Module 11 - Session Hijacking

Question 1

Refers to an attack where an attacker takes over a valid TCP communication session between two computers.

Answer 1

Session Hijacking

Question 2

Session Hijacking Concepts:

• Attacker pretends to be another user or machine (victim) to gain access.
• Attacker does not take over an existing active session. Instead, he initiates a new session using the victim’s stolen credentials.
• IP or MAC Address
  a. Hijacking
  b. Spoofing Attack

Answer 2

b. Spoofing Attack

Question 3

Session Hijacking Concepts:

• Is the process of taking over an existing active session.
• Attacker relies on the legitimate user to make a connection and authenticate.
  a. Hijacking
  b. Spoofing Attack

Answer 3

a. Hijacking

Question 4

Application Level Session Hijacking:

• Attack exploits a victim’s active session with a trusted site in order to perform malicious activities.
• Website uses your acquired credentials.

Answer 4

Cross-Site Request Forgery (CSRF)

Question 5

Application Level Session Hijacking:

When a website acquires your credentials (Username & Password)

Answer 5

Cross-Site Scripting (XSS)

Question 6

Network Level Session Hijacking:

• The attacker can inject the malicious data or commands into the intercepted communications in the TCP session even if the source-routing is disabled.
• The attacker can send the data or commands but has no access to see the response.
  a. UDP Hijacking
  b. Blind Hijacking
  c. RST Hijacking
  d. TCP/IP Hijacking

Answer 6

b. Blind Hijacking

Question 7

An attacker relies on the legitimate user to connect and authenticate and will then take over the session.

Answer 7

Session Hijacking

Question 8

The attacker pretends to be another user or machine to gain access.

Answer 8

Spoofing Attack