Replay Attacks 2.4 Flashcards
1
Q
Replay Attacks
A
- Attempts to recreate the conditions that the sequence of events occurred.
- Attacker replays the data to appear as the victim or someone else.
- Not an On-Path Attack
2
Q
Methods to Perform a Replay Attack
A
- Network tapping
- ARP poisoning
- Place malware on the computer
3
Q
Pass the Hash
A
- Attacker captures the hash used to authenticate a process.
- Is injected into a process in place of the password.
4
Q
Avoiding “Pass The Hash”
A
- Use salt or encryption
- Session ID
5
Q
Cookies
A
- Text files sent with every request to a website
- Used for tracking, personalization, session management
6
Q
Security Risks of Cookies
A
- Contains lots of user information and personal data
7
Q
Session Hijacking
A
- Also known as Sidejacking
- Attack against the communication session
- Injects packets into the middle of the communication session.
8
Q
Session ID
A
- A unique ID provided by server to identify a user’s session upon accessing the system.
- Contained within the Headers that are sent back and forth between each system.
9
Q
Header Manipulation Methods
A
- Information gather: Wireshark, Kismet
- Exploits such as Cross-site scripting
- Modifying headers
- Modifying cookies
10
Q
Preventing Session Hijacking
A
- Encrypt end to end: Encrypting from the device to the server/system
- Encrypt end-to-somewhere: Partial encryption