the network
traffic to intercept all the data that
is submitted to the server or web
pages viewed by the client.
Unsecured Hotspots are vulnerable
to this type of Session Hijacking.
3. Client-side attacks (XSS, Malicious
JavaScript Codes, Trojans, etc):
Hacker can steal the Session by
running the Malicious Javascript
codes in client system. Usually
hackers attack some websites using
XSS and insert their own Malicious
Javascript codes.
In client point view it is trusted
website, he will visit the website.
When victim visit the link ,
Malicious Javascript will executed. It
will steal the Session cookies and
other confidential data.
4. Physical access: If the hacker has
physical access, it is easy for him to
steal the Session. Usually this will
occur in public cafe. In public cafe ,
one use login to some websites
(facebook, gmail). A hacker come
after victim can steal the session
cookies
purpose of Session Hijacking is to
bypass authentication process and
gain unauthorized access to the
computer or Website. In simple
words , hackers will login as some
other client using their Sessions.
TCP session hijacking is when a
hacker takes over a TCP session
between two machines. Since most
authentication only occurs at the
start of a TCP session, this allows
the hacker to gain access to a
machine
Different Session Hijacking methods:
Session stealing is achieved by
following methods
1. Session fixation: In this method,
the Hacker sets a user's session id
to known victim. For example,
Hacker will send email to known
victim with a link that contains a
particular session id. If the victim
followed that link, the hacker can
use that session and gain access.
2. Session SideJacking(session
Sniffing): In this method, the
attacker use packet sniffing to and
steal the Session cookie. In order to
prevent this, some websites use SSL
(encrypts the session). but do not
use encryption for the rest of the
site once authenticated. This allows
attackers that can read the network
traffic to intercept all the data that
is submitted to the server or web
pages viewed by the client.
Unsecured Hotspots are vulnerable
to this type of Session Hijacking.
3. Client-side attacks (XSS, Malicious
JavaScript Codes, Trojans, etc):
Hacker can steal the Session by
running the Malicious Javascript
codes in client system. Usually
hackers attack some websites using
XSS and insert their own Malicious
Javascript codes.
In client point view it is trusted
website, he will visit the website.
When victim visit the link ,
Malicious Javascript will executed. It
will steal the Session cookies and
other confidential data.
4. Physical access: If the hacker has
physical access, it is easy for him to
steal the Session. Usually this will
occur in public cafe. In public cafe ,
one use login to some websites
(facebook, gmail). A hacker come
after victim can steal the session
cookies
.jpg)
0 comments:
Post a Comment