Session Hijacking Flashcards
sslstrip tool in order to sniff HTTPS traffic. Knowing that HTTPS traffic is encrypted and cannot be sniffed normally, explain the reason why it is possible to see the traffic in cleartext.
Sslstrip tool is exploiting user behavior and if a user does not type https:// in front of the link, and the website has redirection from HTTP to HTTPS, it will intercept HTTP 302 redirection and send the user exactly what the user asked for, i.e. HTTPsite
IPSec
IPSec is a protocol suite developed by the IETF for securing IP communications by authenticating and encrypting each IP packet of a communication session. It is deployed widely to implement virtual private networks (VPNs) and for remote user access through dial-up connection to private networks
network-level hijacking attacks
Blind Hijacking, Man-in-the-Middle: Packet Sniffer along with Forged ICMP and ARP Spoofing, and UDP Hijacking
TCP/IP hijacking
an attacker intercepts an established connection between two communicating parties using spoofed packets, and then pretends to be one of them. In this approach, the attacker uses spoofed packets to redirect the TCP traffic to his/her own machine. Once this is successful, the victim’s connection hangs and the attacker is able to communicate with the host’s machine on behalf of the victim.
RST Hijacking can be carried out using
a packet crafting tool such as Colasoft’s Packet Builder and TCP/IP analysis tool such as tcpdump.
network-level session hijacking technique can be used to inject malicious data or commands into the intercepted communications in a TCP session
Blind Hijacking
Client isolation Wi-Fi feature
will prevent clients to see each other on Wi-Fi network, effectively preventing ARP spoofing. This will also prevent clients to see any other machine on the network, but since this is only used to surf the Internet it is obviously the easiest and the best way to do.
Involves using packet-sniffing software such as Wireshark and SteelCentral packet analyzer to monitor session hijacking attacks. The packet sniffer captures packets in transit across the network, which is then analyzed.
The manual method
security feature that tells a web client to associate a specific cryptographic public key with a certain web server to decrease the risk of MITM attacks with forged certificates. Using HTTP Public Key Pinning (HPKP) allows users authenticate web servers.
HTTP Public Key Pinning (HPKP)
the secure version of HTTP, the protocol over which data is sent between a browser and a website.
HTTPS
SSH is a network protocol used to remotely access and manage a device.
SSH
Separate protocol packaged with SSH that works in a similar way over a secure connection.
SFTP
Which protocol defines the payload formats, types of exchange, and naming conventions for security information such as cryptographic algorithm or security policies.
DOI
used for security testing of web applications such as decrypting HTTPS traffic, and manipulating requests using a man-in-the-middle decryption technique
Fiddler
ARP poisoning tools
BetterCAP, MITMf, and Cain and Abel
