fc_11_session_hijacking Flashcards
What is session hijacking?
- Session hijacking refers to an attack where an attacker takes over a valid TCP communication session between two computers
- Since most authentication only occurs at the start of a TCP session, this allows the attacker to gain access to a machine
- Attackers can sniff all the traffic from the established TCP sessions and perform identity theft, information theft, fraud, etc. The attacker steals a valid session ID and uses it to authenticate himself with the server
- A session hijacking attack refers to the exploitation of a session-token generation mechanism or token security controls so that the attacker can establish an unauthorized connection with a target server.
Why are session hijacking attacks successful?
- No account lockout out for invalid session ID
- Weak Session ID generation algoritm or small session IDs
- Insecure handling of session id
- indefinate session expiration time
- Countermeasures dont work unless you use encryption
- Most computers using TCP/IP are vulnerable
Session Hijacking Processes 5 steps ka diagram
a
Packet Analysis of a Local Session Hijack (not ratta)
a
Types of Session Hijacking (read)
a
Session Hijacking in OSI Model
a
Spoofing vs. Hijacking
a
Application Level Session Hijacking
a
Compromising Session IDs using Sniffing and by Predicting Session Token
a
How to Predict a Session Token
a
Compromising Session IDs Using Man-in-the-Middle Attack
a
Compromising Session IDs Using Man-in-the-Browser Attack
a
Steps to Perform Man-in-the-Browser Attack
a
Compromising Session IDs Using Client-side Attacks
a
Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
a
Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
a
Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
a
Compromising Session IDs Using Session Replay Attack
a
Compromising Session IDs Using Session Fixation
a
Session Hijacking Using Proxy Servers
a
Session Hijacking Using Forbidden Attack
a
Network-level Session Hijacking
a
TCP/IP Hijacking
a
IP Spoofing: Source Routed Packets
a
RST Hijacking
a
Blind and UDP Hijacking
a
MiTM Attack Using Forged ICMP and ARP Spoofing
a
Session Hijacking Tools
a
Session Hijacking Tools for Mobile
a
Session Hijacking Detection Methods
a
Protecting against Session Hijacking
a
Methods to Prevent Session Hijacking: To be Followed by Web Developers
a
Methods to Prevent Session Hijacking: To be Followed by Web Users
a
Session Hijacking Detection Tools
a
Approaches Vulnerable to Session Hijacking and their Preventative Solutions
a
Approaches to Prevent Session Hijacking
a
IPSec
a
IPSec
a
IPsec Authentication and Confidentiality
a
Session Hijacking Prevention Tools
a
Session Hijacking Pen Testing
a